re+0x400/0x400 [ 1343.287805] ? lock_release+0x3b2/0x750 [ 1343.288653] ___sys_sendmsg+0xf3/0x170 [ 1343.289473] ? sendmsg_copy_msghdr+0x160/0x160 [ 1343.290438] ? lock_release+0x3b2/0x750 [ 1343.291276] ? lock_downgrade+0x6d0/0x6d0 [ 1343.292157] ? lock_release+0x3b2/0x750 [ 1343.292994] ? ksys_write+0x20c/0x250 [ 1343.293793] ? lock_downgrade+0x6d0/0x6d0 [ 1343.294679] ? __fget_files+0x287/0x470 [ 1343.295557] ? __fget_light+0xea/0x270 02:56:40 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1343.296375] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1343.297686] __sys_sendmsg+0xe5/0x1b0 [ 1343.298478] ? __sys_sendmsg_sock+0x30/0x30 [ 1343.299377] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1343.300560] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1343.301655] do_syscall_64+0x3b/0x90 [ 1343.302437] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1343.303518] RIP: 0033:0x7f16affa1b19 [ 1343.304289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.308119] RSP: 002b:00007f16ad4f6188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1343.309695] RAX: ffffffffffffffda RBX: 00007f16b00b5020 RCX: 00007f16affa1b19 [ 1343.311200] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 02:56:40 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, 0x0) [ 1343.312714] RBP: 00007f16ad4f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1343.314272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.315785] R13: 00007fff4a94b43f R14: 00007f16ad4f6300 R15: 0000000000022000 [ 1343.317308] 02:56:40 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400"], 0x20}], 0x1}, 0x0) 02:56:40 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {0x0}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:56:40 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x5, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1343.461039] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1343.467054] blktrace: Concurrent blktraces are not allowed on sg0 02:56:40 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) (fail_nth: 12) [ 1343.482575] blktrace: Concurrent blktraces are not allowed on sg0 [ 1343.569046] FAULT_INJECTION: forcing a failure. [ 1343.569046] name failslab, interval 1, probability 0, space 0, times 0 [ 1343.570305] CPU: 1 PID: 8463 Comm: syz-executor.6 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1343.571167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1343.572348] Call Trace: [ 1343.572647] [ 1343.572883] dump_stack_lvl+0x8b/0xb3 [ 1343.573293] should_fail.cold+0x5/0xa [ 1343.573700] should_failslab+0x5/0x10 [ 1343.574105] __kmalloc_node_track_caller+0x7e/0x440 [ 1343.574639] ? netlink_ack+0x1f0/0xa80 [ 1343.575063] __alloc_skb+0xe3/0x340 [ 1343.575461] netlink_ack+0x1f0/0xa80 [ 1343.575853] ? nl80211_join_ibss+0x1220/0x1220 [ 1343.576338] ? netlink_sendmsg+0xe00/0xe00 [ 1343.576781] ? lock_release+0x750/0x750 [ 1343.577212] netlink_rcv_skb+0x348/0x430 [ 1343.577637] ? genl_get_cmd+0x480/0x480 [ 1343.578057] ? netlink_ack+0xa80/0xa80 [ 1343.578470] ? netlink_deliver_tap+0x1b2/0xc30 [ 1343.578958] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1343.579486] ? is_vmalloc_addr+0x7b/0xb0 [ 1343.579917] genl_rcv+0x24/0x40 [ 1343.580266] netlink_unicast+0x54a/0x800 [ 1343.580693] ? netlink_attachskb+0x880/0x880 [ 1343.581154] ? is_vmalloc_addr+0x7b/0xb0 [ 1343.581592] netlink_sendmsg+0x904/0xe00 [ 1343.582026] ? netlink_unicast+0x800/0x800 [ 1343.582472] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1343.583065] ? netlink_unicast+0x800/0x800 [ 1343.583508] sock_sendmsg+0x150/0x190 [ 1343.583911] ____sys_sendmsg+0x703/0x870 [ 1343.584344] ? kernel_sendmsg+0x50/0x50 [ 1343.584762] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1343.585235] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1343.585788] ? lock_release+0x3b2/0x750 [ 1343.586212] ___sys_sendmsg+0xf3/0x170 [ 1343.586624] ? sendmsg_copy_msghdr+0x160/0x160 [ 1343.587105] ? lock_release+0x3b2/0x750 [ 1343.587523] ? lock_downgrade+0x6d0/0x6d0 [ 1343.587958] ? lock_release+0x3b2/0x750 [ 1343.588374] ? ksys_write+0x20c/0x250 [ 1343.588776] ? lock_downgrade+0x6d0/0x6d0 [ 1343.589212] ? __fget_files+0x287/0x470 [ 1343.589644] ? __fget_light+0xea/0x270 [ 1343.590055] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1343.590640] __sys_sendmsg+0xe5/0x1b0 [ 1343.591047] ? __sys_sendmsg_sock+0x30/0x30 [ 1343.591495] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1343.592087] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1343.592631] do_syscall_64+0x3b/0x90 [ 1343.593024] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1343.593557] RIP: 0033:0x7f16affa1b19 [ 1343.593947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.595861] RSP: 002b:00007f16ad517188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1343.596652] RAX: ffffffffffffffda RBX: 00007f16b00b4f60 RCX: 00007f16affa1b19 [ 1343.597390] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 1343.598133] RBP: 00007f16ad5171d0 R08: 0000000000000000 R09: 0000000000000000 [ 1343.598881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.599620] R13: 00007fff4a94b43f R14: 00007f16ad517300 R15: 0000000000022000 [ 1343.600376] [ 1358.106244] blktrace: Concurrent blktraces are not allowed on sg0 02:56:55 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {0x0}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:56:55 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:56:55 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f00000027c0)=ANY=[@ANYBLOB="010000003b32c1cba503f639c2d2b1bf9de2bd46d4a258e230a7e1a468", @ANYRES32=r0, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={r5, 0x101}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000050500)={0x0, r5, "a39e30bcd9cd2bef3ba6da5ccf13ad3d01dfc7ff5ca5e8720cefc76c509b7b37b5d619cfb78370537fc2b039507a4de846a6bdf0dcdd8d61acb3ad113e6cc5f3d78fa203743f6b213bb4a35748a21da67aa061c1aafd4e2005dbf3c5f90cb2ba3bb3db765db199c2d90a927e9e7d920476cb376ba44eba8ee841b51d109262faccc090acb529e2b2fc2ff38c043bd4a28188d68385c428825eda67c26eb81c3495bb01148d54799431df8e063ddfc566b739b946e7962d2cb73832963ea2b71c56d1165fae6cff6cccc3360cbab5d6e65edaad42db4ac3904d73da75b824aec190c4c47f2dbe89f0b353c11ebfe45e47ddc6a80116357916d881350ff9d143d4", "6ed14c6089716b98fcc089bae4f6e1a4613fee779387f400f2ab69d0c193b3576fd8a8e6e487c44ab000f37ee4be9cd718add070321797fcffa835eeddf14091052167350e334b528c713367717fc7ca69df998efb4722bb5b262a191f7e8bd4d01035b80813e311ebc4282a8fa2a5f3adb8fa57fb15b4b5fe5911c2efe0b00431fe8a613dca64c926b6bc601062ca67594f381737d432ea7539a3a5efd18917b9eb6fad7d7724cf9457eb7af17ee04fdaa0199ee200884b704944ecd640ce2c7220f2a3c9e252439227586bad92a1efdb30306baac589fe3e18c2514c6536c02947698fbe8c07fdb8beeab9d2578c5066ac84e479b453759906bbfd0e48e0d2ebd20a34f46c3717a8a915870c1de1744e475bc74613607113bd321a9575f5e38d289bebfe993383228866eb7f9c2804a60824b7721eeeca072656781636b37ce5fce1f310bd7301010f0e40bd98341997ea886cc8a258acbb3602660a0fb083a4370b89caa1227f8b6ed4681bff458a3175f8a7c4f7da4f61873f5fe066bb74ab30294dd6bdc5ed0579a7f909969da0e00e8bec0ef0787508937cb037a004cedb98ba5a52eb77893218564a1f90324bc1b63a8fb3596ae9c8a109a5b6a45957ac8b3adb77ed9307eaeedc4862a1783ad0c1da818b0b976f53258a52386e224ea40512e267dab8160279ed64d3d43cba46ed6feced99f4ca6b71db1e4f8e58a1ddbb251816584359b378cc22b4480126ba81ff36eb2c9ece554a6031dedd344123bb47c89309496d2cc9941979702337bfd8ec2c397274a93b4637287b4461a8316591156bc6df0d89eb859d56dcdfb4931a76f8cb92f282fbd252e2a37102a3eae34b11dd343a556c45f1e65debb412c293af9e10bea1142af53f95fbce56b462d95bdd2f89428b505505241e7c3dd3227ba05c656ebac5963b6784ea4927a2c1484499205a4304e73bfaee30ff6a6ead7526b6a275a7d3b05d3176c8aa64025bf66f42a3966a56aef0cb99475b980610a7e235f02ba29260fbb1cc2813a6aa395b23184bf0d4bd2610859bb402d57b9ddd1c49b799c42e4fa61edd365cecf5a5b59bed631168882256ebcc9d30dd3342f75908199ea4b3a3f765a26383747446ac25c8183e6f31f5aeb60ec480cc10715326f28d1d088886ee1be07faf314d7f2967aab9416f2d6726ff097f0894c854b5490bcabf3c781345e893e536afca869d4e6a6403a99a2c105a5f0085e650eb46ab92253ea54e129f5f865c52cf423a5e7ead374342c39d91e0bf3124d2fcbc8791cefb1e5349b2a6ce1b5ad1f923d0036fb119d96fbcd4a57b251d1f62bf8d49b40d3b7806ff3be9a204fde0820fa6b8fef057c4f4324184c64d750d349578549e343a7ee6ccdded50abff02d0433739f5b9f3b619a80b07f5ba62c6b386b8c4483209c366dd51a2c1bd3bb9d1b01357386f352f23f746a6f03e6d68a7adace0454f46cefb30292cfba171f68789bf7dd2d0f5ada68fa27f40c843dbbd4535212eb0d4b0aec3578001ee7ce6ce711584368ecc46330b017352eeb5bb69773aee155543ad0cda9e43444f97d8a972837ace60640d18eff1e0689ddce75d694c85d43a9603d1ffe58c42393d34c6090c320f3e9c6facd117a6b9d9f7808a8f1a268ab81fabec7e0ad5b95b0392cd04614e9cfc95db2cdd34374324f83a858c3d46fc3b430b5b6b8e27871e961fc24da3d85b924276ce73452cd000f0b2f245a255560faff9d91f28811ac21bcbc2976ed332cebe7c0a3621e3126e283dd6f2bfd7955a27ae7bafe4738bdf038a6975cffd5e698c4dc74d194b90f1bda6287e263a0ddae4dc02d355781cb8e8d16b03a41b22e8e5b025a921f5c543fd09fd9730a1b2c3fc983f068b534b69dbe985f6a1593a7aa0a86ed4d4dd1bb5f151626b4f32cded28917582b12050894aa1b00f2dd6dc7866ab362e318a0fe27f750bec69dc82e7ff08c1bce75782cb20505ba416714eed780635c7ae9b9a06b90944375d33249d5ca4f732c03387388828cd0ab881d143f98fd854a40ade3963985a22baab5967bbd2543f231dcb295ba8050c2a8bb1603feda6877be98688a37d70ad944e6b81d1e8c5e013a5b22c52c0f42da321038e53f1bd77b008404ce6eec87e1effa22eed11c5bcdcefff6c3f2160a6f62f88ae33976a50546098a9fe6649f7bf840b99e1934c0337bb508ed13fb5ce37252a659ed80f44581bc591c61d66e35742505c67cc7d039771a0c545cd4d35d0265ba67915414b0e800dae2f8f703ebbe98b433d0686bf77959b566fc20276c387a1021d4b88bc29a25ebef1f24f5cef7325224762dc605a2c2c81d906feca693cad7895a598633b2720c6a7de9691c54422229d27ca8c48af8a16ec877b5abb93c2f1e48faff8a613213df3f2a008f8cdd714f105697798e95976110d0bde9c880bbd74d4c246208cbba710b8115292ffc5476410ed8b14bd22c3bd6a867ddfa38d07f07ebadc87cc7eaaacdd4f0e542ed9233a406fc74c6a6443deb3f32accbbfc380919effaf32014f8a7c5ae9dedf26bccba8f02f977dc7f2fc8c0b4ecd01a174d10af07912f07bb4041c48458248e34d95e78f737c572dde15d88b4d5b78a110ed971029ee7a9dfc8031cc00d0c66808355f5c526be9a6011389904403c1952189005549f0a088658fd984128b0d16185df1f1fdd34455a478f5cf5f378125c0bd36c0cfd551f6f298bd79e2f6c1cffaa11d4ac23b68790fcb02dd537eaffbec3cb0bfc9f6963657b684ef3ca8c8981ea8259126119f69c6bdfa401ceded5463dc027339a01a8cbd8eb1cfa75bb1f700bc53690a99da257dbf86c5d28c3e0ed3e4e99d89b26afc3dccd02a1e4b00440e9abe7b07a100e0506d27ae708902572d3b2139514d22ba3c8dc39d6add62522b70a5d591318be4a6fa0acd2d9299e53aab961177ee3fe6523ac396e483a3b9ce935d5901a37e2340e0135f2287a271c88cb1cefa83f05bec4d02606d3d559b8fe209e2ddf8ee6161fea64c3b63c9515b41abf451a8657435e788190c3c447b334abdd088c5a5b975897b367784dda36005def6377f9fad72164f63f4d36c86fc3d75070a46ef6e5b5f7d80c6f55c8c379c05320baa3c435c08b216c90217643fcca51cb733404bad43e6ac4b6522d8c9e360b153b0377b58d5d2e01f14104f78ea09c878ec72d29a4dfeae763b1699805b05e9accd0be69ffba8efe236ce6038a651825204ab1c6b063495c5d7772f624795be0568d314cf8f97382e0d5673a63d91c8a2dfe2ba1b5d5e7187235e1e3978bcca3799fd3655b28b2fe64d8efe6b7bba7ec2c3c06c1228d33b64eebc8428c67efb217e7b58ce1ec50444656544b56c83be43b13a4499d78c350d38ed192c11710982100a3dfbee49802b0a9a761cf431db9bcf705860c1f2c6d60dedc95c3e4b26f3894169bd81d1c0b8b0682b49579552629e9d6dc35a919ccf6d747d74834daef574d4dbfe8d1b7e518d5d64b186e8679de5404d56d599061a9a9738ed3021ef1d57cbb5cb76c7f937587b4b26bbe55e94a805ebf44ea532179039d0fcafaad99ddae3757b47b7d1a537fb113a9da5c81505460ba192d8fc5e9232ba9cf9661b88f84b02c2eff5613e9e7f95d787e8bbdf94d299d2b9cfb4161b51ca5fa8b0cb78cd5ca048cd1d05cd391a6eca9cd1c75411cf7af5dc785dac245c52e3551934213dbffe28f242f1766522cb1ee731769c226ecbc5e5bd458d46cc927fd6a5d50b666b66c25d74e7026f9b1889c1f7123b0df4a12806ab6712b4ffc521b305b9b9cba5d2833458d74a89b7bc5ca9875cda61ac8259d0d0f4586b3230a80b168fe662ea89bac5bb0eca1508f46f7e662ba7e3e646ca94c956e22aeea8a66d7b3a1003698624defe95426f05ca839b10baa4b301314f46ad3f8e150bdb4105b22cce245587f243b2aa057427261e71b6b5108d393ed4e8d87ec701b432ad4fdfb1625158920463a991fe65f6628742161d5ec933f846b99c40c66167397938393c6c17102b7fa599dec8265adaa4697139b7eb9ff6fe476b9330d3c2aac9d0767e845ff85f669ecc5a847a94950944d76b48dc4a2b045d8818c8fd948502a4a536ef7f373e5b5d2deb42e3ca62d001af48a4ee2086c420cefc1a608dc481469c3eac38445a53b32691b4a1b36b40dc21d87d7a27c7fb667fbdc5f70de072cba4a8db45ba6aa11ed52559cdafe7ad2bc95a4110a7845136fab847b72e2515e077f83ba211d2251424f4518ca10bace8491709806bda482795d4a330285208dec20433e62ccec3111765fff6305532d65814bb6b9218d293d0821779f1aba96c20ac29f55927cbe0673a0c246675b995a77da6b29ebf779d79c42c95aee3a2b92123752a8f0f6f1ea2c39941ac9df56e86cde471f3047a14d7b17f0207578a5f330f049b611b3eb62900cb3bf50d386f988b83ca6ba9e24f8b1aecc735318e7f60506393df1d1b09cec6a748836c1cfb6074dbc21909e82b0133f6a4be2a1b80dd1806019e6943e1268c3534cf5861630df0406ba33a36dc10d2c600f496b05a1053063d7840ca4e57e612e8b22cc7b44240cb4a1180506e54627c16502fce4300c4c0ac8769d1c61dfd27d2cfb7f70cf2b306304349d8d08b37b95151c2bea2a1f2d2bf62ef0e910ee05e6aec750b802b9c65d078769fa4157fd12226e85049663e87a5e54cde8da2aa97106e511a1f87c880003c23cc95475954eacd1cd334dfb7710038c39e7632cc233260328eb363d5e6866bce561c5e20d8951cfd93a78b54f23a09f5483cbedd35a62815c93104439c4dca35f41734e0028f6ea24d18110aecec6c601d8bd17980e329cc73948cbf29a78c25c6a74a95280e720c945637dc8bebfd88bf8209d96a418f52838cba8503a5f88cb0bf74676007df8928d7e1924048bb19c8f326955d6a960ddb97c5593f50688cae526720d3b77dc4d16cfb21b002786cdd7e49a756368930316d9bb5b2e1234b9a90b2285da5a7410e933baeeb4a9aa6fd0f723fd96cbca29ee08b2f7cfa875e557e4ec4d76c4b6f40a038f6e2204b299574c96f3d7119c41419a3a74f3f2a4673d945ea51c54574319207c36aa1d26147e189a8e605e66a051c4be947dcda70fb344ae5fc5b94690140b7a7cc03452eef6d824e2718fa5fd3ebcc36c08452dc9928bed6572741d171e9ed3e38f57596266b41311478f52837f485b7bd8b9be40d87500e1f3fc6cc75a4b801e9b8a6fb44797ae3d6d4ac776b2b141c5e8ef067ad974378db61a909b1c69bcf2064b13742d9c03fa3550507f8c163755cbbf2ad59441e136c929c247d4bf828fd1e6d73867d190e6967138ac031e1c6e3c90c5087eea2305c046094b11e75a1b7415a772cb12cf75d2"}) r8 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r8, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {0x0, 0x0}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {r9}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000050500)={0x0, 0x0, "a39e30bcd9cd2bef3ba6da5ccf13ad3d01dfc7ff5ca5e8720cefc76c509b7b37b5d619cfb78370537fc2b039507a4de846a6bdf0dcdd8d61acb3ad113e6cc5f3d78fa203743f6b213bb4a35748a21da67aa061c1aafd4e2005dbf3c5f90cb2ba3bb3db765db199c2d90a927e9e7d920476cb376ba44eba8ee841b51d109262faccc090acb529e2b2fc2ff38c043bd4a28188d68385c428825eda67c26eb81c3495bb01148d54799431df8e063ddfc566b739b946e7962d2cb73832963ea2b71c56d1165fae6cff6cccc3360cbab5d6e65edaad42db4ac3904d73da75b824aec190c4c47f2dbe89f0b353c11ebfe45e47ddc6a80116357916d881350ff9d143d4", "6ed14c6089716b98fcc089bae4f6e1a4613fee779387f400f2ab69d0c193b3576fd8a8e6e487c44ab000f37ee4be9cd718add070321797fcffa835eeddf14091052167350e334b528c713367717fc7ca69df998efb4722bb5b262a191f7e8bd4d01035b80813e311ebc4282a8fa2a5f3adb8fa57fb15b4b5fe5911c2efe0b00431fe8a613dca64c926b6bc601062ca67594f381737d432ea7539a3a5efd18917b9eb6fad7d7724cf9457eb7af17ee04fdaa0199ee200884b704944ecd640ce2c7220f2a3c9e252439227586bad92a1efdb30306baac589fe3e18c2514c6536c02947698fbe8c07fdb8beeab9d2578c5066ac84e479b453759906bbfd0e48e0d2ebd20a34f46c3717a8a915870c1de1744e475bc74613607113bd321a9575f5e38d289bebfe993383228866eb7f9c2804a60824b7721eeeca072656781636b37ce5fce1f310bd7301010f0e40bd98341997ea886cc8a258acbb3602660a0fb083a4370b89caa1227f8b6ed4681bff458a3175f8a7c4f7da4f61873f5fe066bb74ab30294dd6bdc5ed0579a7f909969da0e00e8bec0ef0787508937cb037a004cedb98ba5a52eb77893218564a1f90324bc1b63a8fb3596ae9c8a109a5b6a45957ac8b3adb77ed9307eaeedc4862a1783ad0c1da818b0b976f53258a52386e224ea40512e267dab8160279ed64d3d43cba46ed6feced99f4ca6b71db1e4f8e58a1ddbb251816584359b378cc22b4480126ba81ff36eb2c9ece554a6031dedd344123bb47c89309496d2cc9941979702337bfd8ec2c397274a93b4637287b4461a8316591156bc6df0d89eb859d56dcdfb4931a76f8cb92f282fbd252e2a37102a3eae34b11dd343a556c45f1e65debb412c293af9e10bea1142af53f95fbce56b462d95bdd2f89428b505505241e7c3dd3227ba05c656ebac5963b6784ea4927a2c1484499205a4304e73bfaee30ff6a6ead7526b6a275a7d3b05d3176c8aa64025bf66f42a3966a56aef0cb99475b980610a7e235f02ba29260fbb1cc2813a6aa395b23184bf0d4bd2610859bb402d57b9ddd1c49b799c42e4fa61edd365cecf5a5b59bed631168882256ebcc9d30dd3342f75908199ea4b3a3f765a26383747446ac25c8183e6f31f5aeb60ec480cc10715326f28d1d088886ee1be07faf314d7f2967aab9416f2d6726ff097f0894c854b5490bcabf3c781345e893e536afca869d4e6a6403a99a2c105a5f0085e650eb46ab92253ea54e129f5f865c52cf423a5e7ead374342c39d91e0bf3124d2fcbc8791cefb1e5349b2a6ce1b5ad1f923d0036fb119d96fbcd4a57b251d1f62bf8d49b40d3b7806ff3be9a204fde0820fa6b8fef057c4f4324184c64d750d349578549e343a7ee6ccdded50abff02d0433739f5b9f3b619a80b07f5ba62c6b386b8c4483209c366dd51a2c1bd3bb9d1b01357386f352f23f746a6f03e6d68a7adace0454f46cefb30292cfba171f68789bf7dd2d0f5ada68fa27f40c843dbbd4535212eb0d4b0aec3578001ee7ce6ce711584368ecc46330b017352eeb5bb69773aee155543ad0cda9e43444f97d8a972837ace60640d18eff1e0689ddce75d694c85d43a9603d1ffe58c42393d34c6090c320f3e9c6facd117a6b9d9f7808a8f1a268ab81fabec7e0ad5b95b0392cd04614e9cfc95db2cdd34374324f83a858c3d46fc3b430b5b6b8e27871e961fc24da3d85b924276ce73452cd000f0b2f245a255560faff9d91f28811ac21bcbc2976ed332cebe7c0a3621e3126e283dd6f2bfd7955a27ae7bafe4738bdf038a6975cffd5e698c4dc74d194b90f1bda6287e263a0ddae4dc02d355781cb8e8d16b03a41b22e8e5b025a921f5c543fd09fd9730a1b2c3fc983f068b534b69dbe985f6a1593a7aa0a86ed4d4dd1bb5f151626b4f32cded28917582b12050894aa1b00f2dd6dc7866ab362e318a0fe27f750bec69dc82e7ff08c1bce75782cb20505ba416714eed780635c7ae9b9a06b90944375d33249d5ca4f732c03387388828cd0ab881d143f98fd854a40ade3963985a22baab5967bbd2543f231dcb295ba8050c2a8bb1603feda6877be98688a37d70ad944e6b81d1e8c5e013a5b22c52c0f42da321038e53f1bd77b008404ce6eec87e1effa22eed11c5bcdcefff6c3f2160a6f62f88ae33976a50546098a9fe6649f7bf840b99e1934c0337bb508ed13fb5ce37252a659ed80f44581bc591c61d66e35742505c67cc7d039771a0c545cd4d35d0265ba67915414b0e800dae2f8f703ebbe98b433d0686bf77959b566fc20276c387a1021d4b88bc29a25ebef1f24f5cef7325224762dc605a2c2c81d906feca693cad7895a598633b2720c6a7de9691c54422229d27ca8c48af8a16ec877b5abb93c2f1e48faff8a613213df3f2a008f8cdd714f105697798e95976110d0bde9c880bbd74d4c246208cbba710b8115292ffc5476410ed8b14bd22c3bd6a867ddfa38d07f07ebadc87cc7eaaacdd4f0e542ed9233a406fc74c6a6443deb3f32accbbfc380919effaf32014f8a7c5ae9dedf26bccba8f02f977dc7f2fc8c0b4ecd01a174d10af07912f07bb4041c48458248e34d95e78f737c572dde15d88b4d5b78a110ed971029ee7a9dfc8031cc00d0c66808355f5c526be9a6011389904403c1952189005549f0a088658fd984128b0d16185df1f1fdd34455a478f5cf5f378125c0bd36c0cfd551f6f298bd79e2f6c1cffaa11d4ac23b68790fcb02dd537eaffbec3cb0bfc9f6963657b684ef3ca8c8981ea8259126119f69c6bdfa401ceded5463dc027339a01a8cbd8eb1cfa75bb1f700bc53690a99da257dbf86c5d28c3e0ed3e4e99d89b26afc3dccd02a1e4b00440e9abe7b07a100e0506d27ae708902572d3b2139514d22ba3c8dc39d6add62522b70a5d591318be4a6fa0acd2d9299e53aab961177ee3fe6523ac396e483a3b9ce935d5901a37e2340e0135f2287a271c88cb1cefa83f05bec4d02606d3d559b8fe209e2ddf8ee6161fea64c3b63c9515b41abf451a8657435e788190c3c447b334abdd088c5a5b975897b367784dda36005def6377f9fad72164f63f4d36c86fc3d75070a46ef6e5b5f7d80c6f55c8c379c05320baa3c435c08b216c90217643fcca51cb733404bad43e6ac4b6522d8c9e360b153b0377b58d5d2e01f14104f78ea09c878ec72d29a4dfeae763b1699805b05e9accd0be69ffba8efe236ce6038a651825204ab1c6b063495c5d7772f624795be0568d314cf8f97382e0d5673a63d91c8a2dfe2ba1b5d5e7187235e1e3978bcca3799fd3655b28b2fe64d8efe6b7bba7ec2c3c06c1228d33b64eebc8428c67efb217e7b58ce1ec50444656544b56c83be43b13a4499d78c350d38ed192c11710982100a3dfbee49802b0a9a761cf431db9bcf705860c1f2c6d60dedc95c3e4b26f3894169bd81d1c0b8b0682b49579552629e9d6dc35a919ccf6d747d74834daef574d4dbfe8d1b7e518d5d64b186e8679de5404d56d599061a9a9738ed3021ef1d57cbb5cb76c7f937587b4b26bbe55e94a805ebf44ea532179039d0fcafaad99ddae3757b47b7d1a537fb113a9da5c81505460ba192d8fc5e9232ba9cf9661b88f84b02c2eff5613e9e7f95d787e8bbdf94d299d2b9cfb4161b51ca5fa8b0cb78cd5ca048cd1d05cd391a6eca9cd1c75411cf7af5dc785dac245c52e3551934213dbffe28f242f1766522cb1ee731769c226ecbc5e5bd458d46cc927fd6a5d50b666b66c25d74e7026f9b1889c1f7123b0df4a12806ab6712b4ffc521b305b9b9cba5d2833458d74a89b7bc5ca9875cda61ac8259d0d0f4586b3230a80b168fe662ea89bac5bb0eca1508f46f7e662ba7e3e646ca94c956e22aeea8a66d7b3a1003698624defe95426f05ca839b10baa4b301314f46ad3f8e150bdb4105b22cce245587f243b2aa057427261e71b6b5108d393ed4e8d87ec701b432ad4fdfb1625158920463a991fe65f6628742161d5ec933f846b99c40c66167397938393c6c17102b7fa599dec8265adaa4697139b7eb9ff6fe476b9330d3c2aac9d0767e845ff85f669ecc5a847a94950944d76b48dc4a2b045d8818c8fd948502a4a536ef7f373e5b5d2deb42e3ca62d001af48a4ee2086c420cefc1a608dc481469c3eac38445a53b32691b4a1b36b40dc21d87d7a27c7fb667fbdc5f70de072cba4a8db45ba6aa11ed52559cdafe7ad2bc95a4110a7845136fab847b72e2515e077f83ba211d2251424f4518ca10bace8491709806bda482795d4a330285208dec20433e62ccec3111765fff6305532d65814bb6b9218d293d0821779f1aba96c20ac29f55927cbe0673a0c246675b995a77da6b29ebf779d79c42c95aee3a2b92123752a8f0f6f1ea2c39941ac9df56e86cde471f3047a14d7b17f0207578a5f330f049b611b3eb62900cb3bf50d386f988b83ca6ba9e24f8b1aecc735318e7f60506393df1d1b09cec6a748836c1cfb6074dbc21909e82b0133f6a4be2a1b80dd1806019e6943e1268c3534cf5861630df0406ba33a36dc10d2c600f496b05a1053063d7840ca4e57e612e8b22cc7b44240cb4a1180506e54627c16502fce4300c4c0ac8769d1c61dfd27d2cfb7f70cf2b306304349d8d08b37b95151c2bea2a1f2d2bf62ef0e910ee05e6aec750b802b9c65d078769fa4157fd12226e85049663e87a5e54cde8da2aa97106e511a1f87c880003c23cc95475954eacd1cd334dfb7710038c39e7632cc233260328eb363d5e6866bce561c5e20d8951cfd93a78b54f23a09f5483cbedd35a62815c93104439c4dca35f41734e0028f6ea24d18110aecec6c601d8bd17980e329cc73948cbf29a78c25c6a74a95280e720c945637dc8bebfd88bf8209d96a418f52838cba8503a5f88cb0bf74676007df8928d7e1924048bb19c8f326955d6a960ddb97c5593f50688cae526720d3b77dc4d16cfb21b002786cdd7e49a756368930316d9bb5b2e1234b9a90b2285da5a7410e933baeeb4a9aa6fd0f723fd96cbca29ee08b2f7cfa875e557e4ec4d76c4b6f40a038f6e2204b299574c96f3d7119c41419a3a74f3f2a4673d945ea51c54574319207c36aa1d26147e189a8e605e66a051c4be947dcda70fb344ae5fc5b94690140b7a7cc03452eef6d824e2718fa5fd3ebcc36c08452dc9928bed6572741d171e9ed3e38f57596266b41311478f52837f485b7bd8b9be40d87500e1f3fc6cc75a4b801e9b8a6fb44797ae3d6d4ac776b2b141c5e8ef067ad974378db61a909b1c69bcf2064b13742d9c03fa3550507f8c163755cbbf2ad59441e136c929c247d4bf828fd1e6d73867d190e6967138ac031e1c6e3c90c5087eea2305c046094b11e75a1b7415a772cb12cf75d2"}) r27 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r27, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {}, {}, {0x0, r26}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r25}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r28}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r29}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r25}, {}, {0x0, r29}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r28}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r29}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r28}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_INO_LOOKUP(r3, 0xd0009412, &(0x7f00000017c0)={r25, 0x8}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051500)={0x7cbb, [{}, {}, {}, {}, {}, {r23}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r30}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {r24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r21}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {0x0, r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {0x0, r31}, {}, {}, {}, {0x0, r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {0x0, r7}, {}, {0x0, r10}], 0xff, "dda46f09132a67"}) ioctl$BTRFS_IOC_INO_LOOKUP(r2, 0xd0009412, &(0x7f0000000080)={r5, 0x8f0}) 02:56:55 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) (fail_nth: 13) 02:56:55 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, 0x0) 02:56:55 executing program 2: perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) preadv(r1, &(0x7f00000006c0)=[{&(0x7f0000000040)=""/33, 0x21}, {&(0x7f0000000140)=""/147, 0x93}, {&(0x7f0000000200)=""/230, 0xe6}, {&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/181, 0xb5}, {&(0x7f0000000440)=""/219, 0xdb}, {&(0x7f0000000540)=""/184, 0xb8}, {&(0x7f0000000600)=""/160, 0xa0}], 0x8, 0x4, 0x1) syncfs(r0) 02:56:55 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x6, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:56:55 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400"], 0x20}], 0x1}, 0x0) [ 1358.111332] FAULT_INJECTION: forcing a failure. [ 1358.111332] name failslab, interval 1, probability 0, space 0, times 0 [ 1358.112851] CPU: 1 PID: 8471 Comm: syz-executor.6 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1358.113897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1358.115344] Call Trace: [ 1358.115672] [ 1358.115958] dump_stack_lvl+0x8b/0xb3 [ 1358.116456] should_fail.cold+0x5/0xa [ 1358.117118] ? create_object.isra.0+0x3a/0xa20 [ 1358.118204] should_failslab+0x5/0x10 [ 1358.119132] kmem_cache_alloc+0x5b/0x480 [ 1358.120110] create_object.isra.0+0x3a/0xa20 [ 1358.121139] ? kasan_unpoison+0x23/0x50 [ 1358.122086] __kmalloc_node_track_caller+0x269/0x440 [ 1358.123289] ? netlink_ack+0x1f0/0xa80 [ 1358.124206] __alloc_skb+0xe3/0x340 [ 1358.125076] netlink_ack+0x1f0/0xa80 [ 1358.125946] ? nl80211_join_ibss+0x1220/0x1220 [ 1358.127021] ? netlink_sendmsg+0xe00/0xe00 [ 1358.128022] ? lock_release+0x750/0x750 [ 1358.128865] netlink_rcv_skb+0x348/0x430 [ 1358.129710] ? genl_get_cmd+0x480/0x480 [ 1358.130537] ? netlink_ack+0xa80/0xa80 [ 1358.131367] ? netlink_deliver_tap+0x1b2/0xc30 [ 1358.132325] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1358.133424] ? is_vmalloc_addr+0x7b/0xb0 [ 1358.134323] genl_rcv+0x24/0x40 [ 1358.135043] netlink_unicast+0x54a/0x800 [ 1358.135959] ? netlink_attachskb+0x880/0x880 [ 1358.136917] ? is_vmalloc_addr+0x7b/0xb0 [ 1358.137824] netlink_sendmsg+0x904/0xe00 [ 1358.138720] ? netlink_unicast+0x800/0x800 [ 1358.139653] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1358.140862] ? netlink_unicast+0x800/0x800 [ 1358.141782] sock_sendmsg+0x150/0x190 [ 1358.142593] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1358.142628] ____sys_sendmsg+0x703/0x870 [ 1358.145085] ? kernel_sendmsg+0x50/0x50 [ 1358.145956] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1358.146949] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1358.148110] ? lock_release+0x3b2/0x750 [ 1358.148993] ___sys_sendmsg+0xf3/0x170 [ 1358.149841] ? sendmsg_copy_msghdr+0x160/0x160 [ 1358.150832] ? lock_release+0x3b2/0x750 [ 1358.151714] ? lock_downgrade+0x6d0/0x6d0 [ 1358.152621] ? lock_release+0x3b2/0x750 [ 1358.153487] ? ksys_write+0x20c/0x250 [ 1358.154316] ? lock_downgrade+0x6d0/0x6d0 [ 1358.155262] ? __fget_files+0x287/0x470 [ 1358.156157] ? __fget_light+0xea/0x270 [ 1358.157012] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1358.158218] __sys_sendmsg+0xe5/0x1b0 [ 1358.159054] ? __sys_sendmsg_sock+0x30/0x30 [ 1358.159994] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1358.161218] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.162561] do_syscall_64+0x3b/0x90 [ 1358.163799] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1358.165119] RIP: 0033:0x7f16affa1b19 [ 1358.166200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.171578] RSP: 002b:00007f16ad517188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1358.173405] RAX: ffffffffffffffda RBX: 00007f16b00b4f60 RCX: 00007f16affa1b19 [ 1358.175176] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 1358.176924] RBP: 00007f16ad5171d0 R08: 0000000000000000 R09: 0000000000000000 [ 1358.178678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.180473] R13: 00007fff4a94b43f R14: 00007f16ad517300 R15: 0000000000022000 [ 1358.182274] [ 1358.238822] blktrace: Concurrent blktraces are not allowed on sg0 02:56:55 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000"], 0x20}], 0x1}, 0x0) 02:56:55 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:56:55 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) (fail_nth: 14) 02:56:55 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x7, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1358.492788] blktrace: Concurrent blktraces are not allowed on sg0 02:56:55 executing program 2: perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x12) ptrace$setopts(0x4206, r0, 0x100000000001, 0x44) ptrace(0x4208, r0) ptrace(0x10, r0) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x81, 0x20, 0x0, 0x0, 0x0, 0x6, 0x30544, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x1, @perf_config_ext={0x3, 0x800}, 0x2000, 0x2, 0x20, 0x6, 0x4, 0x9, 0x0, 0x0, 0xdf4, 0x0, 0x7ff}, r0, 0xc, 0xffffffffffffffff, 0x1) r1 = fork() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x12) ptrace$setopts(0x4206, r1, 0x100000000001, 0x44) ptrace(0x4208, r1) ptrace(0x10, r1) wait4(r1, &(0x7f0000000080), 0x2, &(0x7f0000000140)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) ptrace(0x10, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="1e0000003701000201019b4cd7462b400fd1d3a612a10a21037999206dcf5d8a4217ab0000000000000900000000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00'], 0x1e) syncfs(r2) [ 1358.501814] blktrace: Concurrent blktraces are not allowed on sg0 02:56:55 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:56:55 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000"], 0x20}], 0x1}, 0x0) 02:57:09 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:57:09 executing program 2: perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x105241, 0x50) syncfs(r1) 02:57:09 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000"], 0x20}], 0x1}, 0x0) [ 1372.565341] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1372.581365] blktrace: Concurrent blktraces are not allowed on sg0 02:57:09 executing program 4: r0 = memfd_secret(0x80000) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000240)) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x101200, 0x0) sendto$inet(r2, &(0x7f0000000140)="9f3694eb835e87b36eade40851c2f9a3242b01760316d15bbb2f195c449530966ccb3c022dca04f1cd37427355c195ecd7a633f0e44ec882174281e2c8166946a3696a1c9941065036390995e438466d8652949c2a98ea99c25944e72a9496380558cda6", 0x64, 0x1, &(0x7f00000001c0)={0x2, 0x4e24, @local}, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8919, &(0x7f0000000000)={'lo\x00'}) r3 = syz_io_uring_setup(0x3e5b, &(0x7f0000000100), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) syz_io_uring_submit(r4, 0x0, &(0x7f0000000200)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x365cf}, 0x0) socketpair(0x10, 0x6, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) syz_io_uring_setup(0x74aa, &(0x7f0000000000)={0x0, 0x1196, 0x8, 0x0, 0x175, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) r8 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r6, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r7, 0x80, &(0x7f0000000280)=@llc={0x1a, 0x3, 0xfe, 0x3, 0x8, 0x80, @broadcast}, 0x0, 0x0, 0x0, {0x0, r9}}, 0x1) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, r2, &(0x7f0000000200)={0x40, 0x28, 0x5}, &(0x7f0000000280)='./file0\x00', 0x18, 0x0, 0x23456, {0x0, r9}}, 0x9) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x5, 0x0, @fd=r1, 0x51cb, &(0x7f0000000040)="910c5cf57f8cde518b34a5e722b23b598dfaf84c02e01ccd78f4fc90fba5045d4b719a020bb05727b2fe18c5a978164608ca2dc047b46b1be6a718c93aabed770c0eb0bf8acf05af21bd", 0x4a, 0x10, 0x1}, 0x4) syz_open_procfs(0x0, 0x0) 02:57:09 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {0x0}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:57:09 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x108, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:57:09 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:57:09 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 1) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1372.586817] blktrace: Concurrent blktraces are not allowed on sg0 [ 1372.614604] FAULT_INJECTION: forcing a failure. [ 1372.614604] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1372.616054] CPU: 0 PID: 8528 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1372.616948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1372.618194] Call Trace: [ 1372.618486] [ 1372.618730] dump_stack_lvl+0x8b/0xb3 [ 1372.619163] should_fail.cold+0x5/0xa [ 1372.619614] _copy_from_user+0x2a/0x170 [ 1372.620075] __tun_chr_ioctl+0x5de/0x3f10 [ 1372.620550] ? selinux_inode_getsecctx+0x90/0x90 [ 1372.621085] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1372.621601] ? lock_is_held_type+0xd7/0x130 [ 1372.622094] ? selinux_file_ioctl+0xb1/0x260 [ 1372.622589] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1372.623212] ? tun_chr_compat_ioctl+0x30/0x30 [ 1372.623734] __x64_sys_ioctl+0x196/0x210 [ 1372.624200] do_syscall_64+0x3b/0x90 [ 1372.624628] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1372.625213] RIP: 0033:0x7fb21bfaab19 [ 1372.625626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1372.627700] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1372.628545] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1372.629328] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1372.630130] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1372.630926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1372.631728] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1372.632532] 02:57:09 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x300, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:57:09 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:57:09 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 1) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1372.683873] blktrace: Concurrent blktraces are not allowed on sg0 [ 1372.694636] blktrace: Concurrent blktraces are not allowed on sg0 02:57:09 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:57:09 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1372.774087] FAULT_INJECTION: forcing a failure. [ 1372.774087] name failslab, interval 1, probability 0, space 0, times 0 [ 1372.775404] CPU: 0 PID: 8547 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1372.776308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1372.777543] Call Trace: [ 1372.777815] [ 1372.778057] dump_stack_lvl+0x8b/0xb3 [ 1372.778495] should_fail.cold+0x5/0xa [ 1372.778934] ? __do_sys_memfd_create+0xac/0x4e0 [ 1372.779471] should_failslab+0x5/0x10 [ 1372.779902] __kmalloc+0x72/0x440 [ 1372.780307] __do_sys_memfd_create+0xac/0x4e0 [ 1372.780816] do_syscall_64+0x3b/0x90 [ 1372.781243] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1372.781817] RIP: 0033:0x7fcdf05c8b19 [ 1372.782232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1372.784285] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1372.785118] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1372.785914] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1372.786706] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1372.787507] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1372.788295] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1372.789099] 02:57:10 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:57:10 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) [ 1372.814144] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 02:57:10 executing program 4: r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @fixed}, &(0x7f0000000080)=0xe, 0x81000) sendmmsg$inet(r0, &(0x7f00000000c0), 0x0, 0x1) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 02:57:10 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x500, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1372.868446] blktrace: Concurrent blktraces are not allowed on sg0 [ 1372.872011] blktrace: Concurrent blktraces are not allowed on sg0 02:57:10 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 2) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1372.918593] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1372.994323] FAULT_INJECTION: forcing a failure. [ 1372.994323] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 1372.995927] CPU: 0 PID: 8564 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1372.996824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1372.998090] Call Trace: [ 1372.998362] [ 1372.998605] dump_stack_lvl+0x8b/0xb3 [ 1372.999044] should_fail.cold+0x5/0xa [ 1372.999483] prepare_alloc_pages+0x17b/0x500 [ 1372.999988] __alloc_pages+0x131/0x4e0 [ 1373.000420] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1373.001095] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1373.001701] kmalloc_large_node+0x5e/0x110 [ 1373.002186] __kmalloc_node+0x33c/0x470 [ 1373.002642] kvmalloc_node+0xa0/0x130 [ 1373.003075] alloc_netdev_mqs+0x98/0xf60 [ 1373.003537] ? tun_free_netdev+0x100/0x100 [ 1373.004009] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1373.004487] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1373.005005] ? lock_is_held_type+0xd7/0x130 [ 1373.005505] ? selinux_file_ioctl+0xb1/0x260 [ 1373.006010] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1373.006621] ? tun_chr_compat_ioctl+0x30/0x30 [ 1373.007132] __x64_sys_ioctl+0x196/0x210 [ 1373.007585] do_syscall_64+0x3b/0x90 [ 1373.008009] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1373.008584] RIP: 0033:0x7fb21bfaab19 [ 1373.008990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1373.011061] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1373.011939] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1373.012678] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1373.013474] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1373.014206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1373.014998] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1373.015824] 02:57:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:57:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) 02:57:22 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:57:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x600, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:57:22 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = fork() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x39) ptrace$setopts(0x4200, r1, 0x3, 0x50) ptrace(0x4208, r1) ptrace(0x10, r1) syz_open_procfs(0xffffffffffffffff, 0x0) [ 1385.436871] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1385.472549] FAULT_INJECTION: forcing a failure. [ 1385.472549] name failslab, interval 1, probability 0, space 0, times 0 [ 1385.473943] CPU: 0 PID: 8577 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1385.474493] blktrace: Concurrent blktraces are not allowed on sg0 [ 1385.474815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1385.477307] Call Trace: [ 1385.477590] [ 1385.477833] dump_stack_lvl+0x8b/0xb3 [ 1385.478212] FAULT_INJECTION: forcing a failure. [ 1385.478212] name failslab, interval 1, probability 0, space 0, times 0 [ 1385.478275] should_fail.cold+0x5/0xa [ 1385.480830] ? create_object.isra.0+0x3a/0xa20 [ 1385.481322] should_failslab+0x5/0x10 [ 1385.481743] kmem_cache_alloc+0x5b/0x480 [ 1385.482199] create_object.isra.0+0x3a/0xa20 [ 1385.482700] kmalloc_large_node+0xc3/0x110 [ 1385.483174] __kmalloc_node+0x33c/0x470 [ 1385.483626] kvmalloc_node+0xa0/0x130 [ 1385.484065] alloc_netdev_mqs+0x98/0xf60 [ 1385.484523] ? tun_free_netdev+0x100/0x100 [ 1385.485001] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1385.485474] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1385.485978] ? lock_is_held_type+0xd7/0x130 [ 1385.486463] ? selinux_file_ioctl+0xb1/0x260 [ 1385.486937] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1385.487553] ? tun_chr_compat_ioctl+0x30/0x30 [ 1385.488051] __x64_sys_ioctl+0x196/0x210 [ 1385.488508] do_syscall_64+0x3b/0x90 [ 1385.488929] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1385.489493] RIP: 0033:0x7fb21bfaab19 [ 1385.489905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1385.491925] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1385.492753] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1385.493531] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1385.494322] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1385.495099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1385.495874] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1385.496667] [ 1385.496934] CPU: 1 PID: 8583 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1385.498565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1385.500770] Call Trace: [ 1385.501270] [ 1385.501704] dump_stack_lvl+0x8b/0xb3 [ 1385.502459] should_fail.cold+0x5/0xa [ 1385.503206] ? create_object.isra.0+0x3a/0xa20 [ 1385.504119] should_failslab+0x5/0x10 [ 1385.504869] kmem_cache_alloc+0x5b/0x480 [ 1385.505690] create_object.isra.0+0x3a/0xa20 [ 1385.506558] ? kasan_unpoison+0x23/0x50 [ 1385.507342] __kmalloc+0x25b/0x440 [ 1385.508070] __do_sys_memfd_create+0xac/0x4e0 [ 1385.508959] do_syscall_64+0x3b/0x90 [ 1385.509699] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1385.510733] RIP: 0033:0x7fcdf05c8b19 [ 1385.511460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1385.515006] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1385.516486] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1385.517860] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1385.519240] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1385.520623] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1385.521998] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1385.523402] 02:57:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 2) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:57:22 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 3) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1385.530380] blktrace: Concurrent blktraces are not allowed on sg0 02:57:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 1) [ 1385.543307] FAULT_INJECTION: forcing a failure. [ 1385.543307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1385.544676] CPU: 0 PID: 8590 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1385.545543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1385.546723] Call Trace: [ 1385.547000] [ 1385.547230] dump_stack_lvl+0x8b/0xb3 [ 1385.547678] should_fail.cold+0x5/0xa [ 1385.548088] _copy_from_user+0x2a/0x170 [ 1385.548517] perf_copy_attr+0x120/0x9c0 [ 1385.548946] __do_sys_perf_event_open+0x12f/0x3040 [ 1385.549470] ? __mutex_unlock_slowpath+0x15c/0x5e0 [ 1385.550001] ? bit_wait_io_timeout+0x160/0x160 [ 1385.550487] ? perf_remove_from_context+0x260/0x260 [ 1385.551045] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1385.551597] do_syscall_64+0x3b/0x90 [ 1385.551999] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1385.552537] RIP: 0033:0x7f23af485b19 [ 1385.552925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1385.554836] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1385.556040] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1385.556774] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1385.557508] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1385.558254] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1385.559001] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1385.559757] 02:57:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x700, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1385.582198] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 02:57:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000"], 0x20}], 0x1}, 0x0) 02:57:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 2) 02:57:22 executing program 4: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x28, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x28}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r4, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x40, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040004}, 0x4) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r3) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000000780)={&(0x7f0000000680), 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r5, 0x1}, 0x14}}, 0x0) sendmsg$IEEE802154_LLSEC_LIST_DEV(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x24400400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x400, 0x70bd28, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x40000) r6 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1385.668386] blktrace: Concurrent blktraces are not allowed on sg0 [ 1385.675018] blktrace: Concurrent blktraces are not allowed on sg0 02:57:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x3, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1385.690154] FAULT_INJECTION: forcing a failure. [ 1385.690154] name failslab, interval 1, probability 0, space 0, times 0 [ 1385.691399] CPU: 0 PID: 8603 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1385.692287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1385.693485] Call Trace: [ 1385.693765] [ 1385.694002] dump_stack_lvl+0x8b/0xb3 [ 1385.694422] should_fail.cold+0x5/0xa [ 1385.694825] ? perf_event_alloc.part.0+0xc2/0x3b50 [ 1385.695345] should_failslab+0x5/0x10 [ 1385.695760] kmem_cache_alloc_node+0x55/0x490 [ 1385.696244] ? do_raw_spin_lock+0x121/0x260 [ 1385.696705] perf_event_alloc.part.0+0xc2/0x3b50 [ 1385.697212] ? _find_next_bit+0x1e5/0x260 [ 1385.697649] ? _raw_spin_unlock+0x24/0x40 [ 1385.698102] ? alloc_fd+0x2f0/0x670 [ 1385.698503] __do_sys_perf_event_open+0x4a6/0x3040 [ 1385.699025] ? bit_wait_io_timeout+0x160/0x160 [ 1385.699526] ? perf_remove_from_context+0x260/0x260 [ 1385.700078] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1385.700637] do_syscall_64+0x3b/0x90 [ 1385.701043] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1385.701579] RIP: 0033:0x7f23af485b19 [ 1385.701987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1385.703915] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1385.704711] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1385.705475] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1385.706219] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1385.706972] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1385.707751] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1385.708506] 02:57:39 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000040)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 02:57:39 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000"], 0x20}], 0x1}, 0x0) 02:57:39 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 3) 02:57:39 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:57:39 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 3) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:57:39 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x801, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1402.164279] FAULT_INJECTION: forcing a failure. [ 1402.164279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1402.166835] CPU: 1 PID: 8618 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.168484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.170723] Call Trace: [ 1402.171227] [ 1402.171664] dump_stack_lvl+0x8b/0xb3 [ 1402.172454] should_fail.cold+0x5/0xa [ 1402.173215] _copy_from_user+0x2a/0x170 [ 1402.174011] __do_sys_memfd_create+0xff/0x4e0 [ 1402.174621] FAULT_INJECTION: forcing a failure. [ 1402.174621] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.174903] do_syscall_64+0x3b/0x90 [ 1402.177811] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.178821] RIP: 0033:0x7fcdf05c8b19 [ 1402.179544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.183146] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1402.184653] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1402.186047] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1402.187444] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1402.188857] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1402.190254] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1402.191674] [ 1402.192142] CPU: 0 PID: 8616 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.193771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.195995] Call Trace: [ 1402.196497] [ 1402.196935] dump_stack_lvl+0x8b/0xb3 [ 1402.197698] should_fail.cold+0x5/0xa [ 1402.198457] ? create_object.isra.0+0x3a/0xa20 [ 1402.199363] should_failslab+0x5/0x10 [ 1402.200151] kmem_cache_alloc+0x5b/0x480 [ 1402.200971] create_object.isra.0+0x3a/0xa20 [ 1402.201841] ? kasan_unpoison+0x23/0x50 [ 1402.202623] kmem_cache_alloc_node+0x248/0x490 [ 1402.203541] perf_event_alloc.part.0+0xc2/0x3b50 [ 1402.204478] ? _find_next_bit+0x1e5/0x260 [ 1402.205298] ? _raw_spin_unlock+0x24/0x40 [ 1402.205891] FAULT_INJECTION: forcing a failure. [ 1402.205891] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.206138] ? alloc_fd+0x2f0/0x670 [ 1402.209010] __do_sys_perf_event_open+0x4a6/0x3040 [ 1402.209991] ? bit_wait_io_timeout+0x160/0x160 [ 1402.210894] ? perf_remove_from_context+0x260/0x260 [ 1402.211911] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1402.212928] do_syscall_64+0x3b/0x90 [ 1402.213666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.214674] RIP: 0033:0x7f23af485b19 [ 1402.215404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.219007] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1402.220502] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1402.221899] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1402.223278] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1402.224661] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1402.226051] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1402.227452] [ 1402.227924] CPU: 1 PID: 8620 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.229558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.231788] Call Trace: [ 1402.232291] [ 1402.232733] dump_stack_lvl+0x8b/0xb3 [ 1402.233490] should_fail.cold+0x5/0xa [ 1402.234246] ? create_object.isra.0+0x3a/0xa20 [ 1402.235149] should_failslab+0x5/0x10 [ 1402.235911] kmem_cache_alloc+0x5b/0x480 [ 1402.236730] create_object.isra.0+0x3a/0xa20 [ 1402.237605] kmemleak_alloc_percpu+0xa0/0x100 [ 1402.238503] pcpu_alloc+0x7bf/0x1060 [ 1402.239260] alloc_netdev_mqs+0x10a/0xf60 [ 1402.240097] ? tun_free_netdev+0x100/0x100 [ 1402.240951] __tun_chr_ioctl+0x1b4a/0x3f10 02:57:39 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:57:39 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 4) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1402.241806] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1402.242992] ? lock_is_held_type+0xd7/0x130 [ 1402.243925] ? selinux_file_ioctl+0xb1/0x260 [ 1402.244814] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1402.245913] ? tun_chr_compat_ioctl+0x30/0x30 [ 1402.246827] __x64_sys_ioctl+0x196/0x210 [ 1402.247647] do_syscall_64+0x3b/0x90 [ 1402.248406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.249425] RIP: 0033:0x7fb21bfaab19 [ 1402.250159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.253803] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1402.253859] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1402.255299] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1402.255317] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1402.255332] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1402.255346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1402.255361] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1402.255403] [ 1402.276546] blktrace: Concurrent blktraces are not allowed on sg0 02:57:39 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x40400, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0003000000000000000000000000000000009085ea91486b0d6e5830df81660910e67abfa8223e8fa8e4f83c8a56136cdae09a1c9ec4650b4be57aa40b3b996fe983388c4a8ef73563081c487a61b101eed6a5c737f8e55383018c11142102151aa98b9a64628f97bfff114d5c58b4672fa8f7623d6bd81bb2c268a707f54def63add78d87325c29c800e18f54a92d991ead92", @ANYRES32=r3, @ANYBLOB="0c009900ffffff7f5d000000"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x20004805) syncfs(r1) getsockopt$inet_udp_int(r1, 0x11, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_IBSS(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r5, 0x400, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x79}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x44015) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={0x0, @empty, @loopback}, &(0x7f00000002c0)=0xc) syz_open_procfs(0x0, 0x0) 02:57:39 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000"], 0x20}], 0x1}, 0x0) 02:57:39 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 4) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:57:39 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 4) 02:57:39 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x2, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1402.453634] FAULT_INJECTION: forcing a failure. [ 1402.453634] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.456827] CPU: 1 PID: 8639 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.458634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.461276] Call Trace: [ 1402.461868] [ 1402.462404] dump_stack_lvl+0x8b/0xb3 [ 1402.463293] should_fail.cold+0x5/0xa [ 1402.464234] should_failslab+0x5/0x10 [ 1402.465109] kmem_cache_alloc_lru+0x60/0x7c0 [ 1402.466141] ? shmem_alloc_inode+0x23/0x50 [ 1402.467164] ? lock_release+0x3b2/0x750 [ 1402.468090] shmem_alloc_inode+0x23/0x50 [ 1402.469031] ? shmem_destroy_inode+0x70/0x70 [ 1402.470094] alloc_inode+0x63/0x240 [ 1402.470915] new_inode+0x23/0x240 [ 1402.471758] shmem_get_inode+0x18b/0xcb0 [ 1402.472782] __shmem_file_setup+0xb8/0x310 [ 1402.473753] __do_sys_memfd_create+0x1c6/0x4e0 [ 1402.474815] do_syscall_64+0x3b/0x90 [ 1402.475692] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.476909] RIP: 0033:0x7fcdf05c8b19 [ 1402.477766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.481911] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1402.483722] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1402.485419] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1402.487078] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1402.488739] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1402.490410] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1402.492173] [ 1402.591818] blktrace: Concurrent blktraces are not allowed on sg0 [ 1402.595141] FAULT_INJECTION: forcing a failure. [ 1402.595141] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.597471] CPU: 1 PID: 8646 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.599116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.601392] Call Trace: [ 1402.601904] [ 1402.602347] dump_stack_lvl+0x8b/0xb3 [ 1402.603128] should_fail.cold+0x5/0xa [ 1402.603921] ? selinux_perf_event_alloc+0x43/0x180 [ 1402.604920] should_failslab+0x5/0x10 [ 1402.605681] kmem_cache_alloc_trace+0x55/0x3c0 [ 1402.606616] selinux_perf_event_alloc+0x43/0x180 [ 1402.607573] security_perf_event_alloc+0x46/0xa0 [ 1402.608556] perf_event_alloc.part.0+0x1a58/0x3b50 [ 1402.609565] ? alloc_fd+0x2f0/0x670 [ 1402.610328] __do_sys_perf_event_open+0x4a6/0x3040 [ 1402.611345] ? bit_wait_io_timeout+0x160/0x160 [ 1402.612303] ? perf_remove_from_context+0x260/0x260 [ 1402.613367] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1402.614416] do_syscall_64+0x3b/0x90 [ 1402.615173] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.616228] RIP: 0033:0x7f23af485b19 [ 1402.616980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.620876] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1402.622380] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1402.623820] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1402.625225] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1402.626876] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1402.628481] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1402.629941] 02:57:39 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 5) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1402.680917] blktrace: Concurrent blktraces are not allowed on sg0 02:57:39 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x8, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:57:39 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {0x0}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1402.801670] FAULT_INJECTION: forcing a failure. [ 1402.801670] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.804518] CPU: 1 PID: 8652 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.806137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.808493] Call Trace: [ 1402.809026] [ 1402.809466] dump_stack_lvl+0x8b/0xb3 [ 1402.810241] should_fail.cold+0x5/0xa [ 1402.811003] ? create_object.isra.0+0x3a/0xa20 [ 1402.811934] should_failslab+0x5/0x10 [ 1402.812695] kmem_cache_alloc+0x5b/0x480 [ 1402.813513] ? mark_held_locks+0x9e/0xe0 [ 1402.814433] create_object.isra.0+0x3a/0xa20 [ 1402.815341] kmemleak_alloc_percpu+0xa0/0x100 [ 1402.816251] pcpu_alloc+0x7bf/0x1060 [ 1402.817026] alloc_netdev_mqs+0x10a/0xf60 [ 1402.817865] ? tun_free_netdev+0x100/0x100 [ 1402.818735] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1402.819756] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1402.820683] ? lock_is_held_type+0xd7/0x130 [ 1402.821564] ? selinux_file_ioctl+0xb1/0x260 [ 1402.822463] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1402.823573] ? tun_chr_compat_ioctl+0x30/0x30 [ 1402.824628] __x64_sys_ioctl+0x196/0x210 [ 1402.825443] do_syscall_64+0x3b/0x90 [ 1402.826192] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.827211] RIP: 0033:0x7fb21bfaab19 [ 1402.827961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.831742] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1402.833259] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1402.834688] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1402.836141] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1402.837564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1402.838986] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1402.840466] 02:57:40 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 5) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1402.919145] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1402.943854] FAULT_INJECTION: forcing a failure. [ 1402.943854] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.946307] CPU: 1 PID: 8660 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1402.947961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1402.950193] Call Trace: [ 1402.950697] [ 1402.951143] dump_stack_lvl+0x8b/0xb3 [ 1402.951937] should_fail.cold+0x5/0xa [ 1402.952710] ? create_object.isra.0+0x3a/0xa20 [ 1402.953630] should_failslab+0x5/0x10 [ 1402.954392] kmem_cache_alloc+0x5b/0x480 [ 1402.955222] create_object.isra.0+0x3a/0xa20 [ 1402.956126] ? kasan_unpoison+0x23/0x50 [ 1402.956938] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1402.957850] ? shmem_alloc_inode+0x23/0x50 [ 1402.958699] shmem_alloc_inode+0x23/0x50 [ 1402.959486] ? shmem_destroy_inode+0x70/0x70 [ 1402.960372] alloc_inode+0x63/0x240 [ 1402.961109] new_inode+0x23/0x240 [ 1402.961821] shmem_get_inode+0x18b/0xcb0 [ 1402.962638] __shmem_file_setup+0xb8/0x310 [ 1402.963494] __do_sys_memfd_create+0x1c6/0x4e0 [ 1402.964419] do_syscall_64+0x3b/0x90 [ 1402.965176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1402.966218] RIP: 0033:0x7fcdf05c8b19 [ 1402.966956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.970623] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1402.972146] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1402.973561] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1402.974974] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1402.976399] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1402.977828] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1402.979266] 02:57:52 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {0x0}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:57:52 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 5) 02:57:52 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x25, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:57:52 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 1) 02:57:52 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @remote, @broadcast}}}], 0x20}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000000c0)={'ip_vti0\x00', &(0x7f0000000040)={'gretap0\x00', r4, 0x1, 0x98, 0x401, 0x5, {{0x16, 0x4, 0x0, 0x1, 0x58, 0x66, 0x0, 0x5, 0x4, 0x0, @multicast1, @remote, {[@timestamp_addr={0x44, 0x44, 0x9b, 0x1, 0x5, [{@local, 0x3}, {@private=0xa010100, 0x40}, {@empty, 0x4}, {@local, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0x1f}, 0x7}, {@multicast2, 0x8}, {@empty, 0x80000001}, {@private=0xa010102, 0x4}]}]}}}}}) 02:57:52 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1415.707576] FAULT_INJECTION: forcing a failure. [ 1415.707576] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1415.710468] CPU: 0 PID: 8667 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1415.712410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1415.715076] Call Trace: [ 1415.715681] [ 1415.716237] dump_stack_lvl+0x8b/0xb3 [ 1415.717088] should_fail.cold+0x5/0xa [ 1415.717899] _copy_from_user+0x2a/0x170 [ 1415.718749] __copy_msghdr_from_user+0x91/0x4b0 [ 1415.719740] ? __ia32_sys_shutdown+0x70/0x70 [ 1415.720697] ? __lock_acquire+0xbac/0x6120 [ 1415.721544] sendmsg_copy_msghdr+0xa1/0x160 [ 1415.722391] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1415.723274] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1415.724311] ? lock_release+0x3b2/0x750 [ 1415.725106] ___sys_sendmsg+0xc6/0x170 [ 1415.725863] ? sendmsg_copy_msghdr+0x160/0x160 [ 1415.726750] ? lock_release+0x3b2/0x750 [ 1415.727528] ? __fget_files+0x265/0x470 [ 1415.728329] ? lock_downgrade+0x6d0/0x6d0 [ 1415.729147] ? lock_release+0x3b2/0x750 [ 1415.729926] ? ksys_write+0x20c/0x250 [ 1415.730671] ? lock_downgrade+0x6d0/0x6d0 [ 1415.731492] ? __fget_files+0x287/0x470 [ 1415.732301] ? __fget_light+0xea/0x270 [ 1415.733071] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1415.734165] __sys_sendmsg+0xe5/0x1b0 [ 1415.734903] ? __sys_sendmsg_sock+0x30/0x30 [ 1415.735743] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1415.736841] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1415.737922] ? fput+0x2a/0x50 [ 1415.738546] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1415.739556] do_syscall_64+0x3b/0x90 [ 1415.740307] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1415.741312] RIP: 0033:0x7f406f897b19 [ 1415.742038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1415.745633] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1415.747112] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1415.748508] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1415.749887] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1415.751272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1415.752657] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1415.754064] [ 1415.757516] blktrace: Concurrent blktraces are not allowed on sg0 [ 1415.766130] FAULT_INJECTION: forcing a failure. [ 1415.766130] name failslab, interval 1, probability 0, space 0, times 0 [ 1415.768603] CPU: 1 PID: 8675 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1415.770246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1415.772518] Call Trace: [ 1415.773031] [ 1415.773475] dump_stack_lvl+0x8b/0xb3 [ 1415.774264] should_fail.cold+0x5/0xa [ 1415.775030] ? lock_is_held_type+0xd7/0x130 [ 1415.775914] ? __hw_addr_add_ex+0x235/0x790 [ 1415.776800] should_failslab+0x5/0x10 [ 1415.777569] kmem_cache_alloc_trace+0x55/0x3c0 [ 1415.778494] __hw_addr_add_ex+0x235/0x790 [ 1415.779326] ? dev_mc_init+0xe0/0xe0 [ 1415.780075] ? _raw_spin_unlock_bh+0x21/0x30 [ 1415.780967] dev_addr_init+0x13a/0x220 [ 1415.781746] ? dev_addr_flush+0x230/0x230 02:57:52 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 6) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:57:52 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 6) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1415.782592] alloc_netdev_mqs+0x16e/0xf60 [ 1415.783599] ? tun_free_netdev+0x100/0x100 [ 1415.784475] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1415.785328] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1415.786253] ? lock_is_held_type+0xd7/0x130 [ 1415.787124] ? selinux_file_ioctl+0xb1/0x260 [ 1415.788018] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1415.789131] ? tun_chr_compat_ioctl+0x30/0x30 [ 1415.790047] __x64_sys_ioctl+0x196/0x210 [ 1415.790151] FAULT_INJECTION: forcing a failure. [ 1415.790151] name failslab, interval 1, probability 0, space 0, times 0 [ 1415.790865] do_syscall_64+0x3b/0x90 [ 1415.790906] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1415.790930] RIP: 0033:0x7fb21bfaab19 [ 1415.790948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1415.790970] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1415.790994] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1415.791010] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1415.791026] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1415.804817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1415.806221] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1415.807642] [ 1415.808108] CPU: 0 PID: 8681 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1415.809752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1415.812020] Call Trace: [ 1415.812521] [ 1415.812964] dump_stack_lvl+0x8b/0xb3 [ 1415.813724] should_fail.cold+0x5/0xa [ 1415.814498] ? security_inode_alloc+0x34/0x160 [ 1415.815423] should_failslab+0x5/0x10 [ 1415.816187] kmem_cache_alloc+0x5b/0x480 [ 1415.817016] security_inode_alloc+0x34/0x160 [ 1415.817887] inode_init_always+0x5d8/0xd20 [ 1415.818738] alloc_inode+0x84/0x240 [ 1415.819468] new_inode+0x23/0x240 [ 1415.820174] shmem_get_inode+0x18b/0xcb0 [ 1415.820996] __shmem_file_setup+0xb8/0x310 [ 1415.821837] __do_sys_memfd_create+0x1c6/0x4e0 [ 1415.822759] do_syscall_64+0x3b/0x90 [ 1415.823500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1415.824551] RIP: 0033:0x7fcdf05c8b19 [ 1415.825280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1415.828918] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1415.830412] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1415.831822] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1415.833246] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1415.834648] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1415.836057] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1415.837479] [ 1415.840226] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1415.844062] FAULT_INJECTION: forcing a failure. [ 1415.844062] name failslab, interval 1, probability 0, space 0, times 0 [ 1415.846428] CPU: 0 PID: 8682 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1415.848080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1415.850280] Call Trace: [ 1415.850779] [ 1415.851224] dump_stack_lvl+0x8b/0xb3 [ 1415.852000] should_fail.cold+0x5/0xa [ 1415.852753] ? create_object.isra.0+0x3a/0xa20 [ 1415.853641] should_failslab+0x5/0x10 [ 1415.854388] kmem_cache_alloc+0x5b/0x480 [ 1415.855204] create_object.isra.0+0x3a/0xa20 [ 1415.856073] ? kasan_unpoison+0x23/0x50 [ 1415.856873] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1415.857816] selinux_perf_event_alloc+0x43/0x180 [ 1415.858765] security_perf_event_alloc+0x46/0xa0 [ 1415.859715] perf_event_alloc.part.0+0x1a58/0x3b50 [ 1415.860707] ? alloc_fd+0x2f0/0x670 [ 1415.861452] __do_sys_perf_event_open+0x4a6/0x3040 [ 1415.862434] ? bit_wait_io_timeout+0x160/0x160 [ 1415.863352] ? perf_remove_from_context+0x260/0x260 [ 1415.864395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1415.865424] do_syscall_64+0x3b/0x90 [ 1415.866178] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1415.867202] RIP: 0033:0x7f23af485b19 [ 1415.867941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1415.871809] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1415.873341] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1415.874750] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1415.876164] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1415.877566] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1415.878966] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1415.880401] [ 1415.881139] blktrace: Concurrent blktraces are not allowed on sg0 02:57:53 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:57:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 2) 02:57:53 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 6) 02:57:53 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x45, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1416.023557] FAULT_INJECTION: forcing a failure. [ 1416.023557] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1416.026085] CPU: 1 PID: 8696 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1416.027718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1416.029998] Call Trace: [ 1416.030506] [ 1416.030947] dump_stack_lvl+0x8b/0xb3 [ 1416.031716] should_fail.cold+0x5/0xa [ 1416.032484] _copy_from_user+0x2a/0x170 [ 1416.033282] iovec_from_user+0x236/0x3c0 [ 1416.034088] ? _copy_from_user+0xf2/0x170 [ 1416.034922] __import_iovec+0x64/0x5c0 [ 1416.035709] import_iovec+0x83/0xb0 [ 1416.036453] sendmsg_copy_msghdr+0x12d/0x160 [ 1416.037323] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1416.038222] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1416.039269] ? lock_release+0x3b2/0x750 [ 1416.039879] blktrace: Concurrent blktraces are not allowed on sg0 [ 1416.040090] ___sys_sendmsg+0xc6/0x170 [ 1416.042112] ? sendmsg_copy_msghdr+0x160/0x160 [ 1416.043017] ? lock_release+0x3b2/0x750 [ 1416.043823] ? __fget_files+0x265/0x470 [ 1416.044642] ? lock_downgrade+0x6d0/0x6d0 [ 1416.045474] ? lock_release+0x3b2/0x750 [ 1416.046266] ? ksys_write+0x20c/0x250 [ 1416.047031] ? lock_downgrade+0x6d0/0x6d0 [ 1416.047857] ? __fget_files+0x287/0x470 [ 1416.048687] ? __fget_light+0xea/0x270 [ 1416.049465] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1416.050575] __sys_sendmsg+0xe5/0x1b0 [ 1416.051341] ? __sys_sendmsg_sock+0x30/0x30 [ 1416.052211] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1416.053330] ? fput+0x2a/0x50 [ 1416.053957] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1416.054956] blktrace: Concurrent blktraces are not allowed on sg0 [ 1416.054965] do_syscall_64+0x3b/0x90 [ 1416.056894] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1416.057882] RIP: 0033:0x7f406f897b19 [ 1416.058586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1416.062169] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1416.063669] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1416.065100] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1416.066521] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1416.067938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1416.069346] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1416.070781] [ 1416.082402] FAULT_INJECTION: forcing a failure. [ 1416.082402] name failslab, interval 1, probability 0, space 0, times 0 [ 1416.084837] CPU: 1 PID: 8698 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1416.086467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1416.088707] Call Trace: [ 1416.089211] [ 1416.089652] dump_stack_lvl+0x8b/0xb3 [ 1416.090422] should_fail.cold+0x5/0xa [ 1416.091193] should_failslab+0x5/0x10 [ 1416.091972] kmem_cache_alloc_lru+0x60/0x7c0 [ 1416.092855] ? __d_alloc+0x31/0x990 [ 1416.093570] ? find_get_context+0x693/0xc60 [ 1416.094446] __d_alloc+0x31/0x990 [ 1416.095142] d_alloc_pseudo+0x19/0x70 [ 1416.095905] alloc_file_pseudo+0xce/0x250 [ 1416.096729] ? alloc_file+0x580/0x580 [ 1416.097484] ? find_get_context+0x41b/0xc60 [ 1416.098360] ? perf_event_mmap_output+0xfd0/0xfd0 [ 1416.099324] anon_inode_getfile+0xb0/0x1e0 [ 1416.100189] __do_sys_perf_event_open+0xfb7/0x3040 [ 1416.101194] ? bit_wait_io_timeout+0x160/0x160 [ 1416.102110] ? perf_remove_from_context+0x260/0x260 [ 1416.103130] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1416.104168] do_syscall_64+0x3b/0x90 [ 1416.104918] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1416.105937] RIP: 0033:0x7f23af485b19 [ 1416.106664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1416.110290] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1416.111785] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1416.113200] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1416.114596] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1416.116002] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1416.117400] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1416.118834] 02:57:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 7) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1416.203413] FAULT_INJECTION: forcing a failure. [ 1416.203413] name failslab, interval 1, probability 0, space 0, times 0 [ 1416.206022] CPU: 0 PID: 8702 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1416.207663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1416.209865] Call Trace: [ 1416.210379] [ 1416.210816] dump_stack_lvl+0x8b/0xb3 [ 1416.211590] should_fail.cold+0x5/0xa [ 1416.212367] ? create_object.isra.0+0x3a/0xa20 [ 1416.213271] should_failslab+0x5/0x10 [ 1416.214027] kmem_cache_alloc+0x5b/0x480 [ 1416.214839] create_object.isra.0+0x3a/0xa20 [ 1416.215705] ? kasan_unpoison+0x23/0x50 [ 1416.216505] kmem_cache_alloc+0x239/0x480 [ 1416.217333] security_inode_alloc+0x34/0x160 [ 1416.218197] inode_init_always+0x5d8/0xd20 [ 1416.219092] alloc_inode+0x84/0x240 [ 1416.219812] new_inode+0x23/0x240 [ 1416.220534] shmem_get_inode+0x18b/0xcb0 [ 1416.221340] __shmem_file_setup+0xb8/0x310 [ 1416.222183] __do_sys_memfd_create+0x1c6/0x4e0 [ 1416.223085] do_syscall_64+0x3b/0x90 [ 1416.223819] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1416.224840] RIP: 0033:0x7fcdf05c8b19 [ 1416.225565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1416.229131] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1416.230606] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1416.232015] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1416.233396] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1416.234784] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1416.236170] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1416.237582] 02:58:11 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b3ca98459d2c8c9a1692536cc87dba7c9b1736f4f56aa2b06e834c9c79c58671df8244c875fc028c5d700a5bfe1eeb8d5bb1964725aa91eed6db18b127c5d56ce3d999f307008153f7330925510d11feb07dbd316f44412cb132b86e1f407a6fbb69b16dbb49ea73", 0x68}, {&(0x7f00000000c0)="17d63bfa7e5b375759d229d8914a21932f8fd3adadafeb137aa1d8e24e3cf48f994504cf65c3325484e9992eb7b7ba26", 0x30}, {&(0x7f0000000100)="93231a7f95e2200e7c", 0x9}, {&(0x7f0000000140)="acca18d930949e331e024f4692", 0xd}], 0x4, 0x4, 0x5abc, 0x33) 02:58:11 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 8) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:58:11 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x300, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1433.857824] blktrace: Concurrent blktraces are not allowed on sg0 02:58:11 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 7) 02:58:11 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 7) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1433.871192] FAULT_INJECTION: forcing a failure. 02:58:11 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x300, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1433.871192] name failslab, interval 1, probability 0, space 0, times 0 [ 1433.875026] CPU: 1 PID: 8709 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1433.876700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1433.878957] Call Trace: [ 1433.879466] [ 1433.879909] dump_stack_lvl+0x8b/0xb3 [ 1433.880706] should_fail.cold+0x5/0xa [ 1433.881465] ? create_object.isra.0+0x3a/0xa20 [ 1433.882372] should_failslab+0x5/0x10 [ 1433.883129] kmem_cache_alloc+0x5b/0x480 [ 1433.883948] create_object.isra.0+0x3a/0xa20 [ 1433.884834] ? kasan_unpoison+0x23/0x50 [ 1433.885627] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1433.886519] ? __d_alloc+0x31/0x990 [ 1433.887242] __d_alloc+0x31/0x990 [ 1433.887931] d_alloc_pseudo+0x19/0x70 [ 1433.888691] alloc_file_pseudo+0xce/0x250 [ 1433.889509] ? alloc_file+0x580/0x580 02:58:11 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {0x0}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1433.890269] ? find_get_context+0x41b/0xc60 [ 1433.891238] ? perf_event_mmap_output+0xfd0/0xfd0 [ 1433.892230] anon_inode_getfile+0xb0/0x1e0 [ 1433.893078] __do_sys_perf_event_open+0xfb7/0x3040 [ 1433.894065] ? bit_wait_io_timeout+0x160/0x160 [ 1433.894988] ? perf_remove_from_context+0x260/0x260 [ 1433.896019] ? syscall_enter_from_user_mode+0x1d/0x50 02:58:11 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 3) [ 1433.897068] do_syscall_64+0x3b/0x90 [ 1433.897915] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1433.898933] RIP: 0033:0x7f23af485b19 [ 1433.899680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1433.903297] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1433.904804] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1433.906195] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1433.907587] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1433.908986] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1433.910379] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1433.911798] [ 1433.938244] FAULT_INJECTION: forcing a failure. [ 1433.938244] name failslab, interval 1, probability 0, space 0, times 0 [ 1433.940649] CPU: 0 PID: 8717 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1433.942292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1433.944529] Call Trace: [ 1433.945043] [ 1433.945487] dump_stack_lvl+0x8b/0xb3 [ 1433.946280] should_fail.cold+0x5/0xa [ 1433.947058] should_failslab+0x5/0x10 [ 1433.947826] kmem_cache_alloc_lru+0x60/0x7c0 [ 1433.948712] ? __d_alloc+0x31/0x990 [ 1433.949093] FAULT_INJECTION: forcing a failure. [ 1433.949093] name failslab, interval 1, probability 0, space 0, times 0 [ 1433.949409] ? lockdep_hardirqs_on+0x79/0x100 [ 1433.952485] __d_alloc+0x31/0x990 [ 1433.953164] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1433.954267] d_alloc_pseudo+0x19/0x70 [ 1433.955010] alloc_file_pseudo+0xce/0x250 [ 1433.955837] ? alloc_file+0x580/0x580 [ 1433.956570] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 1433.957656] ? shmem_get_inode+0x619/0xcb0 [ 1433.958499] __shmem_file_setup+0x144/0x310 [ 1433.959355] __do_sys_memfd_create+0x1c6/0x4e0 [ 1433.960259] do_syscall_64+0x3b/0x90 [ 1433.960990] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1433.961985] RIP: 0033:0x7fcdf05c8b19 [ 1433.962698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1433.966202] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1433.967666] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1433.969036] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1433.970391] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1433.971766] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1433.973150] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1433.974741] [ 1433.975317] CPU: 1 PID: 8720 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1433.976973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1433.979191] Call Trace: [ 1433.979700] [ 1433.980145] dump_stack_lvl+0x8b/0xb3 [ 1433.980920] should_fail.cold+0x5/0xa [ 1433.981684] ? __alloc_skb+0x211/0x340 [ 1433.982463] should_failslab+0x5/0x10 [ 1433.983226] kmem_cache_alloc_node+0x55/0x490 [ 1433.984129] __alloc_skb+0x211/0x340 [ 1433.984895] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1433.985993] netlink_sendmsg+0x98d/0xe00 [ 1433.986808] ? netlink_unicast+0x800/0x800 [ 1433.987653] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1433.988760] ? netlink_unicast+0x800/0x800 [ 1433.989589] sock_sendmsg+0x150/0x190 [ 1433.990354] ____sys_sendmsg+0x703/0x870 [ 1433.991168] ? kernel_sendmsg+0x50/0x50 [ 1433.991957] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1433.992865] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1433.993918] ? lock_release+0x3b2/0x750 [ 1433.994716] ___sys_sendmsg+0xf3/0x170 [ 1433.995492] ? sendmsg_copy_msghdr+0x160/0x160 [ 1433.996403] ? lock_release+0x3b2/0x750 [ 1433.997204] ? lock_downgrade+0x6d0/0x6d0 [ 1433.998024] ? lock_release+0x3b2/0x750 [ 1433.998807] ? ksys_write+0x20c/0x250 [ 1433.999559] ? lock_downgrade+0x6d0/0x6d0 [ 1434.000394] ? __fget_files+0x287/0x470 [ 1434.001206] ? __fget_light+0xea/0x270 [ 1434.001978] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1434.003070] __sys_sendmsg+0xe5/0x1b0 [ 1434.003819] ? __sys_sendmsg_sock+0x30/0x30 [ 1434.004667] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.005796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.006824] do_syscall_64+0x3b/0x90 [ 1434.007565] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.008590] RIP: 0033:0x7f406f897b19 [ 1434.009320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.012932] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1434.014419] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1434.015807] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1434.017210] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.018610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1434.020000] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1434.021430] [ 1434.026451] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1434.038194] FAULT_INJECTION: forcing a failure. [ 1434.038194] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.040613] CPU: 1 PID: 8721 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.042269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.044630] Call Trace: [ 1434.045158] [ 1434.045614] dump_stack_lvl+0x8b/0xb3 [ 1434.046401] should_fail.cold+0x5/0xa [ 1434.047191] ? __hw_addr_add_ex+0x235/0x790 [ 1434.048069] ? create_object.isra.0+0x3a/0xa20 [ 1434.049010] should_failslab+0x5/0x10 [ 1434.049785] kmem_cache_alloc+0x5b/0x480 [ 1434.050616] create_object.isra.0+0x3a/0xa20 [ 1434.051496] ? kasan_unpoison+0x23/0x50 [ 1434.052295] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1434.053224] __hw_addr_add_ex+0x235/0x790 [ 1434.054055] ? dev_mc_init+0xe0/0xe0 [ 1434.054795] ? _raw_spin_unlock_bh+0x21/0x30 [ 1434.055682] dev_addr_init+0x13a/0x220 [ 1434.056475] ? dev_addr_flush+0x230/0x230 [ 1434.057323] alloc_netdev_mqs+0x16e/0xf60 [ 1434.058138] ? tun_free_netdev+0x100/0x100 [ 1434.058984] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1434.059835] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1434.060757] ? lock_is_held_type+0xd7/0x130 02:58:11 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 8) [ 1434.061621] ? selinux_file_ioctl+0xb1/0x260 [ 1434.062697] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.063788] ? tun_chr_compat_ioctl+0x30/0x30 [ 1434.064707] __x64_sys_ioctl+0x196/0x210 [ 1434.065521] do_syscall_64+0x3b/0x90 [ 1434.066269] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.067281] RIP: 0033:0x7fb21bfaab19 [ 1434.068005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.071592] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1434.073083] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1434.074472] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1434.075868] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.077275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1434.078657] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1434.080072] [ 1434.156960] FAULT_INJECTION: forcing a failure. [ 1434.156960] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.159071] CPU: 0 PID: 8730 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.160548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.162562] Call Trace: [ 1434.163036] [ 1434.163436] dump_stack_lvl+0x8b/0xb3 [ 1434.164168] should_fail.cold+0x5/0xa [ 1434.164876] ? __alloc_file+0x21/0x230 02:58:11 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x80000, 0x0) syncfs(r1) set_mempolicy(0xa001, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r2) bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e21, @remote}, 0x10) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x35}}, 0xb) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'syzkaller0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r4 = epoll_create(0x9) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000440)) pread64(r5, &(0x7f0000000180)=""/26, 0x1a, 0xfffffffffffff4cb) syz_open_procfs(0x0, 0x0) 02:58:11 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 9) 02:58:11 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 4) [ 1434.164906] should_failslab+0x5/0x10 [ 1434.164933] kmem_cache_alloc+0x5b/0x480 [ 1434.164974] __alloc_file+0x21/0x230 [ 1434.164999] alloc_empty_file+0x6d/0x170 [ 1434.165027] alloc_file+0x59/0x580 02:58:11 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 9) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1434.165055] alloc_file_pseudo+0x16a/0x250 [ 1434.165081] ? alloc_file+0x580/0x580 [ 1434.165103] ? find_get_context+0x41b/0xc60 02:58:11 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x7ffffff2, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1434.165139] ? perf_event_mmap_output+0xfd0/0xfd0 [ 1434.165175] anon_inode_getfile+0xb0/0x1e0 [ 1434.165205] __do_sys_perf_event_open+0xfb7/0x3040 [ 1434.165244] ? bit_wait_io_timeout+0x160/0x160 [ 1434.165277] ? perf_remove_from_context+0x260/0x260 [ 1434.165331] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.165362] do_syscall_64+0x3b/0x90 [ 1434.165393] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.165414] RIP: 0033:0x7f23af485b19 [ 1434.165430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.165449] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1434.165471] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1434.165485] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1434.165498] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.165510] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1434.165523] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1434.165557] [ 1434.355298] FAULT_INJECTION: forcing a failure. [ 1434.355298] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.355351] CPU: 0 PID: 8740 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.355378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.355394] Call Trace: [ 1434.355401] [ 1434.355410] dump_stack_lvl+0x8b/0xb3 [ 1434.355452] should_fail.cold+0x5/0xa [ 1434.355484] ? create_object.isra.0+0x3a/0xa20 [ 1434.355520] should_failslab+0x5/0x10 [ 1434.355550] kmem_cache_alloc+0x5b/0x480 [ 1434.355595] create_object.isra.0+0x3a/0xa20 [ 1434.355625] ? kasan_unpoison+0x23/0x50 [ 1434.355660] kmem_cache_alloc_node+0x248/0x490 [ 1434.355712] __alloc_skb+0x211/0x340 [ 1434.355744] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.355790] netlink_sendmsg+0x98d/0xe00 [ 1434.355824] ? netlink_unicast+0x800/0x800 [ 1434.355857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.355896] ? netlink_unicast+0x800/0x800 [ 1434.355921] sock_sendmsg+0x150/0x190 [ 1434.355957] ____sys_sendmsg+0x703/0x870 [ 1434.355994] ? kernel_sendmsg+0x50/0x50 [ 1434.356025] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1434.356048] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1434.356086] ? lock_release+0x3b2/0x750 [ 1434.356127] ___sys_sendmsg+0xf3/0x170 [ 1434.356151] ? sendmsg_copy_msghdr+0x160/0x160 [ 1434.356201] ? lock_release+0x3b2/0x750 [ 1434.356234] ? lock_downgrade+0x6d0/0x6d0 [ 1434.356268] ? lock_release+0x3b2/0x750 [ 1434.356297] ? ksys_write+0x20c/0x250 [ 1434.356324] ? lock_downgrade+0x6d0/0x6d0 [ 1434.356363] ? __fget_files+0x287/0x470 [ 1434.356414] ? __fget_light+0xea/0x270 [ 1434.356451] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1434.356497] __sys_sendmsg+0xe5/0x1b0 [ 1434.356520] ? __sys_sendmsg_sock+0x30/0x30 [ 1434.356540] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.356599] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.356636] do_syscall_64+0x3b/0x90 [ 1434.356673] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.356698] RIP: 0033:0x7f406f897b19 [ 1434.356716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.356738] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1434.356764] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1434.356780] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1434.356795] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.356809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1434.356824] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1434.356863] [ 1434.366611] FAULT_INJECTION: forcing a failure. [ 1434.366611] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.366660] CPU: 0 PID: 8741 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.366692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.366707] Call Trace: [ 1434.366714] [ 1434.366722] dump_stack_lvl+0x8b/0xb3 [ 1434.366758] should_fail.cold+0x5/0xa [ 1434.366790] ? create_object.isra.0+0x3a/0xa20 [ 1434.366824] should_failslab+0x5/0x10 [ 1434.366853] kmem_cache_alloc+0x5b/0x480 [ 1434.366897] create_object.isra.0+0x3a/0xa20 [ 1434.366927] ? kasan_unpoison+0x23/0x50 [ 1434.366962] kmem_cache_alloc+0x239/0x480 [ 1434.367005] __alloc_file+0x21/0x230 [ 1434.367035] alloc_empty_file+0x6d/0x170 [ 1434.367067] alloc_file+0x59/0x580 [ 1434.367100] alloc_file_pseudo+0x16a/0x250 [ 1434.367130] ? alloc_file+0x580/0x580 [ 1434.367156] ? find_get_context+0x41b/0xc60 [ 1434.367196] ? perf_event_mmap_output+0xfd0/0xfd0 [ 1434.367237] anon_inode_getfile+0xb0/0x1e0 [ 1434.367272] __do_sys_perf_event_open+0xfb7/0x3040 [ 1434.367317] ? bit_wait_io_timeout+0x160/0x160 [ 1434.367353] ? perf_remove_from_context+0x260/0x260 [ 1434.367416] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.367452] do_syscall_64+0x3b/0x90 [ 1434.367486] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.367511] RIP: 0033:0x7f23af485b19 02:58:11 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf00, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:58:11 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 10) [ 1434.367528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.367550] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1434.367574] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1434.367590] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1434.367605] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.367620] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1434.367635] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1434.367674] [ 1434.407211] FAULT_INJECTION: forcing a failure. [ 1434.407211] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.407263] CPU: 1 PID: 8742 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.407289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.407305] Call Trace: [ 1434.407312] [ 1434.407321] dump_stack_lvl+0x8b/0xb3 [ 1434.407364] should_fail.cold+0x5/0xa [ 1434.407396] ? create_object.isra.0+0x3a/0xa20 [ 1434.407433] should_failslab+0x5/0x10 [ 1434.407464] kmem_cache_alloc+0x5b/0x480 [ 1434.407509] create_object.isra.0+0x3a/0xa20 [ 1434.407539] ? kasan_unpoison+0x23/0x50 [ 1434.407573] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1434.407608] ? __d_alloc+0x31/0x990 [ 1434.407640] __d_alloc+0x31/0x990 [ 1434.407670] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.407715] d_alloc_pseudo+0x19/0x70 [ 1434.407742] alloc_file_pseudo+0xce/0x250 [ 1434.407773] ? alloc_file+0x580/0x580 [ 1434.407798] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 1434.407841] ? shmem_get_inode+0x619/0xcb0 [ 1434.407881] __shmem_file_setup+0x144/0x310 [ 1434.407918] __do_sys_memfd_create+0x1c6/0x4e0 [ 1434.407956] do_syscall_64+0x3b/0x90 [ 1434.407991] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.408016] RIP: 0033:0x7fcdf05c8b19 [ 1434.408034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.408056] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1434.408081] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1434.408097] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1434.408112] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1434.408127] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1434.408142] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1434.408190] [ 1434.423780] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1434.582098] blktrace: Concurrent blktraces are not allowed on sg0 [ 1434.619363] FAULT_INJECTION: forcing a failure. [ 1434.619363] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.622001] CPU: 1 PID: 8752 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.623807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.626262] Call Trace: [ 1434.626819] [ 1434.627305] dump_stack_lvl+0x8b/0xb3 [ 1434.628155] should_fail.cold+0x5/0xa [ 1434.629018] ? security_file_alloc+0x34/0x170 [ 1434.630006] should_failslab+0x5/0x10 [ 1434.630845] kmem_cache_alloc+0x5b/0x480 [ 1434.631754] security_file_alloc+0x34/0x170 [ 1434.632712] __alloc_file+0xb6/0x230 [ 1434.633530] alloc_empty_file+0x6d/0x170 [ 1434.634423] alloc_file+0x59/0x580 [ 1434.635208] alloc_file_pseudo+0x16a/0x250 [ 1434.636133] ? alloc_file+0x580/0x580 [ 1434.636987] ? find_get_context+0x41b/0xc60 [ 1434.637949] ? perf_event_mmap_output+0xfd0/0xfd0 [ 1434.639017] anon_inode_getfile+0xb0/0x1e0 [ 1434.639953] __do_sys_perf_event_open+0xfb7/0x3040 [ 1434.641053] ? bit_wait_io_timeout+0x160/0x160 [ 1434.642064] ? perf_remove_from_context+0x260/0x260 [ 1434.643189] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.644327] do_syscall_64+0x3b/0x90 [ 1434.645154] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.646275] RIP: 0033:0x7f23af485b19 [ 1434.647080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.651072] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1434.652729] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1434.654270] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1434.655812] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.657365] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1434.658908] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1434.660487] 02:58:11 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:58:11 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 8) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:58:11 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 10) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:58:11 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x7ffffff9, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1434.740277] FAULT_INJECTION: forcing a failure. [ 1434.740277] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1434.743106] CPU: 1 PID: 8758 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.744871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.747357] Call Trace: [ 1434.747914] [ 1434.748415] dump_stack_lvl+0x8b/0xb3 [ 1434.749266] should_fail.cold+0x5/0xa [ 1434.750104] prepare_alloc_pages+0x17b/0x500 [ 1434.751092] __alloc_pages+0x131/0x4e0 [ 1434.751940] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1434.753249] ? __hw_addr_add_ex+0x4f1/0x790 [ 1434.754228] kmalloc_large_node+0x5e/0x110 [ 1434.754396] blktrace: Concurrent blktraces are not allowed on sg0 [ 1434.755151] __kmalloc_node+0x33c/0x470 [ 1434.755204] kvmalloc_node+0xa0/0x130 [ 1434.758101] alloc_netdev_mqs+0x7c8/0xf60 [ 1434.759033] ? tun_free_netdev+0x100/0x100 [ 1434.759480] blktrace: Concurrent blktraces are not allowed on sg0 [ 1434.759966] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1434.760018] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1434.763069] ? lock_is_held_type+0xd7/0x130 [ 1434.764016] ? selinux_file_ioctl+0xb1/0x260 [ 1434.764994] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1434.766192] ? tun_chr_compat_ioctl+0x30/0x30 [ 1434.767167] __x64_sys_ioctl+0x196/0x210 [ 1434.768061] do_syscall_64+0x3b/0x90 [ 1434.768887] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.770010] RIP: 0033:0x7fb21bfaab19 [ 1434.770815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.774804] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1434.776474] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1434.777986] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1434.779503] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.781023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1434.782537] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1434.784073] 02:58:12 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ip6tnl0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs(0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r1, 0x8983, &(0x7f0000000080)={0x7, 'veth1_to_hsr\x00', {0x4d50}, 0xffff}) [ 1434.826070] FAULT_INJECTION: forcing a failure. [ 1434.826070] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.828612] CPU: 1 PID: 8766 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.830241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.832505] Call Trace: [ 1434.833012] [ 1434.833457] dump_stack_lvl+0x8b/0xb3 [ 1434.834227] should_fail.cold+0x5/0xa [ 1434.834996] ? __alloc_file+0x21/0x230 [ 1434.835776] should_failslab+0x5/0x10 [ 1434.836542] kmem_cache_alloc+0x5b/0x480 [ 1434.837363] __alloc_file+0x21/0x230 [ 1434.838103] alloc_empty_file+0x6d/0x170 [ 1434.838916] alloc_file+0x59/0x580 [ 1434.839622] alloc_file_pseudo+0x16a/0x250 [ 1434.840467] ? alloc_file+0x580/0x580 [ 1434.841218] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 1434.842316] ? shmem_get_inode+0x619/0xcb0 [ 1434.843164] __shmem_file_setup+0x144/0x310 [ 1434.844024] __do_sys_memfd_create+0x1c6/0x4e0 [ 1434.844960] do_syscall_64+0x3b/0x90 [ 1434.845711] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.846725] RIP: 0033:0x7fcdf05c8b19 [ 1434.847461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.851085] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1434.852597] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1434.853994] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1434.855390] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1434.856796] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1434.858186] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1434.859604] 02:58:12 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:58:12 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 11) [ 1434.918178] blktrace: Concurrent blktraces are not allowed on sg0 [ 1434.930527] blktrace: Concurrent blktraces are not allowed on sg0 [ 1434.955289] FAULT_INJECTION: forcing a failure. [ 1434.955289] name failslab, interval 1, probability 0, space 0, times 0 [ 1434.957589] CPU: 0 PID: 8775 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1434.959193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1434.961405] Call Trace: [ 1434.961905] [ 1434.962343] dump_stack_lvl+0x8b/0xb3 [ 1434.963106] should_fail.cold+0x5/0xa [ 1434.963859] ? create_object.isra.0+0x3a/0xa20 [ 1434.964782] should_failslab+0x5/0x10 [ 1434.965530] kmem_cache_alloc+0x5b/0x480 [ 1434.966343] create_object.isra.0+0x3a/0xa20 [ 1434.967204] ? kasan_unpoison+0x23/0x50 [ 1434.967991] kmem_cache_alloc+0x239/0x480 [ 1434.968829] security_file_alloc+0x34/0x170 [ 1434.969682] __alloc_file+0xb6/0x230 [ 1434.970415] alloc_empty_file+0x6d/0x170 [ 1434.971213] alloc_file+0x59/0x580 [ 1434.971916] alloc_file_pseudo+0x16a/0x250 [ 1434.972755] ? alloc_file+0x580/0x580 [ 1434.973498] ? find_get_context+0x41b/0xc60 [ 1434.974356] ? perf_event_mmap_output+0xfd0/0xfd0 [ 1434.975310] anon_inode_getfile+0xb0/0x1e0 [ 1434.976151] __do_sys_perf_event_open+0xfb7/0x3040 [ 1434.977159] ? bit_wait_io_timeout+0x160/0x160 [ 1434.978072] ? perf_remove_from_context+0x260/0x260 [ 1434.979084] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.980100] do_syscall_64+0x3b/0x90 [ 1434.980859] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1434.981870] RIP: 0033:0x7f23af485b19 [ 1434.982593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.986161] RSP: 002b:00007f23ac9fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1434.987635] RAX: ffffffffffffffda RBX: 00007f23af598f60 RCX: 00007f23af485b19 [ 1434.989033] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00000000200000c0 [ 1434.990419] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1434.991797] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1434.993181] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1434.994586] [ 1434.995397] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 02:58:30 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x3}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:58:30 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:58:30 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000440)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r1) getpeername(0xffffffffffffffff, &(0x7f0000000380)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f0000000400)=0x80) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000001440)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r4 = epoll_create(0x9) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000440)) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r6) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r7) io_submit(0x0, 0x6, &(0x7f0000001700)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x800, r0, &(0x7f0000000080)="e05ed3739af4d970924862cd70a1918f39c30894aaba40d794d78cf059e7bc0c47700253499a143b1e7499377f41aeaacb489aeb5e1d5abebed081374c89dd61c8bd283ba764f111fafabae5a35351b39c1766e473461dfafc6448df5626522c29fc", 0x62, 0x0, 0x0, 0x2}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7, 0x5843, 0xffffffffffffffff, &(0x7f0000000140)="ebd36e24a2586430467c6502ac8b32c8b2459b8dcea29d70ae25639a68a58a69d2a3911414f0308086f96902b3f299d9450d446c7d60feffcd1391eeac40e8ad0278b9655fa3f55aac70e60904f234ec79824d024e1106eb3911c3ee28b2e7029eb16f64b24f07f34a6360774766579e7396303333d5a260ba3cc3125dda4f2c517220eba613d4cd3d75e1d211001c90d6160b63372d42d077ce72c673b3356dcaca22c0898a2c97dcd12f24e7a4681af4e56e558bbdb7e0cb725531307ebad0f58fd1b1cbfbb44a7a65", 0xca, 0x9, 0x0, 0x3}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x200, 0xffffffffffffffff, &(0x7f0000000280)="887660f89f8b6431dcfd899d00808100b9fabd9ae6955d930ae6b877afbb5155265e0f7727acfc11c04aaeacd80ecd49580e62fcad8819b5a337f5d0b09c411d056e6a2dc8e2ed1d22a94231be84b5f4480176d6c1f79b631a5bdce237a9b2016c1c853e53178941e86d8061af4bcccd47c4f2d5f1f2148f00690f3e2522ab78d86eae375da3d8fe0a8b18d8ac914ce2072a4b664e8991dcbc6d66d28b905206668324", 0xa3, 0x4, 0x0, 0x2, r1}, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x8, 0x4, r2, &(0x7f0000000440)="173db143e85d4332015e0d0d14360e1c07632a2fafa0330492c04aad32e52bcf2fb0cacaca7a10ce73d16bd336069fb8d8a7d6d0a33b44ae2876a034cdf616a42ced7a21abfc2c3fcf33bde1efda7ef496b9928c73fa8998b7d936e473f55ffc196c5bc563b12e5eca98268c3c52e5c6178e84c39099aa60a417d8cc67bcf2c68dd4494925744a46d6601d41b1ecbb871e744cda7a7d0c5a2fbcdf36c66cb0016bcfcdd0d26dda7ff7d1b33a916b0189732ce632b2d057d83f6db39a3575c1be2c0bf7a952796fd8a4e5f0e0f86ea0764bde148f8a724c22bed65b1c3ec2f53d5496cdab8d8b6c7db064a93ebf86507410118335f4add4aeb01c114a243aafddaac643cf971647d48f5f21497a2eaff14e921d5dee91992bb4fbe034d3c51be184bc2ba79b50cf5e5ea2757a95a3336903aba6d5a4f15c6f16347a2c12b9a9d9251f648f7a247359515f19a94ce5444aa85988e8b223fe52f9e8aefca66a42e16a5a1acac518e75a3c53005cdcac30e20236cf16c7dc8fa4ca1d06410da191017fc400bf5301b8e5db22a0c8dfad18cedf7e9c7541531193bb2a2265700eb2f94c58ed7fe63c109f48939436adeb230792b30f1255fc256423845ce4f700e55b67d62a6e58fb44198d52c58c20512578a80fadf49ba3605311c8461358702c4e29833c953a5c269a77d9ecb8a5dec82f42ecf8135853ff01ed5f68b557c7552203555f75c28bcd0910d9dbbf0e44a83b120291a68cd8c266b3a2cbd26ea84888932614d45c99724e0c49f39c1be71314a725fdde87682e3f7db0e489e94a95dbfff6087b693210e8eb563597431b13da976c3be9bface4264f8b93b41dcf445b87599c7145f555ffb107f6c333b5864944948ac96af91d791a86003341087b6093cc009a91d7aa027535f03d47ad596aa85694a3fa98b0e15b7c566dbef65144bb59a047726e92e0c7790c1140ee0248b2dfe5607a6fd5c8797e78072b0ce83d73ee7973c4835bf0fc4a109837dcc6fce9ec99bb07025be830661e2c491318b24cf159d368e6ea37b42f09f8ff14f74bc2755eb71246b75657570fb22555df33ff0fbccb8033d3f6d2a09afa215950c84fe988114519640d77c4741034d002d44709abe41ffcb0674ca483c3410f1f9366a8b69f47a8bb30256765325e102468ab75d18a6af4e5dfa327efa40f39bfa6ec832bfd283ee0c005fda059d2f3f8bea1da3cd3ff0781748670d50de3ccc092eea5b78b02df2009fb923bc9884e960b06703b251a3a577c1c900096d674727f0c3aa2a58bee47c137ef6202f6f1867e890de50fc76df201417525a3530340f99e4441526a71c18cc97576b37c82d06ca2cca9aa7961ca111b79db55b35cefea734305414f5327250d038b1d39c9de46c1eaabedbdc0e8370bd12efed962e1f731e8679b267a79a662d7947906b10d44a4b0f544f322e6ffeaeb8dbc9e485d71e70e2112c8a698f77a2e8591fa07b4b89f7a58e10c8933f2603c5094625a48abe4f4fd4788804fc22f92b7dc346e5d4817a33df0fc6d43330a111f0a1026406654a3882ade69f5d23f0bdd466b655cc2fc4cf8ee89f647f09ae0bcaf9e7a2e0bc03381c9abc26d3517514343b62c5454b8027a1324742d2d52ee2e57b19c633e31044fc38d4879d52c0119eae06c50727514b50bd79cd632176d87a61e0acb1debc4f7a5bcac94418cd52a4372975ec8533bb58748c0717393bf38a96803cc14002c9614a497dbe4971cad1c5d2fbc82b774dd9619fa569d5bfe40d3ca9233879c568da6866da244b3623eedf42ba79d51d130d90ab85b401f6ee8d46809fac02389116fb3c8ea5f7e62f3b9c98686d0606182e595239695418ac6bd6dc1049ea4383560e3677264587e689aa77b0d959d3ec8662d72b803f1388bb7f02bba20be755a4f37b3c49a8a19c44460ef5a3f76116e095eb260c773d906ff9fbc2eabac855d3e07ed04beb50ef0f180a14f75146b18a1c55c29bad99b158553d5c0bbfc6fa2c1bbe0a55394b8218d67d5040eb3028eb9b873281dfc1ba629249f133df5a111dd49b75ddb2fb8c6599917c86df82797f7ac3d201bb262e30d10332a4d6d0ac6b76669c96c05cf89c1f8ff0ed2853c52b14ffc14f87598b28491d0aec8bc5919698460bc8e8dbd0037c45111bc9482655414796fe3b9d90591f0352445e192249b4bcc4525b69621655738769d8dcc348bd17ed906d95ab7a615b971fa1465a2d239bc48a398cda800864c08c5884f26f220cc9e7e35877d42fd89723f7e04daeee1a7191ada86b29169fe6f5ed0b3b94e711db3ae8617d6628dbd61424d972337aff6a9dbf6f96a01065474cd25056669c83bdf64fa06a3534cc84c346a12b2a022141f584d917749f3b01ed75e39609e2fff13af65b4c331b4a73c58b23b2c6d23ad466729d962128f80621089ee8f9bd491a8f7bcec6865d4c72289a07af043b91a72386df5a5993a6487e350e71dea2c94961c5a34263a5d5b3d3fd6d500dffac8d140f98e8392f1e24224dd7265f1055b93d4fb14631f41906ffc818c272101a9bafcb8e41c78294ffd788096196c5cbc3fd8e5ef3f8968234d77ca24e0d822ad637122867715d6d23c286ef2fcbbcd905aa4a1d9a17393b9d3a51b15f6ac5fc31052e07374716ea426c310aedee4a73de83888c35b1b9b63bf93e7e2236d175c7d321179d1a0e9138ec2a3d07db85a458beb65bdb6d8c20af218065b654ad13b9f38e363a04bce595dea733278df13da181191d8486875add1dc4db9889752f39a9ec92af923210fe6b26a21458a1f8475b9402fd901cfbe2c0f95e62c9789d9505d06acdee806243d36f5b81bb69fe2d44cd3827bf86ffb208452f2a8d9cbd2e72bd57bc18e10616af141658eb85322e6cd5ca0b8a732041f38c5ef4fafa86337c38dc26efc360afe67241983d35f22c46c5e9bf22cac549d6b82474e80d5252845a76eb0388976f5d3b41cd52fd537a5d80ad40a08e6849bf982875b811c891fe761a21065c4a4766827816a0a26cfa6ca2be50565a793ea0856344a2ab0ec629eceaa28b25312014d5f1c6df5ebf062568cc920e7595a0ea22746a2b775a3e924b80ebd3c24cbcf7b682d4d861670b9d5bf60a69ed44098dbef4d205a872cf5f397446ab267e40ca28f0708fab505a220b59f8d87e08251344a8d58f481c95f6bb2ab30df56438b5214fb50f5d2683e4b63a9ff2ab15359a749a7593ecabf3b21dd4acb6ea98dd27fbdb290d7d8de824ce098ad75354dba1c2c6ed3b265998a0fa7bfb347289415a826558a2441515af3b0f52743c458939ee1155c3dedd15a316203352c913437ed52a0317a146b428379cea80d93c6b6cca8b4fccff8a6779f668d67fbeb29a8796be77961dcb05d1afcc5c152f633a1f7f44ea26cb4e0cb5fae475e2fb5a40b6a9f70a1a6e6f0c4478d0e3491d5a189cb7140f490a24e6284dd03def6ba95837c9424026f48d0478bfd598150f6f770eb915fdaad4926c2994833d21442fb04a98ace32c7976f657eb7f25f05162678f384b3741f573338b39a873f769b6e44f504c846b23a0cb4c5286883f3ea485c92ad7946213072a121af04f4ce840f3eccdac1876c18e3d0cdf926b3411c7b692039464ae2cb737c4b76d9bbce841cff253d72f9f337db53cb3e80c1820554a3aa8f53ec13fd91af60a08ede2e67018f8857fdcbfc20c21d2db4ddfca427b1b88adffb7afc4dfb9718ff3a5cb96ffdb7f731376c4ff2df74d4401f3599000a616e68bb9722c41373eadd6bc2f85cf49bc6107822028e784d29fba0730a83520f8db1edf076cc0e356cb53d46bd07cb743de84770c9c747266d59e80cc47b558e0504f0a51ef867b7a92e0ebf46f56c5f986cfb69007cf0f1ed7f4e9979a72c035bded5f8e3b3f90d3428e0a4b3171774d810f1a86010b989c47cbb6e99d1a9116c3ba77fbc5523306dd3e6a5a8bebac4c4bffaff5c91e947608255a2c90e1dea2d19fa1c0e980ed7671164d81a26281df927414100e86d9332eb03619b51d6514ab395667bbc964605766e6017c591a6b7a6df48bf7c3bdc130aa0b98f82c0a9d830b03b96bb5ce3fb77804ca631fa31763c6fd352dbcf4877b0acb09206291ae46605ead2e87cee1c94f3675d2e16b387c4f3dfd8731f0723e005ae8650ef937cdb6db610d3e8aab02d31cd053fba3f622ee36804e20f92af3a5e4bda84bd971cf2e41669703fe78dfac0e4f7ed24cffaed7d5281cf5682b46eef61b679966354e60f671de047509f34de7d4e1eb397a2cb7f7bded378409a425d717a54a1e3e51804824aaf733e67c85bb2282e5425a5903e16c78c9cae2ec654369b9f2fa555239aa8498353829094546ae5c513c675fb4cc2b37dfd8c8e5a7169ee419e1ca2ac9c61983320212eb92b7afc0a95cb5612f947a087715b6f6efa624a6021245431ec0078321d5d8c17ff6e3d9fc08d839ab81d547a8c29dd212bc168219b1b6abc87529ec6581abf516c7b35af064f575760f821ad3b472c9c55756db1d2c042dbb007dd6a2380a7b2bf341688e078eb79a76ad6d2f1155e8e29d5f5b7f7441e5ea8e0b500792791e99617bad83cb5c9535e330948e41427ad305ae5024f9338b5859f179542415f1f30e8bdaa145c74cc0911f6962e704c40a8e800a02e414990bcf548ed09e4f6d8891a7945c9dfcb2c89ce4992d6e0984fd4202d7ebd5a2a96365d0e2f4445dd3d869a2c08ffc712508d9a2439744102de2dce1212c86fa44af32f76ad8b31b56fff248105b5762c9354fd7152bde59ee928c44ba61b0207fd92b69dc4b8de2f5514a2200424e6e44e31499261797ee0e2bac97d5b8aeda77eb6c6b56251f33b41f945e7913f9442acfe873b0c598b06c2b207cc0b005002ecbddbb4b7f441be9bfd6c3bff588a67222370841947368a476c4fb6d732b9a89bb43d2532b5ec8ddedad007efe86d818e32fbbc8448f0d83e9a281de4f2211cce3d311c853700a81a148d89fbb5d7572b945e13379d662165ceb739ad3e9138e18319e5de40de9d7d0eae28bbdf916f2cf8c0d7577fb81f5423639e37dde6d1af43f33f887964db5933cc0e524db747a7e9b72c65b1f9b4cd9f3c14c26b53ae21b8ab7b6c891476e05c7cecc6aa6b3a24c6d202efee267412e07a7923e99b8f31159eace49124adf99c50f3a0ccc19345145a423973e7a5848cb04250a9790a7ef77acce6e40912354ca08e9121ffe9f3416a44b3efe04eacabe88785ade140df0d96ba5b2d8844313daf1162d65763fc345e63261364b0b9fd47cc5d23acbb54239ba2a176d34e8ab6aaee7764b65360b809b7b15c930eb89f43f2a20b532a08e1d0c1149f074244b9cfd7243349787dc75fdf57cd639dfd90813e5bbbf8b2083372c836b74418e199e4401925290adf4b59ebd7f39f6cc75303651f00feef170daec1517f11a2b56cde3bdbeda63930e24c3c239ca1110bb318ce5de5866dcc47014d6ea61118e5b55ce7291fe020b733ae42aadcd6551ec95d1c1a07f3fbf71a0ebf0cd4e4fefd2c5abf4202b4c819005f3183c429738219c9cfb0faf657c9a22389877f50242b1fb9b84217bbca98191cb44027e7e840035fb25700c64add22b817cfe5a44f4ed12dee3dfbda7595dc7fe97741cb726df589562c64de55f6b2d1221b0443bac45b1e4bf14307fbec9db5fd1b2057b50853330578650b340a276e6b08a598d408fe86d431374d00288f1cdd1b9fa6caf54b85dbd874353535587c17d4998bff9a6acb8097e6231a", 0x1000, 0x2, 0x0, 0x3, r3}, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x8, 0xc5, r5, &(0x7f00000014c0)="0fe8a4b3a1a3c978bdce14c0be49d4135c214e2b114b47315cb03962b2b081aaf6ffe1c3cc72530be5055858d2e48254aedb3830a05ca6e37c44dcc9942d62ccebd0e4d2d0b60b2a401a0d68f0dc82380267ce2657318a9fb12eb2109750fd190f342bc65c26988472c5483b952e7c2bf479cfece2f66c12ce5b153f7f82bc95fe40124d73b1455fdf027748b7d0ce37844c4e7c8f93734ed5958eb94949178aed3e7b6172375388034beed12992dd9fe92393c39f9852db56", 0xb9, 0x2, 0x0, 0x0, r6}, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, 0x100, 0xffffffffffffffff, &(0x7f00000015c0)="a9af6a2ac3d5e270f09f2d1b416e78ef2cd1f2fcfa32d80000fe81d5443752e53ff105c1944e43a6cf4e5fd5cfea4832c49be2084031f89506e6cd02d1ba6d32a97a4b658b06baaeef9390969fa061799e9ff4703e93f88bd0273236089ee346f53064bf57ec228b2826e5930a64726e367d408d3a437bada765bad7aafd14912ca3fee2b2993242330b0b5ec5c08c22db1e588d75023366ae71c995674d2001fd67d4a463420121e78843f0b373feef4a468666a2b52237a1aaf3597c09034edf3779121565557fa71a009d3ddd206b3d04869740f6", 0xd6, 0x3, 0x0, 0x3, r7}]) r8 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 02:58:30 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:58:30 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 9) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:58:30 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 12) 02:58:30 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 5) 02:58:30 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 11) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1453.435875] FAULT_INJECTION: forcing a failure. [ 1453.435875] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1453.437393] CPU: 1 PID: 8788 Comm: syz-executor.3 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1453.438302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1453.439589] Call Trace: [ 1453.439876] [ 1453.440136] dump_stack_lvl+0x8b/0xb3 [ 1453.440578] should_fail.cold+0x5/0xa [ 1453.441014] _copy_to_user+0x2a/0x140 [ 1453.441447] simple_read_from_buffer+0xcc/0x160 [ 1453.441967] proc_fail_nth_read+0x194/0x220 [ 1453.442456] ? proc_exe_link+0x1d0/0x1d0 [ 1453.442918] ? security_file_permission+0xb1/0xd0 [ 1453.443458] ? proc_exe_link+0x1d0/0x1d0 [ 1453.443913] vfs_read+0x1ea/0x5d0 [ 1453.444316] ksys_read+0x127/0x250 [ 1453.444731] ? __ia32_sys_pwrite64+0x220/0x220 [ 1453.445267] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1453.445866] do_syscall_64+0x3b/0x90 [ 1453.446301] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1453.446897] RIP: 0033:0x7f23af43869c [ 1453.447317] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1453.449421] RSP: 002b:00007f23ac9fb170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1453.450299] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f23af43869c [ 1453.451104] RDX: 000000000000000f RSI: 00007f23ac9fb1e0 RDI: 0000000000000003 [ 1453.451922] RBP: 00007f23ac9fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1453.452732] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1453.453559] R13: 00007ffee1b3a3af R14: 00007f23ac9fb300 R15: 0000000000022000 [ 1453.454383] [ 1453.460122] FAULT_INJECTION: forcing a failure. [ 1453.460122] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.461631] CPU: 1 PID: 8797 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1453.462518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1453.463773] Call Trace: [ 1453.464050] [ 1453.464292] dump_stack_lvl+0x8b/0xb3 [ 1453.464736] should_fail.cold+0x5/0xa [ 1453.465154] ? create_object.isra.0+0x3a/0xa20 [ 1453.465667] should_failslab+0x5/0x10 [ 1453.466096] kmem_cache_alloc+0x5b/0x480 [ 1453.466549] create_object.isra.0+0x3a/0xa20 [ 1453.467046] kmalloc_large_node+0xc3/0x110 [ 1453.467517] __kmalloc_node+0x33c/0x470 [ 1453.467970] kvmalloc_node+0xa0/0x130 [ 1453.468404] alloc_netdev_mqs+0x7c8/0xf60 [ 1453.468880] ? tun_free_netdev+0x100/0x100 [ 1453.469350] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1453.469826] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1453.470326] ? lock_is_held_type+0xd7/0x130 [ 1453.470811] ? selinux_file_ioctl+0xb1/0x260 [ 1453.471315] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1453.471958] ? tun_chr_compat_ioctl+0x30/0x30 [ 1453.472480] __x64_sys_ioctl+0x196/0x210 [ 1453.472964] do_syscall_64+0x3b/0x90 [ 1453.473156] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1453.473383] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1453.475508] RIP: 0033:0x7fb21bfaab19 [ 1453.475925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.478013] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1453.479988] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1453.481674] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1453.483371] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1453.485174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1453.486958] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1453.488758] [ 1453.494336] FAULT_INJECTION: forcing a failure. [ 1453.494336] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.497340] CPU: 1 PID: 8801 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1453.499361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1453.501019] FAULT_INJECTION: forcing a failure. [ 1453.501019] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.501782] Call Trace: [ 1453.501791] [ 1453.501800] dump_stack_lvl+0x8b/0xb3 [ 1453.501837] should_fail.cold+0x5/0xa [ 1453.501874] should_failslab+0x5/0x10 [ 1453.501904] __kmalloc_node_track_caller+0x7e/0x440 [ 1453.508409] ? netlink_sendmsg+0x98d/0xe00 [ 1453.509283] __alloc_skb+0xe3/0x340 [ 1453.510036] netlink_sendmsg+0x98d/0xe00 [ 1453.510867] ? netlink_unicast+0x800/0x800 [ 1453.511726] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1453.512853] ? netlink_unicast+0x800/0x800 [ 1453.513695] sock_sendmsg+0x150/0x190 [ 1453.514469] ____sys_sendmsg+0x703/0x870 [ 1453.515299] ? kernel_sendmsg+0x50/0x50 [ 1453.516097] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1453.517035] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1453.518115] ? lock_release+0x3b2/0x750 [ 1453.518930] ___sys_sendmsg+0xf3/0x170 [ 1453.519708] ? sendmsg_copy_msghdr+0x160/0x160 [ 1453.520622] ? lock_release+0x3b2/0x750 [ 1453.521436] ? lock_downgrade+0x6d0/0x6d0 [ 1453.522286] ? lock_release+0x3b2/0x750 [ 1453.523097] ? ksys_write+0x20c/0x250 [ 1453.523876] ? lock_downgrade+0x6d0/0x6d0 [ 1453.524735] ? __fget_files+0x287/0x470 [ 1453.525575] ? __fget_light+0xea/0x270 [ 1453.526380] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1453.527519] __sys_sendmsg+0xe5/0x1b0 [ 1453.528282] ? __sys_sendmsg_sock+0x30/0x30 [ 1453.529173] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1453.530290] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1453.531348] do_syscall_64+0x3b/0x90 [ 1453.532115] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1453.533167] RIP: 0033:0x7f406f897b19 [ 1453.533919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.537659] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1453.539217] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1453.540688] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1453.542151] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1453.543609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1453.545081] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1453.546568] [ 1453.547047] CPU: 0 PID: 8792 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1453.548855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1453.551313] Call Trace: [ 1453.551870] [ 1453.552350] dump_stack_lvl+0x8b/0xb3 [ 1453.553194] should_fail.cold+0x5/0xa [ 1453.554019] ? create_object.isra.0+0x3a/0xa20 [ 1453.555000] should_failslab+0x5/0x10 [ 1453.555825] kmem_cache_alloc+0x5b/0x480 [ 1453.556749] create_object.isra.0+0x3a/0xa20 [ 1453.557894] ? kasan_unpoison+0x23/0x50 [ 1453.558758] kmem_cache_alloc+0x239/0x480 [ 1453.559663] __alloc_file+0x21/0x230 [ 1453.560468] alloc_empty_file+0x6d/0x170 [ 1453.561346] alloc_file+0x59/0x580 [ 1453.562276] alloc_file_pseudo+0x16a/0x250 [ 1453.563199] ? alloc_file+0x580/0x580 [ 1453.564027] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 1453.565432] ? shmem_get_inode+0x619/0xcb0 [ 1453.566354] __shmem_file_setup+0x144/0x310 [ 1453.567291] __do_sys_memfd_create+0x1c6/0x4e0 [ 1453.568281] do_syscall_64+0x3b/0x90 [ 1453.569100] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1453.570197] RIP: 0033:0x7fcdf05c8b19 [ 1453.570995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.574896] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1453.576541] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1453.578064] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1453.579579] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1453.581099] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1453.582616] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1453.584167] [ 1453.600456] blktrace: Concurrent blktraces are not allowed on sg0 [ 1453.616524] blktrace: Concurrent blktraces are not allowed on sg0 02:58:30 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:58:30 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x34000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:58:30 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x4}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1453.922581] blktrace: Concurrent blktraces are not allowed on sg0 [ 1453.941820] blktrace: Concurrent blktraces are not allowed on sg0 02:58:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 12) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:58:46 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x80000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:58:46 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x5}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:58:46 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) socketpair(0x0, 0x2, 0x81, &(0x7f0000000040)={0xffffffffffffffff}) poll(&(0x7f0000000080)=[{r2, 0x1000}, {r0, 0x8202}, {r3, 0x8}], 0x3, 0xfffffeff) 02:58:46 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 6) 02:58:46 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:58:46 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 10) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:58:46 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1469.133247] FAULT_INJECTION: forcing a failure. [ 1469.133247] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.135208] CPU: 0 PID: 8829 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.136239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.137667] Call Trace: [ 1469.137982] [ 1469.138262] dump_stack_lvl+0x8b/0xb3 [ 1469.138747] should_fail.cold+0x5/0xa [ 1469.139223] ? create_object.isra.0+0x3a/0xa20 [ 1469.139796] should_failslab+0x5/0x10 [ 1469.140273] kmem_cache_alloc+0x5b/0x480 [ 1469.140808] create_object.isra.0+0x3a/0xa20 [ 1469.141352] ? kasan_unpoison+0x23/0x50 [ 1469.141843] __kmalloc_node_track_caller+0x269/0x440 [ 1469.142480] ? netlink_sendmsg+0x98d/0xe00 [ 1469.143006] __alloc_skb+0xe3/0x340 [ 1469.143457] netlink_sendmsg+0x98d/0xe00 [ 1469.143955] ? netlink_unicast+0x800/0x800 [ 1469.144602] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.145247] ? netlink_unicast+0x800/0x800 [ 1469.145742] sock_sendmsg+0x150/0x190 [ 1469.146185] ____sys_sendmsg+0x703/0x870 [ 1469.146659] ? kernel_sendmsg+0x50/0x50 [ 1469.147114] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1469.147630] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1469.148234] ? lock_release+0x3b2/0x750 [ 1469.148704] ___sys_sendmsg+0xf3/0x170 [ 1469.149146] ? sendmsg_copy_msghdr+0x160/0x160 [ 1469.149664] ? lock_release+0x3b2/0x750 [ 1469.150121] ? lock_downgrade+0x6d0/0x6d0 [ 1469.150600] ? lock_release+0x3b2/0x750 [ 1469.151053] ? ksys_write+0x20c/0x250 [ 1469.151489] ? lock_downgrade+0x6d0/0x6d0 [ 1469.151969] ? __fget_files+0x287/0x470 [ 1469.152433] ? __fget_light+0xea/0x270 [ 1469.152894] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1469.153526] __sys_sendmsg+0xe5/0x1b0 [ 1469.153979] ? __sys_sendmsg_sock+0x30/0x30 [ 1469.154502] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.155189] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1469.155817] do_syscall_64+0x3b/0x90 [ 1469.156271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.156900] RIP: 0033:0x7f406f897b19 [ 1469.157346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.159557] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1469.160459] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1469.161323] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1469.162179] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1469.163040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1469.163905] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1469.164774] [ 1469.174885] blktrace: Concurrent blktraces are not allowed on sg0 [ 1469.176407] FAULT_INJECTION: forcing a failure. [ 1469.176407] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1469.178902] CPU: 1 PID: 8837 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.179133] blktrace: Concurrent blktraces are not allowed on sg0 [ 1469.180484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.180502] Call Trace: [ 1469.180510] [ 1469.184298] dump_stack_lvl+0x8b/0xb3 [ 1469.185086] should_fail.cold+0x5/0xa [ 1469.185830] prepare_alloc_pages+0x17b/0x500 [ 1469.186706] __alloc_pages+0x131/0x4e0 [ 1469.187465] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1469.188630] ? kmalloc_large_node+0xc3/0x110 [ 1469.189535] kmalloc_large_node+0x5e/0x110 [ 1469.190374] __kmalloc_node+0x33c/0x470 [ 1469.191151] ? lockdep_init_map_type+0x21a/0x7e0 [ 1469.192075] kvmalloc_node+0xa0/0x130 [ 1469.192829] alloc_netdev_mqs+0x967/0xf60 [ 1469.193646] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1469.194483] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1469.195375] ? lock_is_held_type+0xd7/0x130 [ 1469.196223] ? selinux_file_ioctl+0xb1/0x260 [ 1469.196939] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1469.197116] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.199079] ? tun_chr_compat_ioctl+0x30/0x30 [ 1469.199961] __x64_sys_ioctl+0x196/0x210 [ 1469.200775] do_syscall_64+0x3b/0x90 [ 1469.201519] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.202513] RIP: 0033:0x7fb21bfaab19 [ 1469.203224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.206739] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1469.208207] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1469.209591] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1469.210957] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1469.212321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1469.213708] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1469.215107] [ 1469.230147] FAULT_INJECTION: forcing a failure. [ 1469.230147] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.232449] CPU: 1 PID: 8836 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.234039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.236218] Call Trace: [ 1469.236735] [ 1469.237162] dump_stack_lvl+0x8b/0xb3 [ 1469.237907] should_fail.cold+0x5/0xa [ 1469.238648] ? security_file_alloc+0x34/0x170 [ 1469.239518] should_failslab+0x5/0x10 [ 1469.240258] kmem_cache_alloc+0x5b/0x480 [ 1469.241077] security_file_alloc+0x34/0x170 [ 1469.241915] __alloc_file+0xb6/0x230 [ 1469.242635] alloc_empty_file+0x6d/0x170 [ 1469.243422] alloc_file+0x59/0x580 [ 1469.244120] alloc_file_pseudo+0x16a/0x250 [ 1469.245080] ? alloc_file+0x580/0x580 [ 1469.245829] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 1469.246923] ? shmem_get_inode+0x619/0xcb0 [ 1469.247768] __shmem_file_setup+0x144/0x310 [ 1469.248629] __do_sys_memfd_create+0x1c6/0x4e0 [ 1469.249563] do_syscall_64+0x3b/0x90 [ 1469.250318] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.251332] RIP: 0033:0x7fcdf05c8b19 [ 1469.252043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.255643] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1469.257155] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1469.258546] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1469.259937] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1469.261402] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1469.262817] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1469.264258] [ 1469.275453] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 02:58:46 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x74, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:58:46 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x6}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:58:46 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 7) [ 1469.333519] blktrace: Concurrent blktraces are not allowed on sg0 [ 1469.366244] FAULT_INJECTION: forcing a failure. [ 1469.366244] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1469.367604] CPU: 0 PID: 8858 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.368472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.369707] Call Trace: [ 1469.369978] [ 1469.370216] dump_stack_lvl+0x8b/0xb3 [ 1469.370639] should_fail.cold+0x5/0xa [ 1469.371053] _copy_from_iter+0x37d/0x14d0 [ 1469.371530] ? _copy_from_iter_nocache+0x14a0/0x14a0 [ 1469.372075] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1469.372591] ? memset+0x20/0x40 [ 1469.372960] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1469.373575] ? __virt_addr_valid+0xe9/0x350 [ 1469.374044] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1469.374581] ? is_vmalloc_addr+0x7b/0xb0 [ 1469.375012] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1469.375611] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1469.376149] ? __check_object_size+0x1b5/0x890 [ 1469.376647] netlink_sendmsg+0x86b/0xe00 [ 1469.377104] ? netlink_unicast+0x800/0x800 [ 1469.377562] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.378151] ? netlink_unicast+0x800/0x800 [ 1469.378601] sock_sendmsg+0x150/0x190 [ 1469.379015] ____sys_sendmsg+0x703/0x870 [ 1469.379455] ? kernel_sendmsg+0x50/0x50 [ 1469.379895] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1469.380379] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1469.380942] ? lock_release+0x3b2/0x750 [ 1469.381369] ___sys_sendmsg+0xf3/0x170 [ 1469.381779] ? sendmsg_copy_msghdr+0x160/0x160 [ 1469.382256] ? lock_release+0x3b2/0x750 [ 1469.382673] ? lock_downgrade+0x6d0/0x6d0 [ 1469.383132] ? lock_release+0x3b2/0x750 [ 1469.383570] ? ksys_write+0x20c/0x250 [ 1469.383975] ? lock_downgrade+0x6d0/0x6d0 [ 1469.384425] ? __fget_files+0x287/0x470 [ 1469.384880] ? __fget_light+0xea/0x270 [ 1469.385297] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1469.385892] __sys_sendmsg+0xe5/0x1b0 [ 1469.386295] ? __sys_sendmsg_sock+0x30/0x30 [ 1469.386760] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.387367] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1469.387925] do_syscall_64+0x3b/0x90 [ 1469.388329] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.388885] RIP: 0033:0x7f406f897b19 [ 1469.389279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.391227] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1469.392031] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1469.392792] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1469.393558] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1469.394329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1469.395105] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1469.395863] 02:58:46 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x400300, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:58:46 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x7400, 0x80, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:58:46 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x7}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:58:46 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) sendmsg$NL80211_CMD_GET_POWER_SAVE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, ["", "", "", "", ""]}, 0x1c}}, 0x40000) 02:58:46 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {0x0}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1469.502465] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 02:58:46 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf0ffff, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1469.540263] blktrace: Concurrent blktraces are not allowed on sg0 [ 1469.554472] blktrace: Concurrent blktraces are not allowed on sg0 02:58:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 13) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:58:46 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 11) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:58:46 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 8) [ 1469.599386] FAULT_INJECTION: forcing a failure. [ 1469.599386] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.601827] CPU: 1 PID: 8877 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.603482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.605777] Call Trace: [ 1469.606285] [ 1469.606728] dump_stack_lvl+0x8b/0xb3 [ 1469.607522] should_fail.cold+0x5/0xa [ 1469.607799] FAULT_INJECTION: forcing a failure. [ 1469.607799] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.608288] ? create_object.isra.0+0x3a/0xa20 [ 1469.610391] should_failslab+0x5/0x10 [ 1469.611158] kmem_cache_alloc+0x5b/0x480 [ 1469.611989] create_object.isra.0+0x3a/0xa20 [ 1469.612889] kmalloc_large_node+0xc3/0x110 [ 1469.613741] __kmalloc_node+0x33c/0x470 [ 1469.614536] ? lockdep_init_map_type+0x21a/0x7e0 [ 1469.615490] kvmalloc_node+0xa0/0x130 [ 1469.616252] alloc_netdev_mqs+0x967/0xf60 [ 1469.617107] __tun_chr_ioctl+0x1b4a/0x3f10 [ 1469.617976] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1469.618895] ? lock_is_held_type+0xd7/0x130 [ 1469.619767] ? selinux_file_ioctl+0xb1/0x260 [ 1469.620656] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.621769] ? tun_chr_compat_ioctl+0x30/0x30 [ 1469.622673] __x64_sys_ioctl+0x196/0x210 [ 1469.623480] do_syscall_64+0x3b/0x90 [ 1469.624234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.625251] RIP: 0033:0x7fb21bfaab19 [ 1469.625984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.629553] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1469.631063] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1469.632438] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1469.633864] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1469.635279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1469.636694] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1469.638098] [ 1469.638561] CPU: 0 PID: 8882 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.639467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.640697] Call Trace: [ 1469.640967] [ 1469.641201] dump_stack_lvl+0x8b/0xb3 [ 1469.641624] should_fail.cold+0x5/0xa [ 1469.642036] ? create_object.isra.0+0x3a/0xa20 [ 1469.642531] should_failslab+0x5/0x10 [ 1469.642946] kmem_cache_alloc+0x5b/0x480 [ 1469.643396] create_object.isra.0+0x3a/0xa20 [ 1469.643870] ? kasan_unpoison+0x23/0x50 [ 1469.644325] kmem_cache_alloc+0x239/0x480 [ 1469.644788] security_file_alloc+0x34/0x170 [ 1469.645259] __alloc_file+0xb6/0x230 [ 1469.645652] alloc_empty_file+0x6d/0x170 [ 1469.646085] alloc_file+0x59/0x580 [ 1469.646475] alloc_file_pseudo+0x16a/0x250 [ 1469.646932] ? alloc_file+0x580/0x580 [ 1469.647341] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 1469.647951] ? shmem_get_inode+0x619/0xcb0 [ 1469.648408] __shmem_file_setup+0x144/0x310 [ 1469.648882] __do_sys_memfd_create+0x1c6/0x4e0 [ 1469.649373] do_syscall_64+0x3b/0x90 [ 1469.649782] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.650326] RIP: 0033:0x7fcdf05c8b19 [ 1469.650724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.652696] RSP: 002b:00007fcdedb3df48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1469.653489] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00007fcdf05c8b19 [ 1469.654246] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fcdf06220fb [ 1469.655007] RBP: 0000000000000002 R08: 0000000000010000 R09: ffffffffffffffff [ 1469.655772] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 1469.656531] R13: 00000000200000c0 R14: 0000000000020000 R15: 0000000020000040 [ 1469.657297] [ 1469.742110] FAULT_INJECTION: forcing a failure. [ 1469.742110] name failslab, interval 1, probability 0, space 0, times 0 [ 1469.743370] CPU: 0 PID: 8879 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1469.744238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1469.745453] Call Trace: [ 1469.745723] [ 1469.745954] dump_stack_lvl+0x8b/0xb3 [ 1469.746364] should_fail.cold+0x5/0xa [ 1469.746768] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290 [ 1469.747471] should_failslab+0x5/0x10 [ 1469.747877] __kmalloc+0x72/0x440 [ 1469.748246] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.748844] genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290 [ 1469.749514] genl_family_rcv_msg_doit+0xda/0x330 [ 1469.750016] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1469.750706] ? mutex_lock_io_nested+0x1310/0x1310 [ 1469.751222] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.751840] ? cap_capable+0x1eb/0x250 [ 1469.752283] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.752913] ? security_capable+0x95/0xc0 [ 1469.753371] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.753982] ? ns_capable+0xd9/0x100 [ 1469.754409] genl_rcv_msg+0x33c/0x5a0 [ 1469.754837] ? genl_get_cmd+0x480/0x480 [ 1469.755285] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1469.755857] ? lock_release+0x750/0x750 [ 1469.756313] netlink_rcv_skb+0x14b/0x430 [ 1469.756780] ? genl_get_cmd+0x480/0x480 [ 1469.757228] ? netlink_ack+0xa80/0xa80 [ 1469.757659] ? netlink_deliver_tap+0x1b2/0xc30 [ 1469.758147] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1469.758676] ? is_vmalloc_addr+0x7b/0xb0 [ 1469.759112] genl_rcv+0x24/0x40 [ 1469.759458] netlink_unicast+0x54a/0x800 [ 1469.759890] ? netlink_attachskb+0x880/0x880 [ 1469.760349] ? is_vmalloc_addr+0x7b/0xb0 [ 1469.760804] netlink_sendmsg+0x904/0xe00 [ 1469.761238] ? netlink_unicast+0x800/0x800 [ 1469.761710] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.762319] ? netlink_unicast+0x800/0x800 [ 1469.762793] sock_sendmsg+0x150/0x190 [ 1469.763219] ____sys_sendmsg+0x703/0x870 [ 1469.763680] ? kernel_sendmsg+0x50/0x50 [ 1469.764127] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1469.764630] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1469.765222] ? lock_release+0x3b2/0x750 [ 1469.765672] ___sys_sendmsg+0xf3/0x170 [ 1469.766100] ? sendmsg_copy_msghdr+0x160/0x160 [ 1469.766596] ? lock_release+0x3b2/0x750 [ 1469.767039] ? lock_downgrade+0x6d0/0x6d0 [ 1469.767506] ? lock_release+0x3b2/0x750 [ 1469.767950] ? ksys_write+0x20c/0x250 [ 1469.768375] ? lock_downgrade+0x6d0/0x6d0 [ 1469.768854] ? __fget_files+0x287/0x470 [ 1469.769308] ? __fget_light+0xea/0x270 [ 1469.769753] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1469.770366] __sys_sendmsg+0xe5/0x1b0 [ 1469.770794] ? __sys_sendmsg_sock+0x30/0x30 [ 1469.771273] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1469.771896] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1469.772469] do_syscall_64+0x3b/0x90 [ 1469.772909] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1469.773480] RIP: 0033:0x7f406f897b19 [ 1469.773885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1469.775911] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1469.776776] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1469.777559] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1469.778332] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1469.779107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1469.779880] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1469.780668] 02:59:02 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 9) 02:59:02 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 12) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:59:02 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x74, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:02 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x1000000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:59:02 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x108}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:02 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 14) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:02 executing program 4: ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8919, &(0x7f0000000000)={'lo\x00'}) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r1) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000380)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) sendfile(0xffffffffffffffff, r0, &(0x7f0000000080)=0xc65d, 0x7) r4 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x20500, 0x140) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000340)={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, r2}, 0xc) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) r5 = syz_open_dev$vcsa(&(0x7f0000000140), 0x7, 0x8000) r6 = accept4$packet(r4, &(0x7f0000000780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000007c0)=0x14, 0x800) ioctl$INCFS_IOC_PERMIT_FILL(r6, 0x40046721, &(0x7f0000000800)={r4}) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r7, 0x0) getresuid(&(0x7f0000000580), &(0x7f00000005c0)=0x0, &(0x7f0000000600)) syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x7ff, 0x2, &(0x7f0000000540)=[{&(0x7f0000000240)="b52e0a7bafd2327f7a01578f24dceee3a4ab6975f158a969809d5e26ffd14173b47f1cc66f5eec2dbce2675ac721957982e0882862d18277f1078c174af6d734c0548871e7c8d89aaee341e138a1c6ba0d16e994b1d0ba46f286fcd4b55f0628425dfc5fbdeb2ebd91f6f4b1604dbf96d01b5c4b4320098b33ba6259ab4802c9bf01dfb4643cdc4c01b1c0ba5c4fbbd2b671648368790bae705f6da50959bef44bb5c2cd54192390c90a152a0aa2acb20e055af35db315a3fe7b5cd627bb", 0xbe, 0x4}, {&(0x7f0000000480)="1dbef0ff1ca1c63bde0fe2ae38e26c15c8cf4dc82d4d1e2f7655b028d5deb608b473eccb24215318161c41c23beddf28cec9a47ddbeb4e58c85989558761c84583112301199902ec91beb996b86c059f9195f72afdc989169ef30dc735d774022a2e80efb8d1534d644745b6685cfb8276a8d5f2e575f3c933c5bb811c581d752090392c05a8181ff2aaa796819a", 0x8e}], 0x5011, &(0x7f0000000640)={[{@commit={'commit', 0x3d, 0x5}}, {@delalloc}, {@errors_continue}, {@dioread_lock}, {@errors_remount}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@obj_type={'obj_type', 0x3d, '/dev/vcsa#\x00'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@uid_eq={'uid', 0x3d, r7}}, {@fowner_eq={'fowner', 0x3d, r3}}, {@uid_gt={'uid>', r8}}, {@obj_role={'obj_role', 0x3d, '/dev/vcsa#\x00'}}, {@obj_role={'obj_role', 0x3d, 'i#,.:'}}, {@smackfsroot}]}) setsockopt$IP_VS_SO_SET_DEL(r5, 0x0, 0x484, &(0x7f0000000180)={0x3a, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e24, 0x4, 'sh\x00', 0x2, 0x0, 0x4a}, 0x2c) 02:59:02 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {0x0}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1485.147622] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1485.150370] FAULT_INJECTION: forcing a failure. [ 1485.150370] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1485.151990] CPU: 0 PID: 8901 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.152846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.154026] Call Trace: [ 1485.154295] [ 1485.154530] dump_stack_lvl+0x8b/0xb3 [ 1485.154943] should_fail.cold+0x5/0xa [ 1485.155347] prepare_alloc_pages+0x17b/0x500 [ 1485.155819] __alloc_pages+0x131/0x4e0 [ 1485.156222] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1485.156843] ? lock_release+0x3b2/0x750 [ 1485.157284] ? avc_has_perm_noaudit+0x1c8/0x390 [ 1485.157778] ? find_held_lock+0x2c/0x110 [ 1485.158204] ? lock_release+0x3b2/0x750 [ 1485.158625] ? __filemap_get_folio+0x2d4/0xfe0 [ 1485.159106] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 1485.159635] alloc_pages_vma+0xde/0x500 [ 1485.160058] shmem_alloc_page+0x107/0x1d0 [ 1485.160492] ? shmem_add_to_page_cache+0x1650/0x1650 [ 1485.161046] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.161625] ? percpu_counter_add_batch+0xb4/0x170 [ 1485.162140] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1485.162661] ? __vm_enough_memory+0x184/0x360 [ 1485.163136] shmem_getpage_gfp.constprop.0+0x651/0x2190 [ 1485.163704] ? shmem_unuse_inode+0xde0/0xde0 [ 1485.164160] ? ktime_get_coarse_real_ts64+0x159/0x190 [ 1485.164696] ? fault_in_readable+0x18a/0x250 [ 1485.165182] ? fault_in_writeable+0x1d0/0x1d0 [ 1485.165646] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1485.166170] shmem_write_begin+0xfd/0x1d0 [ 1485.166606] generic_perform_write+0x24c/0x570 [ 1485.167092] ? folio_unlock+0xb0/0xb0 [ 1485.167492] ? discard_new_inode+0x190/0x190 [ 1485.167951] ? generic_write_checks+0x25f/0x390 [ 1485.168446] __generic_file_write_iter+0x2d6/0x480 [ 1485.168991] generic_file_write_iter+0xd7/0x220 [ 1485.169470] ? iov_iter_init+0x45/0x1b0 [ 1485.169887] new_sync_write+0x390/0x560 [ 1485.170296] ? new_sync_read+0x5f0/0x5f0 [ 1485.170718] ? x86_pmu_enable+0xb20/0xd90 [ 1485.171157] ? lock_release+0x750/0x750 [ 1485.171579] ? lock_is_held_type+0xd7/0x130 [ 1485.172027] vfs_write+0x7b9/0xac0 [ 1485.172405] __x64_sys_pwrite64+0x1f7/0x250 [ 1485.172856] ? vfs_write+0xac0/0xac0 [ 1485.173255] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.173789] do_syscall_64+0x3b/0x90 [ 1485.174176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.174713] RIP: 0033:0x7fcdf057bab7 [ 1485.175093] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1485.176973] RSP: 002b:00007fcdedb3df20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1485.177762] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057bab7 [ 1485.178484] RDX: 0000000000000025 RSI: 0000000020010000 RDI: 0000000000000005 [ 1485.179214] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1485.179936] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 1485.180660] R13: 0000000000000005 R14: 0000000020000040 R15: 0000000000000000 [ 1485.181421] [ 1485.188320] FAULT_INJECTION: forcing a failure. [ 1485.188320] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.190791] CPU: 1 PID: 8899 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.192394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.194613] Call Trace: [ 1485.195117] 02:59:02 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x2000000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1485.195560] dump_stack_lvl+0x8b/0xb3 [ 1485.196460] should_fail.cold+0x5/0xa [ 1485.197240] ? register_netdevice+0x3e3/0x1470 [ 1485.198152] should_failslab+0x5/0x10 [ 1485.198910] kmem_cache_alloc_trace+0x55/0x3c0 [ 1485.199825] register_netdevice+0x3e3/0x1470 [ 1485.200696] ? __xdp_rxq_info_reg+0x187/0x340 [ 1485.201599] ? netdev_change_features+0xb0/0xb0 [ 1485.202521] ? dev_addr_mod+0x29a/0x340 [ 1485.203322] __tun_chr_ioctl+0x20dd/0x3f10 [ 1485.204179] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1485.205107] ? lock_is_held_type+0xd7/0x130 [ 1485.205983] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.207077] ? tun_chr_compat_ioctl+0x30/0x30 [ 1485.207967] __x64_sys_ioctl+0x196/0x210 [ 1485.208779] do_syscall_64+0x3b/0x90 [ 1485.209536] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.210546] RIP: 0033:0x7fb21bfaab19 [ 1485.211269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.214969] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1485.216579] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1485.218089] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1485.219589] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1485.221110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1485.222603] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1485.224117] [ 1485.230958] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.240450] blktrace: Concurrent blktraces are not allowed on sg0 02:59:02 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:02 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x300}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1485.323100] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.326211] blktrace: Concurrent blktraces are not allowed on sg0 02:59:02 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 15) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:02 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x500}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1485.395253] FAULT_INJECTION: forcing a failure. [ 1485.395253] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1485.398234] CPU: 1 PID: 8919 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.399992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.402466] Call Trace: [ 1485.402979] [ 1485.403468] dump_stack_lvl+0x8b/0xb3 [ 1485.404284] should_fail.cold+0x5/0xa [ 1485.405174] copy_page_from_iter_atomic+0x4e4/0x1b10 [ 1485.406292] ? iov_iter_get_pages_alloc+0x15a0/0x15a0 [ 1485.407461] ? fault_in_readable+0x18a/0x250 [ 1485.408411] ? fault_in_writeable+0x1d0/0x1d0 [ 1485.409390] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1485.410499] ? shmem_write_begin+0xfd/0x1d0 [ 1485.411447] ? shmem_write_begin+0x106/0x1d0 [ 1485.412360] generic_perform_write+0x2c2/0x570 [ 1485.413688] ? folio_unlock+0xb0/0xb0 [ 1485.414626] ? discard_new_inode+0x190/0x190 [ 1485.415686] ? generic_write_checks+0x25f/0x390 [ 1485.416807] __generic_file_write_iter+0x2d6/0x480 [ 1485.418017] generic_file_write_iter+0xd7/0x220 [ 1485.419239] ? iov_iter_init+0x45/0x1b0 [ 1485.420424] new_sync_write+0x390/0x560 [ 1485.421519] ? new_sync_read+0x5f0/0x5f0 [ 1485.422636] ? x86_pmu_enable+0xb20/0xd90 [ 1485.423874] ? lock_release+0x750/0x750 [ 1485.424992] ? lock_is_held_type+0xd7/0x130 [ 1485.426169] vfs_write+0x7b9/0xac0 [ 1485.427063] __x64_sys_pwrite64+0x1f7/0x250 [ 1485.428125] ? vfs_write+0xac0/0xac0 [ 1485.428998] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.430031] do_syscall_64+0x3b/0x90 [ 1485.430799] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.431864] RIP: 0033:0x7fcdf057bab7 [ 1485.432719] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 1485.436528] RSP: 002b:00007fcdedb3df20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1485.438031] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057bab7 [ 1485.439440] RDX: 0000000000000025 RSI: 0000000020010000 RDI: 0000000000000005 [ 1485.440845] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff [ 1485.442249] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 1485.443651] R13: 0000000000000005 R14: 0000000020000040 R15: 0000000000000000 [ 1485.445092] [ 1485.446047] FAULT_INJECTION: forcing a failure. [ 1485.446047] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.448281] CPU: 1 PID: 8896 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.449902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.452129] Call Trace: [ 1485.452631] [ 1485.453093] dump_stack_lvl+0x8b/0xb3 [ 1485.453866] should_fail.cold+0x5/0xa [ 1485.454625] ? create_object.isra.0+0x3a/0xa20 [ 1485.455529] should_failslab+0x5/0x10 [ 1485.456286] kmem_cache_alloc+0x5b/0x480 [ 1485.457116] create_object.isra.0+0x3a/0xa20 [ 1485.457985] ? kasan_unpoison+0x23/0x50 [ 1485.458775] __kmalloc+0x25b/0x440 [ 1485.459494] genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290 [ 1485.460947] genl_family_rcv_msg_doit+0xda/0x330 [ 1485.461990] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1485.463301] ? mutex_lock_io_nested+0x1310/0x1310 [ 1485.464275] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.465400] ? cap_capable+0x1eb/0x250 [ 1485.466208] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.467322] ? security_capable+0x95/0xc0 [ 1485.468167] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.469285] ? ns_capable+0xd9/0x100 [ 1485.470056] genl_rcv_msg+0x33c/0x5a0 [ 1485.470832] ? genl_get_cmd+0x480/0x480 [ 1485.471635] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1485.472681] ? lock_release+0x750/0x750 [ 1485.473511] netlink_rcv_skb+0x14b/0x430 [ 1485.474323] ? genl_get_cmd+0x480/0x480 [ 1485.475121] ? netlink_ack+0xa80/0xa80 [ 1485.475910] ? netlink_deliver_tap+0x1b2/0xc30 [ 1485.476834] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1485.477847] ? is_vmalloc_addr+0x7b/0xb0 [ 1485.478678] genl_rcv+0x24/0x40 [ 1485.479339] netlink_unicast+0x54a/0x800 [ 1485.480157] ? netlink_attachskb+0x880/0x880 [ 1485.481034] ? is_vmalloc_addr+0x7b/0xb0 [ 1485.481864] netlink_sendmsg+0x904/0xe00 [ 1485.482682] ? netlink_unicast+0x800/0x800 [ 1485.483530] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.484635] ? netlink_unicast+0x800/0x800 [ 1485.485496] sock_sendmsg+0x150/0x190 [ 1485.486271] ____sys_sendmsg+0x703/0x870 [ 1485.487095] ? kernel_sendmsg+0x50/0x50 [ 1485.487892] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1485.488798] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1485.489861] ? lock_release+0x3b2/0x750 [ 1485.490671] ___sys_sendmsg+0xf3/0x170 [ 1485.491449] ? sendmsg_copy_msghdr+0x160/0x160 [ 1485.492361] ? lock_release+0x3b2/0x750 [ 1485.493167] ? lock_downgrade+0x6d0/0x6d0 [ 1485.494000] ? lock_release+0x3b2/0x750 [ 1485.494795] ? ksys_write+0x20c/0x250 [ 1485.495560] ? lock_downgrade+0x6d0/0x6d0 [ 1485.496397] ? __fget_files+0x287/0x470 [ 1485.497233] ? __fget_light+0xea/0x270 [ 1485.498037] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1485.499158] __sys_sendmsg+0xe5/0x1b0 [ 1485.499915] ? __sys_sendmsg_sock+0x30/0x30 [ 1485.500766] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.501897] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.502931] do_syscall_64+0x3b/0x90 [ 1485.503681] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.504702] RIP: 0033:0x7f406f897b19 [ 1485.505453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.509176] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1485.510677] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1485.512094] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1485.513527] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1485.514945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1485.516368] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1485.517825] [ 1485.520121] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1485.532544] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.541809] blktrace: Concurrent blktraces are not allowed on sg0 02:59:02 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:02 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {0x0}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:59:02 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 13) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1485.641418] FAULT_INJECTION: forcing a failure. [ 1485.641418] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.642750] CPU: 0 PID: 8931 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.643617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.644806] Call Trace: [ 1485.645074] [ 1485.645303] dump_stack_lvl+0x8b/0xb3 [ 1485.645716] should_fail.cold+0x5/0xa [ 1485.646109] ? create_object.isra.0+0x3a/0xa20 [ 1485.646598] should_failslab+0x5/0x10 [ 1485.647000] kmem_cache_alloc+0x5b/0x480 [ 1485.647429] create_object.isra.0+0x3a/0xa20 [ 1485.647888] ? kasan_unpoison+0x23/0x50 [ 1485.648307] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1485.648807] register_netdevice+0x3e3/0x1470 [ 1485.649275] ? __xdp_rxq_info_reg+0x187/0x340 [ 1485.649761] ? netdev_change_features+0xb0/0xb0 [ 1485.650257] ? dev_addr_mod+0x29a/0x340 [ 1485.650679] __tun_chr_ioctl+0x20dd/0x3f10 [ 1485.651124] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1485.651608] ? lock_is_held_type+0xd7/0x130 [ 1485.652073] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.652649] ? tun_chr_compat_ioctl+0x30/0x30 [ 1485.653141] __x64_sys_ioctl+0x196/0x210 [ 1485.653566] do_syscall_64+0x3b/0x90 [ 1485.653960] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.654494] RIP: 0033:0x7fb21bfaab19 [ 1485.654872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.656746] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1485.657535] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1485.658258] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1485.658991] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1485.659733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1485.660459] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1485.661223] [ 1485.714159] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 02:59:03 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 10) 02:59:03 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:03 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x600}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:03 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 16) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:03 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'gretap0\x00'}) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'veth0_to_hsr\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1485.828036] FAULT_INJECTION: forcing a failure. [ 1485.828036] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.829442] CPU: 0 PID: 8942 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.830331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.831545] Call Trace: [ 1485.831821] [ 1485.832063] dump_stack_lvl+0x8b/0xb3 [ 1485.832338] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.832479] should_fail.cold+0x5/0xa [ 1485.832499] ? getname_flags.part.0+0x50/0x4f0 [ 1485.834658] should_failslab+0x5/0x10 [ 1485.835071] kmem_cache_alloc+0x5b/0x480 [ 1485.835528] getname_flags.part.0+0x50/0x4f0 [ 1485.836017] getname+0x8e/0xd0 [ 1485.836362] do_sys_openat2+0xf5/0x4c0 [ 1485.836794] ? build_open_flags+0x6f0/0x6f0 [ 1485.837287] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.837895] __x64_sys_openat+0x13f/0x1f0 [ 1485.838343] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1485.838866] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1485.839422] do_syscall_64+0x3b/0x90 [ 1485.839844] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.840393] RIP: 0033:0x7fcdf057ba04 [ 1485.840795] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1485.841483] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.842777] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1485.842793] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1485.842802] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1485.842811] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1485.847156] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1485.847926] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1485.848702] 02:59:03 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 14) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:59:03 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:03 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x700}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1485.973582] FAULT_INJECTION: forcing a failure. [ 1485.973582] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.974948] CPU: 0 PID: 8953 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1485.975799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1485.976968] Call Trace: [ 1485.977253] [ 1485.977486] dump_stack_lvl+0x8b/0xb3 [ 1485.977892] should_fail.cold+0x5/0xa [ 1485.978288] ? create_object.isra.0+0x3a/0xa20 [ 1485.978765] should_failslab+0x5/0x10 [ 1485.979163] kmem_cache_alloc+0x5b/0x480 [ 1485.979596] create_object.isra.0+0x3a/0xa20 [ 1485.980059] kmemleak_alloc_percpu+0xa0/0x100 [ 1485.980527] pcpu_alloc+0x7bf/0x1060 [ 1485.980933] ? tun_chr_ioctl+0x30/0x30 [ 1485.981346] tun_net_init+0x55/0x640 [ 1485.981749] ? tun_chr_ioctl+0x30/0x30 [ 1485.982165] register_netdevice+0x54f/0x1470 [ 1485.982638] ? netdev_change_features+0xb0/0xb0 [ 1485.983124] ? dev_addr_mod+0x29a/0x340 [ 1485.983364] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.983544] __tun_chr_ioctl+0x20dd/0x3f10 [ 1485.985271] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1485.985754] ? lock_is_held_type+0xd7/0x130 [ 1485.986215] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1485.986791] ? tun_chr_compat_ioctl+0x30/0x30 [ 1485.987261] __x64_sys_ioctl+0x196/0x210 [ 1485.987693] do_syscall_64+0x3b/0x90 [ 1485.988090] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1485.988625] RIP: 0033:0x7fb21bfaab19 [ 1485.989024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1485.990974] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1485.991187] blktrace: Concurrent blktraces are not allowed on sg0 [ 1485.991764] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1485.991775] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1485.991784] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1485.991793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1485.991801] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1485.991824] [ 1486.002334] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1486.005607] FAULT_INJECTION: forcing a failure. [ 1486.005607] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1486.008038] CPU: 1 PID: 8949 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1486.009680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1486.011902] Call Trace: [ 1486.012407] [ 1486.012846] dump_stack_lvl+0x8b/0xb3 [ 1486.013631] should_fail.cold+0x5/0xa [ 1486.014396] prepare_alloc_pages+0x17b/0x500 [ 1486.015287] __alloc_pages+0x131/0x4e0 [ 1486.016056] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1486.017251] ? mark_lock.part.0+0xef/0x2f60 [ 1486.018139] alloc_pages+0x1a0/0x2f0 [ 1486.018889] kmalloc_order+0x30/0xd0 [ 1486.019640] kmalloc_order_trace+0x14/0xf0 [ 1486.020483] wiphy_new_nm+0x6f0/0x1fa0 [ 1486.021283] ? mark_held_locks+0x9e/0xe0 [ 1486.022093] ieee80211_alloc_hw_nm+0x370/0x2190 [ 1486.023028] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1486.024003] ? lock_is_held_type+0xd7/0x130 [ 1486.024861] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1486.025986] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1486.026970] ? hwsim_virtio_rx_work+0x360/0x360 [ 1486.027889] ? lock_release+0x3b2/0x750 [ 1486.028678] ? __kmalloc+0x25b/0x440 [ 1486.029451] hwsim_new_radio_nl+0x9ab/0x1050 [ 1486.030458] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1486.030504] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1486.030541] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1486.030570] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1486.030611] genl_family_rcv_msg_doit+0x22d/0x330 [ 1486.030642] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1486.030671] ? mutex_lock_io_nested+0x1310/0x1310 [ 1486.030702] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1486.030738] ? cap_capable+0x1eb/0x250 [ 1486.030792] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1486.030828] ? ns_capable+0xd9/0x100 [ 1486.030874] genl_rcv_msg+0x33c/0x5a0 [ 1486.030906] ? genl_get_cmd+0x480/0x480 [ 1486.030933] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1486.030967] ? lock_release+0x750/0x750 [ 1486.031008] netlink_rcv_skb+0x14b/0x430 [ 1486.031033] ? genl_get_cmd+0x480/0x480 [ 1486.031062] ? netlink_ack+0xa80/0xa80 [ 1486.031099] ? netlink_deliver_tap+0x1b2/0xc30 [ 1486.031136] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1486.031172] ? is_vmalloc_addr+0x7b/0xb0 [ 1486.031210] genl_rcv+0x24/0x40 [ 1486.031232] netlink_unicast+0x54a/0x800 [ 1486.031265] ? netlink_attachskb+0x880/0x880 [ 1486.031287] ? is_vmalloc_addr+0x7b/0xb0 [ 1486.031334] netlink_sendmsg+0x904/0xe00 [ 1486.031369] ? netlink_unicast+0x800/0x800 [ 1486.031405] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1486.031445] ? netlink_unicast+0x800/0x800 [ 1486.057131] sock_sendmsg+0x150/0x190 [ 1486.057899] ____sys_sendmsg+0x703/0x870 [ 1486.058771] ? kernel_sendmsg+0x50/0x50 [ 1486.059566] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1486.060515] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1486.061577] ? lock_release+0x3b2/0x750 [ 1486.062379] ___sys_sendmsg+0xf3/0x170 [ 1486.063147] ? sendmsg_copy_msghdr+0x160/0x160 [ 1486.064067] ? lock_release+0x3b2/0x750 [ 1486.064861] ? lock_downgrade+0x6d0/0x6d0 [ 1486.065701] ? lock_release+0x3b2/0x750 [ 1486.066490] ? ksys_write+0x20c/0x250 [ 1486.067249] ? lock_downgrade+0x6d0/0x6d0 [ 1486.068086] ? __fget_files+0x287/0x470 [ 1486.068900] ? __fget_light+0xea/0x270 [ 1486.069715] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1486.070817] __sys_sendmsg+0xe5/0x1b0 [ 1486.071564] ? __sys_sendmsg_sock+0x30/0x30 [ 1486.072408] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1486.073541] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1486.074568] do_syscall_64+0x3b/0x90 [ 1486.075315] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1486.076330] RIP: 0033:0x7f406f897b19 [ 1486.077064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1486.080671] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1486.082177] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1486.083585] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1486.085000] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1486.086399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1486.087809] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1486.089248] 02:59:19 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 11) 02:59:19 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x3000000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:59:19 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:19 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 17) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:19 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x801}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:19 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:59:19 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 15) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:59:19 executing program 4: socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x509200, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'macvlan0\x00'}) r1 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x8, 0x460b80) sendmsg$inet(r1, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000180)="fb3c69e50ad625fd961206c8f09fc70850201c8815f8d31a53e880a7f5098f9779655e8011e776856e80da5e5d414ad7d0c55f02dcd0dac4241ac985", 0x3c}, {&(0x7f00000001c0)="e75fc50511ee11d2cb3bbfa09a38a1db2caa97206ddc5fd9df9e37881bddc4cbdaf6a71680bbe81a475acd872fb6bc47a1d40ed7c1a0046a4111a6994e9caa8a6f5ebffbb91a02d34cb83bd7b321e45b57b35cf722a789945deb0cf3377d7c55c1a5a46147453f95729854ed0e119be1402aa4d8015cb9faeeaf9ff0974da6ae4585e71deb5f56712906f5536f09db01333f49edd5324de3e022e1e981d0c8cb8e37f8396dd5e7427c6f3cdcb604a23b0822a6a319614b78e6aca178e291", 0xbe}, {&(0x7f0000000280)="ebe8908163ca3a1915f18e0d1e330b258a908f198e11a96bf5c34d55e12cfbfda3cab0bc393385a002571bc6d3ea062839ae0db1ce50017b3809f18f0e026662484b31e5f9c84c437de507b2d44217260d8e199c1820d7b00e5095adf7ea62ec1dd7d56f68bd9955772a508af7726649c686f5f88e55945d4ecceb98868cccaa693ca2994fc4197b699a1ecf2a037a78e61984d662a59977855eb8566e5b36795551938002a3c2eada9c2039a894d6a432f68ccb41b10d273eebf33c802ec232a0fda46bd662b18fbca453acc088876eac32dcd73234629b680c503ff9d962e61339aacd7985e8b925ca7fe5e8efdb66c99b06998f36", 0xf6}, {&(0x7f0000000380)="9cf4b278eb1d6111da2599ed82ed6dbb01af5e1b77e50fe00e2d0d6e2ec335735238f6751d0dde31f8495947d3ecc55bf43e5f", 0x33}, {&(0x7f00000003c0)="a4daf1b4fcde67d7bb320984a7d41651e27456a96ee2783f7f0aea74880491171ec8165617abd98788b0100ce214117e1262767424733d1e6dc31518864dbef3b30c3960eb673cd7ec3ef7d24694870ae0ae250707e004da02dd292a48dad1649c6fc83e7f6a29883e95", 0x6a}, {&(0x7f0000000480)="1be9ead93dec2a73e73471d43626f8f1f74987e11075be70e0db83612263b8fefd736ecd4c497747b45cf968f4c61ba9f9c7d0964178bf447041a4c23655f2ef564bf8e52da7ebf6da05811ad73fbf7124543015420b5c52570ee2d4c61902fc623db0800a2be24bd924a87a2e21ab064e592c4706eadb8253e8709d0dab99fd05c9bc6af6fefa8d63e058c92bc6c141d276514c271fce7ba72ab40fa64475", 0x9f}, {&(0x7f0000000540)="afa29c135f8ae420e447f80fc088490f1f7488176f0aba5b5feb2182cd050b308703065897b9e2e5f39d7a3e1e2a151f3709a2f29003351ca91431106afab248bc977dbcf6991eedddda4459bd", 0x4d}], 0x7, &(0x7f0000000640)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3}}], 0x18}, 0x15) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000006c0)={'veth1_macvtap\x00'}) r2 = epoll_create(0x9) r3 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000440)) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)=0x2) [ 1501.844279] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1501.849295] FAULT_INJECTION: forcing a failure. [ 1501.849295] name failslab, interval 1, probability 0, space 0, times 0 [ 1501.850599] CPU: 0 PID: 8978 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1501.851482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1501.852662] Call Trace: [ 1501.852933] [ 1501.853177] dump_stack_lvl+0x8b/0xb3 [ 1501.853590] should_fail.cold+0x5/0xa [ 1501.853991] ? create_object.isra.0+0x3a/0xa20 [ 1501.854472] should_failslab+0x5/0x10 [ 1501.854880] kmem_cache_alloc+0x5b/0x480 [ 1501.855325] create_object.isra.0+0x3a/0xa20 [ 1501.855813] kmalloc_order+0x9c/0xd0 [ 1501.856211] kmalloc_order_trace+0x14/0xf0 [ 1501.856407] FAULT_INJECTION: forcing a failure. [ 1501.856407] name failslab, interval 1, probability 0, space 0, times 0 [ 1501.856668] wiphy_new_nm+0x6f0/0x1fa0 [ 1501.856690] ? mark_held_locks+0x9e/0xe0 [ 1501.856712] ieee80211_alloc_hw_nm+0x370/0x2190 [ 1501.856735] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1501.856755] ? lock_is_held_type+0xd7/0x130 [ 1501.856773] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1501.856795] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1501.856819] ? hwsim_virtio_rx_work+0x360/0x360 [ 1501.863002] ? lock_release+0x3b2/0x750 [ 1501.863425] ? __kmalloc+0x25b/0x440 [ 1501.863838] hwsim_new_radio_nl+0x9ab/0x1050 [ 1501.864307] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1501.864879] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1501.865484] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1501.866189] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1501.866888] genl_family_rcv_msg_doit+0x22d/0x330 [ 1501.867413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1501.868115] ? mutex_lock_io_nested+0x1310/0x1310 [ 1501.868631] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1501.869231] ? cap_capable+0x1eb/0x250 [ 1501.869658] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1501.870257] ? ns_capable+0xd9/0x100 [ 1501.870673] genl_rcv_msg+0x33c/0x5a0 [ 1501.871101] ? genl_get_cmd+0x480/0x480 [ 1501.871534] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1501.872098] ? lock_release+0x750/0x750 [ 1501.872528] netlink_rcv_skb+0x14b/0x430 [ 1501.872981] ? genl_get_cmd+0x480/0x480 [ 1501.873420] ? netlink_ack+0xa80/0xa80 [ 1501.873844] ? netlink_deliver_tap+0x1b2/0xc30 [ 1501.874345] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1501.874894] ? is_vmalloc_addr+0x7b/0xb0 [ 1501.875338] genl_rcv+0x24/0x40 [ 1501.875706] netlink_unicast+0x54a/0x800 [ 1501.876156] ? netlink_attachskb+0x880/0x880 [ 1501.876626] ? is_vmalloc_addr+0x7b/0xb0 [ 1501.877091] netlink_sendmsg+0x904/0xe00 [ 1501.877544] ? netlink_unicast+0x800/0x800 [ 1501.878014] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1501.878616] ? netlink_unicast+0x800/0x800 [ 1501.879077] sock_sendmsg+0x150/0x190 [ 1501.879494] ____sys_sendmsg+0x703/0x870 [ 1501.879941] ? kernel_sendmsg+0x50/0x50 [ 1501.880372] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1501.880869] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1501.881443] ? lock_release+0x3b2/0x750 [ 1501.881892] ___sys_sendmsg+0xf3/0x170 [ 1501.882305] ? sendmsg_copy_msghdr+0x160/0x160 [ 1501.882800] ? lock_release+0x3b2/0x750 [ 1501.883229] ? lock_downgrade+0x6d0/0x6d0 [ 1501.883680] ? lock_release+0x3b2/0x750 [ 1501.884111] ? ksys_write+0x20c/0x250 [ 1501.884526] ? lock_downgrade+0x6d0/0x6d0 [ 1501.884986] ? __fget_files+0x287/0x470 [ 1501.885444] ? __fget_light+0xea/0x270 [ 1501.885871] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1501.886470] __sys_sendmsg+0xe5/0x1b0 [ 1501.886892] ? __sys_sendmsg_sock+0x30/0x30 [ 1501.887347] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1501.887950] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1501.888502] do_syscall_64+0x3b/0x90 [ 1501.888911] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1501.889471] RIP: 0033:0x7f406f897b19 [ 1501.889874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1501.891801] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1501.892603] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1501.893373] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1501.894124] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1501.894873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1501.895630] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1501.896406] [ 1501.896703] CPU: 1 PID: 8976 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1501.898443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1501.900755] Call Trace: [ 1501.901294] [ 1501.901749] dump_stack_lvl+0x8b/0xb3 [ 1501.902544] should_fail.cold+0x5/0xa [ 1501.903331] ? create_object.isra.0+0x3a/0xa20 [ 1501.904269] should_failslab+0x5/0x10 [ 1501.905046] kmem_cache_alloc+0x5b/0x480 [ 1501.905095] create_object.isra.0+0x3a/0xa20 [ 1501.906398] ? kasan_unpoison+0x23/0x50 [ 1501.907213] kmem_cache_alloc+0x239/0x480 [ 1501.908066] getname_flags.part.0+0x50/0x4f0 [ 1501.908967] getname+0x8e/0xd0 [ 1501.909636] do_sys_openat2+0xf5/0x4c0 [ 1501.910436] ? build_open_flags+0x6f0/0x6f0 [ 1501.911326] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1501.912444] __x64_sys_openat+0x13f/0x1f0 [ 1501.913281] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1501.914247] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1501.915285] do_syscall_64+0x3b/0x90 [ 1501.916041] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1501.917066] RIP: 0033:0x7fcdf057ba04 [ 1501.917822] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1501.921479] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1501.922994] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1501.924407] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1501.925819] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1501.927228] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1501.928633] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1501.930077] [ 1501.932104] blktrace: Concurrent blktraces are not allowed on sg0 [ 1501.943054] blktrace: Concurrent blktraces are not allowed on sg0 [ 1501.977195] FAULT_INJECTION: forcing a failure. [ 1501.977195] name failslab, interval 1, probability 0, space 0, times 0 [ 1501.978199] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1501.980018] CPU: 1 PID: 8988 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1501.982398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1501.984887] Call Trace: [ 1501.985476] [ 1501.985966] dump_stack_lvl+0x8b/0xb3 [ 1501.986824] should_fail.cold+0x5/0xa [ 1501.987671] ? create_object.isra.0+0x3a/0xa20 [ 1501.988686] should_failslab+0x5/0x10 [ 1501.989545] kmem_cache_alloc+0x5b/0x480 [ 1501.990457] ? mark_held_locks+0x9e/0xe0 [ 1501.991366] create_object.isra.0+0x3a/0xa20 [ 1501.992351] kmemleak_alloc_percpu+0xa0/0x100 [ 1501.993376] pcpu_alloc+0x7bf/0x1060 [ 1501.994214] ? tun_chr_ioctl+0x30/0x30 [ 1501.995085] tun_net_init+0x55/0x640 [ 1501.995916] ? tun_chr_ioctl+0x30/0x30 [ 1501.996780] register_netdevice+0x54f/0x1470 [ 1501.997771] ? netdev_change_features+0xb0/0xb0 [ 1501.998800] ? dev_addr_mod+0x29a/0x340 [ 1501.999687] __tun_chr_ioctl+0x20dd/0x3f10 [ 1502.000634] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1502.001649] ? lock_is_held_type+0xd7/0x130 [ 1502.002614] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1502.003844] ? tun_chr_compat_ioctl+0x30/0x30 [ 1502.004978] __x64_sys_ioctl+0x196/0x210 [ 1502.006077] do_syscall_64+0x3b/0x90 [ 1502.007052] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1502.008335] RIP: 0033:0x7fb21bfaab19 [ 1502.009263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1502.013797] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1502.015479] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1502.017042] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1502.018590] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1502.020134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1502.021693] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1502.023247] 02:59:33 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 12) 02:59:33 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 16) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:59:33 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:33 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x4000000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 02:59:33 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = fork() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x12) ptrace$setopts(0x4206, r1, 0x100000000001, 0x44) ptrace(0x4208, r1) ptrace(0x10, r1) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) syz_open_procfs(r2, 0x0) 02:59:33 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0xe0ffff}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:33 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 18) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:33 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1516.705820] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1516.706794] FAULT_INJECTION: forcing a failure. [ 1516.706794] name failslab, interval 1, probability 0, space 0, times 0 [ 1516.707998] CPU: 1 PID: 9003 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1516.708858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1516.710028] Call Trace: [ 1516.710291] [ 1516.710521] dump_stack_lvl+0x8b/0xb3 [ 1516.710932] should_fail.cold+0x5/0xa [ 1516.711333] should_failslab+0x5/0x10 [ 1516.711736] __kmalloc_track_caller+0x79/0x430 [ 1516.712225] ? kvasprintf_const+0x60/0x190 [ 1516.712668] kvasprintf+0xb5/0x150 [ 1516.713037] ? bust_spinlocks+0xe0/0xe0 [ 1516.713475] ? lock_is_held_type+0xd7/0x130 [ 1516.713929] ? find_held_lock+0x2c/0x110 [ 1516.714359] kvasprintf_const+0x60/0x190 [ 1516.714781] kobject_set_name_vargs+0x56/0x150 [ 1516.715257] dev_set_name+0xbb/0xf0 [ 1516.715639] ? device_initialize+0x4d0/0x4d0 [ 1516.716109] ? lock_is_held_type+0xd7/0x130 [ 1516.716565] wiphy_new_nm+0x800/0x1fa0 [ 1516.716978] ? mark_held_locks+0x9e/0xe0 [ 1516.717425] ieee80211_alloc_hw_nm+0x370/0x2190 [ 1516.717925] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1516.718440] ? lock_is_held_type+0xd7/0x130 [ 1516.718891] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1516.719476] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1516.719994] ? hwsim_virtio_rx_work+0x360/0x360 [ 1516.720489] ? lock_release+0x3b2/0x750 [ 1516.720906] ? __kmalloc+0x25b/0x440 [ 1516.721304] hwsim_new_radio_nl+0x9ab/0x1050 [ 1516.721783] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1516.722329] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.722905] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1516.723589] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1516.724279] genl_family_rcv_msg_doit+0x22d/0x330 [ 1516.724786] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1516.725479] ? mutex_lock_io_nested+0x1310/0x1310 [ 1516.725983] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.726556] ? cap_capable+0x1eb/0x250 [ 1516.726976] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.727553] ? ns_capable+0xd9/0x100 [ 1516.727955] genl_rcv_msg+0x33c/0x5a0 [ 1516.728351] ? genl_get_cmd+0x480/0x480 [ 1516.728769] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1516.729300] ? lock_release+0x750/0x750 [ 1516.729752] netlink_rcv_skb+0x14b/0x430 [ 1516.730174] ? genl_get_cmd+0x480/0x480 [ 1516.730593] ? netlink_ack+0xa80/0xa80 [ 1516.731002] ? netlink_deliver_tap+0x1b2/0xc30 [ 1516.731476] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1516.731997] ? is_vmalloc_addr+0x7b/0xb0 [ 1516.732427] genl_rcv+0x24/0x40 [ 1516.732774] netlink_unicast+0x54a/0x800 [ 1516.733202] ? netlink_attachskb+0x880/0x880 [ 1516.733668] ? is_vmalloc_addr+0x7b/0xb0 [ 1516.734105] netlink_sendmsg+0x904/0xe00 [ 1516.734532] ? netlink_unicast+0x800/0x800 [ 1516.734976] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.735557] ? netlink_unicast+0x800/0x800 [ 1516.735992] sock_sendmsg+0x150/0x190 [ 1516.736410] ____sys_sendmsg+0x703/0x870 [ 1516.736840] ? kernel_sendmsg+0x50/0x50 [ 1516.737251] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1516.737744] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1516.738294] ? lock_release+0x3b2/0x750 [ 1516.738716] ___sys_sendmsg+0xf3/0x170 [ 1516.739127] ? sendmsg_copy_msghdr+0x160/0x160 [ 1516.739599] ? lock_release+0x3b2/0x750 [ 1516.740017] ? lock_downgrade+0x6d0/0x6d0 [ 1516.740451] ? lock_release+0x3b2/0x750 [ 1516.740870] ? ksys_write+0x20c/0x250 [ 1516.741268] ? lock_downgrade+0x6d0/0x6d0 [ 1516.741708] ? __fget_files+0x287/0x470 [ 1516.742137] ? __fget_light+0xea/0x270 [ 1516.742546] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1516.743129] __sys_sendmsg+0xe5/0x1b0 [ 1516.743522] ? __sys_sendmsg_sock+0x30/0x30 [ 1516.743967] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.744554] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1516.745099] do_syscall_64+0x3b/0x90 [ 1516.745505] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1516.746040] RIP: 0033:0x7f406f897b19 [ 1516.746420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1516.748301] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1516.749088] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1516.749839] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1516.750583] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1516.751324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1516.752078] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1516.752119] blktrace: Concurrent blktraces are not allowed on sg0 [ 1516.752827] [ 1516.759412] FAULT_INJECTION: forcing a failure. [ 1516.759412] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1516.759967] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1516.760693] CPU: 1 PID: 9013 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1516.760711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1516.760720] Call Trace: [ 1516.760724] [ 1516.760730] dump_stack_lvl+0x8b/0xb3 [ 1516.760751] should_fail.cold+0x5/0xa [ 1516.760771] strncpy_from_user+0x34/0x3d0 [ 1516.760792] getname_flags.part.0+0x95/0x4f0 [ 1516.766458] getname+0x8e/0xd0 [ 1516.766807] do_sys_openat2+0xf5/0x4c0 [ 1516.767226] ? build_open_flags+0x6f0/0x6f0 [ 1516.767690] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.768285] __x64_sys_openat+0x13f/0x1f0 [ 1516.768727] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1516.769236] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1516.769783] do_syscall_64+0x3b/0x90 [ 1516.770175] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1516.770717] RIP: 0033:0x7fcdf057ba04 [ 1516.771052] blktrace: Concurrent blktraces are not allowed on sg0 [ 1516.771100] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1516.774272] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1516.775068] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1516.775803] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1516.776551] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1516.777287] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1516.778058] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1516.778807] [ 1516.807798] FAULT_INJECTION: forcing a failure. [ 1516.807798] name failslab, interval 1, probability 0, space 0, times 0 [ 1516.810251] CPU: 0 PID: 9016 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1516.811907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1516.814179] Call Trace: [ 1516.814685] [ 1516.815129] dump_stack_lvl+0x8b/0xb3 [ 1516.815919] should_fail.cold+0x5/0xa [ 1516.816692] ? selinux_tun_dev_alloc_security+0x43/0x180 [ 1516.817805] should_failslab+0x5/0x10 [ 1516.818578] kmem_cache_alloc_trace+0x55/0x3c0 [ 1516.819526] selinux_tun_dev_alloc_security+0x43/0x180 [ 1516.820577] security_tun_dev_alloc_security+0x46/0xa0 [ 1516.821659] tun_net_init+0x12f/0x640 [ 1516.822431] ? tun_chr_ioctl+0x30/0x30 [ 1516.823218] register_netdevice+0x54f/0x1470 [ 1516.824110] ? netdev_change_features+0xb0/0xb0 [ 1516.825058] ? dev_addr_mod+0x29a/0x340 [ 1516.825874] __tun_chr_ioctl+0x20dd/0x3f10 [ 1516.826743] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1516.827665] ? lock_is_held_type+0xd7/0x130 [ 1516.828554] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.829677] ? tun_chr_compat_ioctl+0x30/0x30 [ 1516.830582] __x64_sys_ioctl+0x196/0x210 [ 1516.831412] do_syscall_64+0x3b/0x90 [ 1516.832162] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1516.833180] RIP: 0033:0x7fb21bfaab19 [ 1516.833923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1516.837567] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1516.839074] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1516.840487] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1516.841932] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1516.843485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1516.844928] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1516.846378] 02:59:34 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 19) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:34 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 13) 02:59:34 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:34 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x1000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:34 executing program 4: ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8919, &(0x7f0000000000)={'lo\x00'}) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r1) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @private2, 0x3}, 0x1c) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x891c, 0x0) r2 = epoll_create(0x9) r3 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000440)) getsockopt$bt_hci(r3, 0x0, 0xfac0ec9f122b7041, &(0x7f0000000180)=""/1, &(0x7f00000001c0)=0x1) r4 = openat$incfs(r1, &(0x7f00000000c0)='.pending_reads\x00', 0x10140, 0x20) openat(r4, &(0x7f0000000140)='./file1\x00', 0x80800, 0x22) syncfs(0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @remote, @broadcast}}}], 0x20}, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000013c0)=[{{&(0x7f0000000200)={0xa, 0x4e24, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000240)="baeb5cac2c3ad32bfade5e53a58a1d24a7a941db629dee11aa6b894e85bfe46f7bdca7db6f4155a52a8258068548e9cd9578aa10da1eb9e55e7da19c20e050f60c9ed4e58461fa489af7ce691f881c58ea65ba7a5857cbccfcbd47a3fdddc709d2f381cc750b99d53fefd524a0175cd1e5824d87e9b8de6a209ace9dc36c9b9ebc58f219ae425be25a2ccdafc9fee19b28b2a600654f8d3ba3891f6531ba9ef4c4ddab0da2eb3ec7c987360bb8cdba68591adf4be791e6d080a13c1e3a501c", 0xbf}, {&(0x7f0000000300)="5ed6d4ed3dfee1d3fd996be944dc94869eebda42c1673375d4e22dae6ed8af7c02f59f127240e9d27a5d0a62412a56d6482e64e399cbba4cbed13a01113b88c44247b9cd53f331fe46534bab5ef2211957773908534c1013035073db3536daca9a230252ab4076abcc9a44a5b79a5931926b73812433ca0d2f977d5b4bbdbe3487c8e88c18d790ba0fe2c4ff9c2cd2474c1a8833d47315d5bf85f9cb03c2c9fd3c21de234a58f62cc4990877b924a2daefa11a7c65f24e3846d86c9d5dd64601bf9db01b2302", 0xc6}, {&(0x7f0000000400)="95fb33c756ca7bb2f151bb108103749545980403792ff7e7561cfd8627", 0x1d}, {&(0x7f0000000480)="2b87b429ff0b5ed0ea2b6709296ec1d73e9edfb55634848e0818af95848d0a89cba0d27bbea7fb83f576fc82a4d103c2983c6c279c9844c4dce9bc36d96253655ddcd4337b2d0d9af377ef51d9f39facb05394b6676dac5f3e166dd52ca52a4760a52c58106a5d2fccc342fc70e169b848258227859b2fca8c3f0c307392891a13c80e845675911a2aef751dd171e1bd50fb6efc1d4ff6679db5d8e78b248629905dc9b54a1d98c3fdc163d9a96e8eeeab5909bf57172ef379545c5ecf517428640f16f0aa6c0b", 0xc7}, {&(0x7f0000000580)="cc34f5c3807a4a58ede6350049b65fe26f228f74a63fcc21566af24ff11199bc6a00828076343d754c2ad3f59e6136524c04ab79d2ddb4cdb55ceedfea7140aee8c982e48c6fc5094fbdfcf28c2b45f6c53d481943e67755fab19bd8810c78c0f71ab61f5ba84c373b7137179a143237d2dedcd09fb38c971d084f4e3e442a2c77f8d96381b896187ac8f759d81a3ddeb5b61b6029ab657e0dfc0f824df746cffc3e56cde24982b0c1223fd7c83403b90140dd44de032432695fbb0b3a1aa4", 0xbf}], 0x5, &(0x7f00000006c0)=[@tclass={{0x14, 0x29, 0x43, 0x50}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x29, 0x0, '\x00', [@pad1]}}}, @dstopts_2292={{0xd0, 0x29, 0x4, {0x1, 0x16, '\x00', [@jumbo={0xc2, 0x4, 0x80}, @pad1, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @enc_lim={0x4, 0x1, 0x5}, @padn={0x1, 0x2, [0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x1}, @jumbo={0xc2, 0x4, 0x9}, @calipso={0x7, 0x18, {0x3, 0x4, 0x0, 0x2, [0x0, 0x6]}}, @generic={0xfd, 0x67, "92b52ae106a3ed9ca33dbc276d142926d6b9fa26d441913d8f59f83d1278fd1b42b8ea6a27bf19803857d780d17726eb1c0b5063f840c0aea925773dc2735fd7e12d45c25bb78b815f1c5314b3d1f79c981ebc93e3faef4e3cf1a380ff923bb3ca8b66ee4854e2"}]}}}, @hopopts={{0x20, 0x29, 0x36, {0x6, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x9}]}}}], 0x128}}, {{&(0x7f0000000800)={0xa, 0x4e21, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfffffffe}, 0x1c, &(0x7f00000008c0)=[{&(0x7f0000000840)="10f66580cb6057aeea552c80c93a5bbdaaff3ca512e1067740915905f8ffcf16046105d9d6b64ec5481df5b214416d6afea98e3aa9a6509c925c69a405fe52d63a38577a49cd1f42fd91ea7f6e9b3e2da3bfc78638", 0x55}], 0x1, &(0x7f0000000900)=[@tclass={{0x14, 0x29, 0x43, 0x6}}, @rthdr_2292={{0x98, 0x29, 0x39, {0x2, 0x10, 0x1, 0x6, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, @private1]}}}, @dstopts={{0xc0, 0x29, 0x37, {0x3a, 0x14, '\x00', [@calipso={0x7, 0x38, {0x2, 0xc, 0x1, 0x3, [0x1, 0x7, 0x8, 0x3, 0x3, 0xd0c]}}, @jumbo={0xc2, 0x4, 0x7}, @padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x6}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x2, 0xa, 0xff, 0xb825, [0x5, 0x4, 0x5, 0x109266c3, 0x9]}}, @calipso={0x7, 0x20, {0x3, 0x6, 0x9, 0x7, [0x80000000, 0xa54b, 0x4800000000000000]}}, @pad1]}}}], 0x170}}, {{&(0x7f0000000a80)={0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, '\x00', 0x35}, 0x8}, 0x1c, &(0x7f0000000dc0)=[{&(0x7f0000000ac0)="77ad482c17a2f3beb3295737d041e7a400a5ca17788530711c3948d229e0cbe6ae1504a264452bc491f96e3ae24a6d7f0715e16acb25", 0x36}, {&(0x7f0000000b00)="3e206f5a99b2b9a66c6ba9cb2bc5098b1bc692a1679f90b40925640265926bffddda00d23d3cb5ef38d8655245ddac3a3bf1ea61a1ae362a428f935be7e38eed645e055eb8221759d187d06f7d53abbea8ccf7a1a757af6826a30abf7cb87968a8eec993ff6b05710c73060c059c83781374942d09da3c8ab2e42cee8c2d790267154d8ec73215c36eb1588416c47116ed6bd5d05d1df902006bdc19ac24e5b8021762f0b67c3ed1c069dd95df23a9f6d1ef8acba622f51996846805ae301f3cba4435af", 0xc4}, {&(0x7f0000000c00)="938586d33b9afb4e05890e37a8078f0bb7420d9fda01f71f3f7d63b2f57a41234a1286d18fb9178a76143918e92d42d1c0", 0x31}, {&(0x7f0000000c40)="68ad622077a53bdca5e0f4fcbab1bb32075e81fdf6ca3d734695d20933f0398aecc8bcb089fab705c044266716ed7e86620a2110a998ec16fcb877eed02b31d5cde0efa347fc96811a7ff3bd73a9ceed747214", 0x53}, {&(0x7f0000000cc0)="9a2d35c9bbeba921454e040a033063f06ab7cc1c05562d1846ce45737fb5e3f8d4fe84a04534fc82991ca373f30cff5c453950f926732a8ef20e206df151707511a38f9e7d1700f0a07284c3bf441737d51806ab83b15f7d66ee57809bd0b93fdc2c64ce686f319f7598f848e011326ef2a8010ef0142b9d5f9858bb3d385da71ac6a569b033618cee4983f8dff21d423baec1be0fa027576a1643c127bd83d7e1b341eaf8203cc1c41a649e18b033cb4a7d132ca89caffddc3b38456f480e82929887ee94", 0xc5}], 0x5}}, {{&(0x7f0000000e40)={0xa, 0x4e20, 0x4, @mcast1, 0x7}, 0x1c, &(0x7f0000001200)=[{&(0x7f0000000e80)="70d9e0318747a7e9270ce105f60c937b3d4af26b16f7c89e2504d5ce961bf8a4819db53679cb88fffad255149a1208c5d80ddb34f5c7e782625814cb1079ca148e4c2a830b1e6bacba60537d4933d8de7f92bdf9a73bc155356dd4e7ec62811f2d47f046a6daff2f51b5ba224ef503fbdfb5cf7a705cb1b5d6e988c010efd86e7dede32f77c05d", 0x87}, {&(0x7f0000000f40)="0287266b0ffa0379a7096f2bd0d4da7ba5a5819d94cb5824a70220b1dc4b7ac610c94d24863440a073f5a98ed77f74a113e5735f476af5df88170c0cdeb712a0923483c268a6dfc09b3ad169be29c9e0a59e5afa88480e82225616233521c2323365e1ea6864ab0253b8413cd81f27da2c2abfa8e47104648554c63b9cf7848cc41bf75324ffc6ed3d93260288ca343992b294b0231df252830b544439995ea9d02936437d191b26d891db59c085baab8e871cf99405bba24b4f7b8a9af1b652919fb7d8357a9d88032f435045d2c3a8ded9e05455e88817", 0xd8}, {&(0x7f0000001040)="5fb2b026609eaab5cd51256729de716026cdbca3fb84a796c009d2b6a450fdb03a179d5ff72ed6c41af209d26e579bfb93c6b487051ed1cd99ebc4ddfc4ea68e107105d05d15c249f590a1cab46ae05319d84f7609b91eeabb16d8a5b5b11684470bee7f6441856a361f8c812db5a11db79090178f06818b045e39601f9dc89ea0d22d5a68563d96a2da997b7c74cb582514494d6091ccbe9d27a1c2531d195dabec0b80b4c876aeb887d68f46a03415844b3c1fdbf7db5eb87be1839dcff0d411faa807f5fead1733c8d450bd9d011e80edd6495b860b627bb3c6289eb87119c9ee142b10309b703ff86f7cd9c07f5b6757e4a7326f", 0xf6}, {&(0x7f0000001140)="5fa5537db98b76eb396cdfa5add5e673cf93327a8296cbbefdd7b4fc2e34c5ae71d2c21d60573de926c88ff80f1fba9e85e2e092d945c498bc7af574c23f508f2f8155fcf163b967408014da826805a5776a579af5f5e15066a672a5450224cb14bee9bbfa11bb52492905302b0714edb6f58e7530217236fde2d70824517442a49d79655c2d627b117c681a162ced9bfe61b207290df36e", 0x98}], 0x4, &(0x7f00000014c0)=ANY=[@ANYBLOB="580000000000000029000000040000003a07000000000000c910ff0100000000000000000000000000010728000000030848aaff05000000000000000300000000000000018000000000000009000000000000000000000024000000000000002900000032000000fc0100"/120, @ANYRES32=r5, @ANYBLOB="00001600e00000000000000029000000040000002f18000000000000c91000000000000000000000ffffac1414aa7fae20505629df3d8f1696610b5cc26c84381234011081541387301fb60d442e68b2ce872fa505acb7ccd5395b5a6289aa1ec0862f575764a24180cb5eb1fdb540594442986afdf50e4604d79aea3564678abdded143b9e6045aa2cfb5ca0effd0583771b91c346fb121b2d826b3dffc2c6a1a4c68ed5297ac176d732085e12769c92fe7cd116f8c588e408620b2d9a2ad50222810b1b896ae29748b0d72e721dca030383d8f6336dfd03a7aa19e451ff7efe48fdf82478ad60d00d1dc8d1be82f42c965adb581305be767f7f6c61d5becb32f671b11c4470b3de8ef820b5095489e58322102caeba24161e16443a0e3eb47b382754f7540fe19d370f2fe7560e8ca0fc095af4a85630c074861120dca59bd1b897a1198f3bfca34d078ffb4da4daf7d68128cc7"], 0x160}}], 0x4, 0x4000020) syz_open_procfs(0x0, 0x0) syncfs(r3) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000080)={'ip6tnl0\x00'}) [ 1516.933791] FAULT_INJECTION: forcing a failure. [ 1516.933791] name failslab, interval 1, probability 0, space 0, times 0 [ 1516.936273] CPU: 0 PID: 9025 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1516.937914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1516.940162] Call Trace: [ 1516.940684] [ 1516.941129] dump_stack_lvl+0x8b/0xb3 [ 1516.941941] should_fail.cold+0x5/0xa [ 1516.942714] ? __alloc_file+0x21/0x230 [ 1516.943506] should_failslab+0x5/0x10 [ 1516.944272] kmem_cache_alloc+0x5b/0x480 [ 1516.945109] __alloc_file+0x21/0x230 [ 1516.945870] alloc_empty_file+0x6d/0x170 [ 1516.946853] path_openat+0xe1/0x2870 [ 1516.947621] ? path_lookupat+0x850/0x850 [ 1516.948443] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1516.949525] ? lock_is_held_type+0xd7/0x130 [ 1516.950403] do_filp_open+0x1aa/0x400 [ 1516.951171] ? may_open_dev+0xf0/0xf0 [ 1516.951939] ? lock_release+0x3b2/0x750 [ 1516.952734] ? alloc_fd+0x2f0/0x670 [ 1516.953478] ? lock_downgrade+0x6d0/0x6d0 [ 1516.954311] ? rwlock_bug.part.0+0x90/0x90 [ 1516.955160] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1516.956068] blktrace: Concurrent blktraces are not allowed on sg0 [ 1516.956262] ? _find_next_bit+0x1e5/0x260 [ 1516.956304] ? _raw_spin_unlock+0x24/0x40 [ 1516.958566] ? alloc_fd+0x2f0/0x670 [ 1516.959316] do_sys_openat2+0x16d/0x4c0 [ 1516.960122] ? build_open_flags+0x6f0/0x6f0 [ 1516.961007] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1516.962139] __x64_sys_openat+0x13f/0x1f0 [ 1516.962962] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1516.963926] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1516.964963] do_syscall_64+0x3b/0x90 [ 1516.965725] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1516.966751] RIP: 0033:0x7fcdf057ba04 [ 1516.967485] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1516.971144] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1516.972649] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1516.974097] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1516.975515] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1516.976927] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1516.978340] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1516.979779] 02:59:34 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 17) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1517.013248] blktrace: Concurrent blktraces are not allowed on sg0 [ 1517.087027] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1517.088111] FAULT_INJECTION: forcing a failure. [ 1517.088111] name failslab, interval 1, probability 0, space 0, times 0 [ 1517.089460] CPU: 1 PID: 9027 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1517.090481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1517.091653] Call Trace: [ 1517.091974] [ 1517.092326] dump_stack_lvl+0x8b/0xb3 [ 1517.092833] should_fail.cold+0x5/0xa [ 1517.093299] ? create_object.isra.0+0x3a/0xa20 [ 1517.093951] should_failslab+0x5/0x10 [ 1517.094489] kmem_cache_alloc+0x5b/0x480 [ 1517.095069] create_object.isra.0+0x3a/0xa20 [ 1517.095576] ? kasan_unpoison+0x23/0x50 [ 1517.096103] __kmalloc_track_caller+0x25e/0x430 [ 1517.096692] ? kvasprintf_const+0x60/0x190 [ 1517.097293] kvasprintf+0xb5/0x150 [ 1517.097828] ? bust_spinlocks+0xe0/0xe0 [ 1517.098325] ? lock_is_held_type+0xd7/0x130 [ 1517.098867] ? find_held_lock+0x2c/0x110 [ 1517.099418] kvasprintf_const+0x60/0x190 [ 1517.099992] kobject_set_name_vargs+0x56/0x150 [ 1517.100626] dev_set_name+0xbb/0xf0 [ 1517.101143] ? device_initialize+0x4d0/0x4d0 [ 1517.101785] ? lock_is_held_type+0xd7/0x130 [ 1517.102312] wiphy_new_nm+0x800/0x1fa0 [ 1517.102852] ? mark_held_locks+0x9e/0xe0 [ 1517.103373] ieee80211_alloc_hw_nm+0x370/0x2190 [ 1517.104015] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1517.104673] ? lock_is_held_type+0xd7/0x130 [ 1517.105278] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1517.106023] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1517.106741] ? hwsim_virtio_rx_work+0x360/0x360 [ 1517.107378] ? lock_release+0x3b2/0x750 [ 1517.107907] ? __kmalloc+0x25b/0x440 [ 1517.108355] hwsim_new_radio_nl+0x9ab/0x1050 [ 1517.108974] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1517.109665] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1517.110405] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1517.111222] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1517.112096] genl_family_rcv_msg_doit+0x22d/0x330 [ 1517.112681] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1517.113590] ? mutex_lock_io_nested+0x1310/0x1310 [ 1517.114146] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1517.114886] ? cap_capable+0x1eb/0x250 [ 1517.115406] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1517.116109] ? ns_capable+0xd9/0x100 [ 1517.116635] genl_rcv_msg+0x33c/0x5a0 [ 1517.117089] ? genl_get_cmd+0x480/0x480 [ 1517.117611] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1517.118288] ? lock_release+0x750/0x750 [ 1517.118796] netlink_rcv_skb+0x14b/0x430 [ 1517.119293] ? genl_get_cmd+0x480/0x480 [ 1517.119743] ? netlink_ack+0xa80/0xa80 [ 1517.120153] ? netlink_deliver_tap+0x1b2/0xc30 [ 1517.120663] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1517.121187] ? is_vmalloc_addr+0x7b/0xb0 [ 1517.121652] genl_rcv+0x24/0x40 [ 1517.122014] netlink_unicast+0x54a/0x800 [ 1517.122439] ? netlink_attachskb+0x880/0x880 [ 1517.122922] ? is_vmalloc_addr+0x7b/0xb0 [ 1517.123355] netlink_sendmsg+0x904/0xe00 [ 1517.123809] ? netlink_unicast+0x800/0x800 [ 1517.124258] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1517.124870] ? netlink_unicast+0x800/0x800 [ 1517.125309] sock_sendmsg+0x150/0x190 [ 1517.125745] ____sys_sendmsg+0x703/0x870 [ 1517.126202] ? kernel_sendmsg+0x50/0x50 [ 1517.126619] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1517.127139] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1517.127710] ? lock_release+0x3b2/0x750 [ 1517.128138] ___sys_sendmsg+0xf3/0x170 [ 1517.128568] ? sendmsg_copy_msghdr+0x160/0x160 [ 1517.129047] ? lock_release+0x3b2/0x750 [ 1517.129511] ? lock_downgrade+0x6d0/0x6d0 [ 1517.129975] ? lock_release+0x3b2/0x750 [ 1517.130399] ? ksys_write+0x20c/0x250 [ 1517.130814] ? lock_downgrade+0x6d0/0x6d0 [ 1517.131266] ? __fget_files+0x287/0x470 [ 1517.131714] ? __fget_light+0xea/0x270 [ 1517.132125] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1517.132744] __sys_sendmsg+0xe5/0x1b0 [ 1517.133143] ? __sys_sendmsg_sock+0x30/0x30 [ 1517.133623] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1517.134254] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1517.134796] do_syscall_64+0x3b/0x90 [ 1517.135210] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1517.135768] RIP: 0033:0x7f406f897b19 [ 1517.136153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.138196] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1517.138978] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1517.139773] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1517.140550] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1517.141332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.142131] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1517.142923] [ 1517.146364] FAULT_INJECTION: forcing a failure. [ 1517.146364] name failslab, interval 1, probability 0, space 0, times 0 [ 1517.147956] CPU: 1 PID: 9040 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1517.148868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1517.150051] Call Trace: [ 1517.150336] [ 1517.150564] dump_stack_lvl+0x8b/0xb3 [ 1517.151000] should_fail.cold+0x5/0xa [ 1517.151397] ? create_object.isra.0+0x3a/0xa20 [ 1517.151910] should_failslab+0x5/0x10 [ 1517.152318] kmem_cache_alloc+0x5b/0x480 [ 1517.152778] create_object.isra.0+0x3a/0xa20 [ 1517.153243] ? kasan_unpoison+0x23/0x50 [ 1517.153704] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1517.154227] selinux_tun_dev_alloc_security+0x43/0x180 [ 1517.154778] security_tun_dev_alloc_security+0x46/0xa0 [ 1517.155362] tun_net_init+0x12f/0x640 [ 1517.155783] ? tun_chr_ioctl+0x30/0x30 [ 1517.156223] register_netdevice+0x54f/0x1470 [ 1517.156691] ? netdev_change_features+0xb0/0xb0 [ 1517.157211] ? dev_addr_mod+0x29a/0x340 [ 1517.157648] __tun_chr_ioctl+0x20dd/0x3f10 [ 1517.158127] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1517.158608] ? lock_is_held_type+0xd7/0x130 [ 1517.159095] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1517.159676] ? tun_chr_compat_ioctl+0x30/0x30 [ 1517.160185] __x64_sys_ioctl+0x196/0x210 [ 1517.160620] do_syscall_64+0x3b/0x90 [ 1517.161042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1517.161591] RIP: 0033:0x7fb21bfaab19 [ 1517.161999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.163889] RSP: 002b:00007fb2194ff188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1517.164723] RAX: ffffffffffffffda RBX: 00007fb21c0be020 RCX: 00007fb21bfaab19 [ 1517.165471] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000004 [ 1517.166210] RBP: 00007fb2194ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1517.166949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.167681] R13: 00007ffd4cd3d90f R14: 00007fb2194ff300 R15: 0000000000022000 [ 1517.168423] 02:59:34 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:34 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x1080000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:34 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf000000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1517.280850] blktrace: Concurrent blktraces are not allowed on sg0 [ 1517.284208] blktrace: Concurrent blktraces are not allowed on sg0 02:59:51 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 20) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:51 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 18) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 02:59:51 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 14) 02:59:51 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:51 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 02:59:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2090801}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x1c0, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x7ff}, {0xc}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x5fb7060a}, {0xc, 0x90, 0x13f}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x1000}, {0xc, 0x90, 0x7}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x3}, {0xc, 0x90, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x7f}, {0xc}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}, {0xc, 0x8f, 0xffffffffffff7fff}, {0xc, 0x90, 0x8}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0xffffffff}, {0xc, 0x90, 0x7ff}}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x40004}, 0xc000) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)={0x0, 0xfb, 0x114, 0x5, 0x40, "0eb3103a3bede30622970d5c4c08259a", "12899b76b0ccf842f45a6bdf8fd253937e1a8547c61b3b3918d2e829754a63e06bbfedc15705bd686da325fd785c67ceb37f0554c283c135188e5cf46ed535b0f8c6ad840e1003347ef117f447fcdcda36cfecbb28f6373cbf6b664d5179fe10cd1ba1f85f9f9cf7216139e8f6c89866eb8e649dfadc3a24483e4a8b53bb91ac4ecfefdab4bd585c36277b119b59959281ae1dcb10f80b94804b4fe61ed07505e511c85baa5ab4ce468a4f4c8dfb6be4a2cd1bfdfdc648f5952b716f91303cb0a33059c757dcfeef42792d552d2b189b4be2ff81ea958bf2d714807388a6a939d3f7b80da9c3baafe64bc38620a579dbe493a5a0c41daace2c93e93a4216a3"}, 0x114, 0x2) 02:59:51 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x2000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1534.058573] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1534.059905] FAULT_INJECTION: forcing a failure. [ 1534.059905] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.061102] CPU: 0 PID: 9058 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.062003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.063189] Call Trace: [ 1534.063462] [ 1534.063711] dump_stack_lvl+0x8b/0xb3 [ 1534.064128] should_fail.cold+0x5/0xa [ 1534.064563] ? rfkill_alloc+0xa6/0x2c0 [ 1534.065029] should_failslab+0x5/0x10 [ 1534.065459] __kmalloc+0x72/0x440 [ 1534.065886] rfkill_alloc+0xa6/0x2c0 [ 1534.066295] wiphy_new_nm+0x124c/0x1fa0 [ 1534.066760] ? mark_held_locks+0x9e/0xe0 [ 1534.067209] ieee80211_alloc_hw_nm+0x370/0x2190 [ 1534.067753] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1534.068291] ? lock_is_held_type+0xd7/0x130 [ 1534.068802] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1534.069391] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1534.069971] ? hwsim_virtio_rx_work+0x360/0x360 [ 1534.070510] ? lock_release+0x3b2/0x750 [ 1534.070959] ? __kmalloc+0x25b/0x440 [ 1534.071391] hwsim_new_radio_nl+0x9ab/0x1050 [ 1534.071893] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1534.072512] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.073150] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1534.073915] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1534.074648] genl_family_rcv_msg_doit+0x22d/0x330 [ 1534.075159] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1534.075891] ? mutex_lock_io_nested+0x1310/0x1310 [ 1534.076443] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.077059] ? cap_capable+0x1eb/0x250 [ 1534.077523] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.078164] ? ns_capable+0xd9/0x100 [ 1534.078607] genl_rcv_msg+0x33c/0x5a0 [ 1534.079039] ? genl_get_cmd+0x480/0x480 [ 1534.079485] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1534.080034] ? lock_release+0x750/0x750 [ 1534.080491] netlink_rcv_skb+0x14b/0x430 [ 1534.080949] ? genl_get_cmd+0x480/0x480 [ 1534.081396] ? netlink_ack+0xa80/0xa80 [ 1534.081842] ? netlink_deliver_tap+0x1b2/0xc30 [ 1534.082366] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1534.082920] ? is_vmalloc_addr+0x7b/0xb0 [ 1534.083359] genl_rcv+0x24/0x40 [ 1534.083724] netlink_unicast+0x54a/0x800 [ 1534.084179] ? netlink_attachskb+0x880/0x880 [ 1534.084675] ? is_vmalloc_addr+0x7b/0xb0 [ 1534.085152] netlink_sendmsg+0x904/0xe00 02:59:51 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x9effffff, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1534.085621] ? netlink_unicast+0x800/0x800 [ 1534.086232] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.086886] ? netlink_unicast+0x800/0x800 [ 1534.087398] sock_sendmsg+0x150/0x190 [ 1534.087847] ____sys_sendmsg+0x703/0x870 [ 1534.088279] ? kernel_sendmsg+0x50/0x50 [ 1534.088784] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1534.089288] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1534.089922] ? lock_release+0x3b2/0x750 [ 1534.090394] ___sys_sendmsg+0xf3/0x170 [ 1534.090804] ? sendmsg_copy_msghdr+0x160/0x160 [ 1534.091328] ? lock_release+0x3b2/0x750 [ 1534.091750] ? lock_downgrade+0x6d0/0x6d0 [ 1534.092234] ? lock_release+0x3b2/0x750 [ 1534.092709] ? ksys_write+0x20c/0x250 [ 1534.093145] ? lock_downgrade+0x6d0/0x6d0 [ 1534.093641] ? __fget_files+0x287/0x470 [ 1534.094118] ? __fget_light+0xea/0x270 [ 1534.094579] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1534.095223] __sys_sendmsg+0xe5/0x1b0 [ 1534.095666] ? __sys_sendmsg_sock+0x30/0x30 [ 1534.096159] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.096759] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.097367] do_syscall_64+0x3b/0x90 [ 1534.097824] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.098422] RIP: 0033:0x7f406f897b19 [ 1534.098817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.100942] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1534.101782] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1534.102551] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1534.103315] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1534.104110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.104887] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1534.105667] [ 1534.114214] FAULT_INJECTION: forcing a failure. [ 1534.114214] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.115477] CPU: 0 PID: 9068 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.116359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.117568] Call Trace: [ 1534.117858] [ 1534.118093] dump_stack_lvl+0x8b/0xb3 [ 1534.118521] should_fail.cold+0x5/0xa [ 1534.118865] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1534.118934] ? __alloc_file+0x21/0x230 [ 1534.120880] should_failslab+0x5/0x10 [ 1534.121292] kmem_cache_alloc+0x5b/0x480 [ 1534.121739] __alloc_file+0x21/0x230 [ 1534.122134] alloc_empty_file+0x6d/0x170 [ 1534.122571] path_openat+0xe1/0x2870 [ 1534.122969] ? path_lookupat+0x850/0x850 [ 1534.123424] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1534.124004] ? lock_is_held_type+0xd7/0x130 [ 1534.124508] do_filp_open+0x1aa/0x400 [ 1534.124936] ? may_open_dev+0xf0/0xf0 [ 1534.125362] ? lock_release+0x3b2/0x750 [ 1534.125822] ? alloc_fd+0x2f0/0x670 [ 1534.126236] ? lock_downgrade+0x6d0/0x6d0 [ 1534.126722] ? rwlock_bug.part.0+0x90/0x90 [ 1534.127212] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1534.127848] ? _find_next_bit+0x1e5/0x260 [ 1534.128323] ? _raw_spin_unlock+0x24/0x40 [ 1534.128801] ? alloc_fd+0x2f0/0x670 [ 1534.129225] do_sys_openat2+0x16d/0x4c0 [ 1534.129721] ? build_open_flags+0x6f0/0x6f0 [ 1534.130216] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.130853] __x64_sys_openat+0x13f/0x1f0 [ 1534.131337] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1534.131893] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.132494] do_syscall_64+0x3b/0x90 [ 1534.132927] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.133522] RIP: 0033:0x7fcdf057ba04 [ 1534.133954] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1534.136064] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1534.136942] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1534.137792] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1534.138609] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1534.139427] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1534.140230] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1534.141064] [ 1534.151777] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.154190] FAULT_INJECTION: forcing a failure. [ 1534.154190] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.156924] CPU: 1 PID: 9057 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.158676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.161058] Call Trace: [ 1534.161245] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.161599] [ 1534.162713] dump_stack_lvl+0x8b/0xb3 [ 1534.163532] should_fail.cold+0x5/0xa [ 1534.164350] ? kvmalloc_node+0xa0/0x130 [ 1534.165202] should_failslab+0x5/0x10 [ 1534.166038] __kmalloc_node+0x76/0x470 [ 1534.166886] kvmalloc_node+0xa0/0x130 [ 1534.167700] tun_attach.isra.0+0x7df/0x15f0 [ 1534.168633] ? lock_is_held_type+0xd7/0x130 [ 1534.169544] ? lockdep_init_map_type+0x21a/0x7e0 [ 1534.170560] ? tun_net_open+0x120/0x120 [ 1534.171424] tun_net_init+0x45a/0x640 [ 1534.172219] ? tun_chr_ioctl+0x30/0x30 [ 1534.173035] register_netdevice+0x54f/0x1470 [ 1534.173998] ? netdev_change_features+0xb0/0xb0 [ 1534.174983] ? dev_addr_mod+0x29a/0x340 [ 1534.175824] __tun_chr_ioctl+0x20dd/0x3f10 [ 1534.176739] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1534.177718] ? lock_is_held_type+0xd7/0x130 [ 1534.178634] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.179806] ? tun_chr_compat_ioctl+0x30/0x30 [ 1534.180765] __x64_sys_ioctl+0x196/0x210 [ 1534.181649] do_syscall_64+0x3b/0x90 [ 1534.182446] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.183526] RIP: 0033:0x7fb21bfaab19 [ 1534.184302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.188177] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1534.189788] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1534.191284] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1534.192774] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1534.194291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.195782] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1534.197337] 02:59:51 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 21) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:51 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 15) 02:59:51 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x3000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.pending_reads\x00', 0x402002, 0x198) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x3, 0x1, 0x101, 0x0, 0x0, {0x3, 0x0, 0x3}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x1}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x73}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x7}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x14}, 0x80) syz_open_procfs(0x0, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xe4, 0x2, 0x2, 0x0, 0x0, 0x0, {0x2, 0x0, 0x3}, [@CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x60ee868d}, @CTA_EXPECT_MASK={0x78, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00'}, {0x14, 0x4, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_EXPECT_FN={0x8, 0xb, 'sip\x00'}, @CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000) [ 1534.260476] FAULT_INJECTION: forcing a failure. [ 1534.260476] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.261756] CPU: 0 PID: 9080 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.262640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.263844] Call Trace: [ 1534.264124] [ 1534.264373] dump_stack_lvl+0x8b/0xb3 [ 1534.264791] should_fail.cold+0x5/0xa [ 1534.265202] ? security_file_alloc+0x34/0x170 [ 1534.265726] should_failslab+0x5/0x10 [ 1534.266142] kmem_cache_alloc+0x5b/0x480 [ 1534.266587] security_file_alloc+0x34/0x170 [ 1534.267059] __alloc_file+0xb6/0x230 [ 1534.267464] alloc_empty_file+0x6d/0x170 [ 1534.267900] path_openat+0xe1/0x2870 [ 1534.268319] ? path_lookupat+0x850/0x850 [ 1534.268752] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1534.269346] ? lock_is_held_type+0xd7/0x130 [ 1534.269817] do_filp_open+0x1aa/0x400 [ 1534.270227] ? may_open_dev+0xf0/0xf0 [ 1534.270663] ? lock_release+0x3b2/0x750 [ 1534.271099] ? alloc_fd+0x2f0/0x670 [ 1534.271531] ? lock_downgrade+0x6d0/0x6d0 [ 1534.272000] ? rwlock_bug.part.0+0x90/0x90 [ 1534.272492] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1534.273126] ? _find_next_bit+0x1e5/0x260 [ 1534.273596] ? _raw_spin_unlock+0x24/0x40 [ 1534.274087] ? alloc_fd+0x2f0/0x670 [ 1534.274517] do_sys_openat2+0x16d/0x4c0 [ 1534.274970] ? build_open_flags+0x6f0/0x6f0 [ 1534.275475] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.276110] __x64_sys_openat+0x13f/0x1f0 [ 1534.276586] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1534.277127] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.277750] do_syscall_64+0x3b/0x90 [ 1534.278177] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.278767] RIP: 0033:0x7fcdf057ba04 [ 1534.279190] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1534.281263] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1534.282161] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1534.282980] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1534.283789] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1534.284608] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1534.285431] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1534.286269] [ 1534.287980] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.290846] blktrace: Concurrent blktraces are not allowed on sg0 02:59:51 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:51 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x4000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1534.344703] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.349264] blktrace: Concurrent blktraces are not allowed on sg0 02:59:51 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 02:59:51 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x5000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 02:59:51 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 22) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 02:59:51 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 19) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1534.441801] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.447535] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.456570] FAULT_INJECTION: forcing a failure. [ 1534.456570] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.457846] CPU: 0 PID: 9098 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.458727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.459913] Call Trace: [ 1534.460179] [ 1534.460425] dump_stack_lvl+0x8b/0xb3 [ 1534.460841] should_fail.cold+0x5/0xa [ 1534.461245] ? create_object.isra.0+0x3a/0xa20 [ 1534.461752] should_failslab+0x5/0x10 [ 1534.462160] kmem_cache_alloc+0x5b/0x480 [ 1534.462610] create_object.isra.0+0x3a/0xa20 [ 1534.463072] ? kasan_unpoison+0x23/0x50 [ 1534.463510] kmem_cache_alloc+0x239/0x480 [ 1534.463951] security_file_alloc+0x34/0x170 [ 1534.464420] __alloc_file+0xb6/0x230 [ 1534.464820] alloc_empty_file+0x6d/0x170 [ 1534.465248] path_openat+0xe1/0x2870 [ 1534.465674] ? path_lookupat+0x850/0x850 [ 1534.466111] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1534.466673] ? lock_is_held_type+0xd7/0x130 [ 1534.467130] do_filp_open+0x1aa/0x400 [ 1534.467551] ? may_open_dev+0xf0/0xf0 [ 1534.467951] ? lock_release+0x3b2/0x750 [ 1534.468373] ? alloc_fd+0x2f0/0x670 [ 1534.468759] ? lock_downgrade+0x6d0/0x6d0 [ 1534.469194] ? rwlock_bug.part.0+0x90/0x90 [ 1534.469654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1534.470229] ? _find_next_bit+0x1e5/0x260 [ 1534.470676] ? _raw_spin_unlock+0x24/0x40 [ 1534.471117] ? alloc_fd+0x2f0/0x670 [ 1534.471519] do_sys_openat2+0x16d/0x4c0 [ 1534.471938] ? build_open_flags+0x6f0/0x6f0 [ 1534.472409] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.472985] __x64_sys_openat+0x13f/0x1f0 [ 1534.473431] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1534.473970] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.474528] do_syscall_64+0x3b/0x90 [ 1534.474918] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.475463] RIP: 0033:0x7fcdf057ba04 [ 1534.475854] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1534.477779] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1534.478594] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1534.479340] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1534.480076] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1534.480820] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1534.481582] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1534.482352] 02:59:51 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = epoll_create(0x9) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000440)) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000040)={0x9}) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'vlan1\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, 0xfffffffffffffffd) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_IBSS(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20044880}, 0x80) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1534.500166] FAULT_INJECTION: forcing a failure. [ 1534.500166] name failslab, interval 1, probability 0, space 0, times 0 02:59:51 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x6000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1534.502940] CPU: 1 PID: 9099 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.504750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.507124] Call Trace: [ 1534.507669] [ 1534.508138] dump_stack_lvl+0x8b/0xb3 [ 1534.508958] should_fail.cold+0x5/0xa [ 1534.509781] ? create_object.isra.0+0x3a/0xa20 [ 1534.510766] should_failslab+0x5/0x10 [ 1534.511578] kmem_cache_alloc+0x5b/0x480 [ 1534.512461] create_object.isra.0+0x3a/0xa20 [ 1534.513391] ? kasan_unpoison+0x23/0x50 [ 1534.514255] __kmalloc_node+0x26f/0x470 [ 1534.515113] kvmalloc_node+0xa0/0x130 [ 1534.515927] tun_attach.isra.0+0x7df/0x15f0 [ 1534.516864] ? lock_is_held_type+0xd7/0x130 [ 1534.517786] ? lockdep_init_map_type+0x21a/0x7e0 [ 1534.518784] ? tun_net_open+0x120/0x120 [ 1534.519646] tun_net_init+0x45a/0x640 [ 1534.520467] ? tun_chr_ioctl+0x30/0x30 [ 1534.521301] register_netdevice+0x54f/0x1470 [ 1534.522257] ? netdev_change_features+0xb0/0xb0 [ 1534.523257] ? dev_addr_mod+0x29a/0x340 [ 1534.524116] __tun_chr_ioctl+0x20dd/0x3f10 [ 1534.525005] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.526311] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1534.527130] blktrace: Concurrent blktraces are not allowed on sg0 [ 1534.527292] ? lock_is_held_type+0xd7/0x130 [ 1534.528840] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.530023] ? tun_chr_compat_ioctl+0x30/0x30 [ 1534.530988] __x64_sys_ioctl+0x196/0x210 [ 1534.531862] do_syscall_64+0x3b/0x90 [ 1534.532660] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.533760] RIP: 0033:0x7fb21bfaab19 [ 1534.534554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.538429] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1534.540053] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1534.541551] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1534.543062] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1534.544557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.546066] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1534.547593] [ 1534.565831] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1534.566998] FAULT_INJECTION: forcing a failure. [ 1534.566998] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.568292] CPU: 0 PID: 9076 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1534.569217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1534.570440] Call Trace: [ 1534.570726] [ 1534.570967] dump_stack_lvl+0x8b/0xb3 [ 1534.571385] should_fail.cold+0x5/0xa [ 1534.571796] ? create_object.isra.0+0x3a/0xa20 [ 1534.572299] should_failslab+0x5/0x10 [ 1534.572717] kmem_cache_alloc+0x5b/0x480 [ 1534.573176] create_object.isra.0+0x3a/0xa20 [ 1534.573665] ? kasan_unpoison+0x23/0x50 [ 1534.574136] __kmalloc+0x25b/0x440 [ 1534.574566] rfkill_alloc+0xa6/0x2c0 [ 1534.574973] wiphy_new_nm+0x124c/0x1fa0 [ 1534.575406] ? mark_held_locks+0x9e/0xe0 [ 1534.575866] ieee80211_alloc_hw_nm+0x370/0x2190 [ 1534.576387] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1534.576903] ? lock_is_held_type+0xd7/0x130 [ 1534.577375] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1534.577981] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1534.578513] ? hwsim_virtio_rx_work+0x360/0x360 [ 1534.578998] ? lock_release+0x3b2/0x750 [ 1534.579418] ? __kmalloc+0x25b/0x440 [ 1534.579815] hwsim_new_radio_nl+0x9ab/0x1050 [ 1534.580277] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1534.580835] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.581426] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1534.582126] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1534.582818] genl_family_rcv_msg_doit+0x22d/0x330 [ 1534.583328] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1534.584017] ? mutex_lock_io_nested+0x1310/0x1310 [ 1534.584530] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.585109] ? cap_capable+0x1eb/0x250 [ 1534.585555] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.586160] ? ns_capable+0xd9/0x100 [ 1534.586577] genl_rcv_msg+0x33c/0x5a0 [ 1534.586981] ? genl_get_cmd+0x480/0x480 [ 1534.587399] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1534.587936] ? lock_release+0x750/0x750 [ 1534.588373] netlink_rcv_skb+0x14b/0x430 [ 1534.588803] ? genl_get_cmd+0x480/0x480 [ 1534.589225] ? netlink_ack+0xa80/0xa80 [ 1534.589657] ? netlink_deliver_tap+0x1b2/0xc30 [ 1534.590141] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1534.590674] ? is_vmalloc_addr+0x7b/0xb0 [ 1534.591105] genl_rcv+0x24/0x40 [ 1534.591460] netlink_unicast+0x54a/0x800 [ 1534.591894] ? netlink_attachskb+0x880/0x880 [ 1534.592360] ? is_vmalloc_addr+0x7b/0xb0 [ 1534.592793] netlink_sendmsg+0x904/0xe00 [ 1534.593217] ? netlink_unicast+0x800/0x800 [ 1534.593685] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.594259] ? netlink_unicast+0x800/0x800 [ 1534.594728] sock_sendmsg+0x150/0x190 [ 1534.595134] ____sys_sendmsg+0x703/0x870 [ 1534.595616] ? kernel_sendmsg+0x50/0x50 [ 1534.596035] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1534.596519] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1534.597070] ? lock_release+0x3b2/0x750 [ 1534.597498] ___sys_sendmsg+0xf3/0x170 [ 1534.597907] ? sendmsg_copy_msghdr+0x160/0x160 [ 1534.598397] ? lock_release+0x3b2/0x750 [ 1534.598821] ? lock_downgrade+0x6d0/0x6d0 [ 1534.599253] ? lock_release+0x3b2/0x750 [ 1534.599676] ? ksys_write+0x20c/0x250 [ 1534.600072] ? lock_downgrade+0x6d0/0x6d0 [ 1534.600522] ? __fget_files+0x287/0x470 [ 1534.600953] ? __fget_light+0xea/0x270 [ 1534.601375] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1534.601978] __sys_sendmsg+0xe5/0x1b0 [ 1534.602395] ? __sys_sendmsg_sock+0x30/0x30 [ 1534.602844] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1534.603444] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.603982] do_syscall_64+0x3b/0x90 [ 1534.604387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.604924] RIP: 0033:0x7f406f897b19 [ 1534.605315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.607240] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1534.608030] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1534.608773] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1534.609516] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1534.610270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.611030] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1534.611795] 03:00:07 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xafdfb3ee, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:00:07 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 20) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:00:07 executing program 4: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20800001}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0xa, 0xa, 0x101, 0x0, 0x0, {0xffe1c978f8807e22, 0x0, 0xa}, [@NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x4}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x7}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x1}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x44810) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:00:07 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x7000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:07 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:00:07 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:00:07 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 23) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:00:07 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 16) [ 1550.740554] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1550.744064] blktrace: Concurrent blktraces are not allowed on sg0 [ 1550.747690] blktrace: Concurrent blktraces are not allowed on sg0 03:00:07 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xeeb3dfaf, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1550.760466] FAULT_INJECTION: forcing a failure. [ 1550.760466] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.761732] CPU: 1 PID: 9128 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1550.762625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1550.763859] Call Trace: [ 1550.764137] [ 1550.764380] dump_stack_lvl+0x8b/0xb3 [ 1550.764808] should_fail.cold+0x5/0xa [ 1550.765231] should_failslab+0x5/0x10 [ 1550.765657] __kmalloc_track_caller+0x79/0x430 [ 1550.766166] ? kstrdup_const+0x53/0x80 [ 1550.766610] kstrdup+0x36/0x70 [ 1550.766977] kstrdup_const+0x53/0x80 [ 1550.767390] kvasprintf_const+0x108/0x190 [ 1550.767844] kobject_set_name_vargs+0x56/0x150 [ 1550.768352] dev_set_name+0xbb/0xf0 [ 1550.768751] ? device_initialize+0x4d0/0x4d0 [ 1550.769244] ? lockdep_init_map_type+0x21a/0x7e0 [ 1550.769769] ? __init_waitqueue_head+0x6b/0xd0 [ 1550.770294] netdev_register_kobject+0xbd/0x3b0 [ 1550.770801] register_netdevice+0xd65/0x1470 [ 1550.771297] ? netdev_change_features+0xb0/0xb0 [ 1550.771814] ? dev_addr_mod+0x29a/0x340 [ 1550.772262] __tun_chr_ioctl+0x20dd/0x3f10 [ 1550.772736] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1550.773255] ? lock_is_held_type+0xd7/0x130 [ 1550.773752] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.774370] ? tun_chr_compat_ioctl+0x30/0x30 [ 1550.774874] __x64_sys_ioctl+0x196/0x210 [ 1550.775334] do_syscall_64+0x3b/0x90 [ 1550.775749] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.776317] RIP: 0033:0x7fb21bfaab19 [ 1550.776722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.778744] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1550.779578] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1550.780359] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1550.781144] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1550.781944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1550.782729] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1550.783525] [ 1550.788477] FAULT_INJECTION: forcing a failure. [ 1550.788477] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.789938] CPU: 1 PID: 9134 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1550.790820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1550.792055] Call Trace: [ 1550.792347] [ 1550.792585] dump_stack_lvl+0x8b/0xb3 [ 1550.792998] should_fail.cold+0x5/0xa [ 1550.793411] should_failslab+0x5/0x10 [ 1550.793818] kmem_cache_alloc_lru+0x60/0x7c0 [ 1550.794304] ? __d_alloc+0x31/0x990 [ 1550.794694] __d_alloc+0x31/0x990 [ 1550.795056] ? lock_is_held_type+0xd7/0x130 [ 1550.795525] d_alloc_parallel+0x10a/0x1c00 [ 1550.795977] ? __d_lookup+0x40a/0x780 [ 1550.796386] ? lock_downgrade+0x6d0/0x6d0 [ 1550.796846] ? find_held_lock+0x2c/0x110 [ 1550.797286] ? __d_lookup_rcu+0x730/0x730 [ 1550.797737] ? __d_lookup+0x42c/0x780 [ 1550.798152] ? d_lookup+0x115/0x120 [ 1550.798564] lookup_open.isra.0+0xb37/0x1680 [ 1550.799052] ? lookup_fast+0x6e0/0x6e0 [ 1550.799484] ? perf_trace_802154_rdev_return_int+0x470/0x4a0 [ 1550.800116] ? perf_trace_802154_rdev_return_int+0x470/0x4a0 [ 1550.800739] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.801345] ? __mnt_want_write+0x1fa/0x2e0 [ 1550.801820] path_openat+0x99f/0x2870 [ 1550.802259] ? path_lookupat+0x850/0x850 [ 1550.802704] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1550.803284] ? lock_is_held_type+0xd7/0x130 [ 1550.803753] do_filp_open+0x1aa/0x400 [ 1550.804170] ? may_open_dev+0xf0/0xf0 [ 1550.804601] ? rwlock_bug.part.0+0x90/0x90 [ 1550.805066] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1550.805662] ? _find_next_bit+0x1e5/0x260 [ 1550.806130] ? _raw_spin_unlock+0x24/0x40 [ 1550.806583] ? alloc_fd+0x2f0/0x670 [ 1550.806984] do_sys_openat2+0x16d/0x4c0 [ 1550.807421] ? build_open_flags+0x6f0/0x6f0 [ 1550.807900] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.808507] __x64_sys_openat+0x13f/0x1f0 [ 1550.808947] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1550.809474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.810052] do_syscall_64+0x3b/0x90 [ 1550.810461] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.811018] RIP: 0033:0x7fcdf057ba04 [ 1550.811415] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1550.813414] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1550.814247] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1550.815022] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1550.815794] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1550.816568] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1550.817336] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1550.818125] 03:00:08 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1550.899569] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1550.901847] FAULT_INJECTION: forcing a failure. [ 1550.901847] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.904401] CPU: 0 PID: 9131 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1550.906117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1550.908602] Call Trace: [ 1550.909159] [ 1550.909626] dump_stack_lvl+0x8b/0xb3 [ 1550.910455] should_fail.cold+0x5/0xa [ 1550.911266] ? kvmalloc_node+0x3e/0x130 [ 1550.912120] should_failslab+0x5/0x10 [ 1550.912924] __kmalloc_node+0x76/0x470 [ 1550.913761] kvmalloc_node+0x3e/0x130 [ 1550.914594] bucket_table_alloc.isra.0+0x89/0x480 [ 1550.915623] rhashtable_init+0x341/0x750 [ 1550.916490] rhltable_init+0x1c/0x60 [ 1550.917284] ? mark_held_locks+0x9e/0xe0 [ 1550.918158] sta_info_init+0x1f/0x110 [ 1550.918973] ieee80211_alloc_hw_nm+0x6d1/0x2190 [ 1550.919960] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1550.920994] ? lock_is_held_type+0xd7/0x130 [ 1550.921914] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1550.923100] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1550.924143] ? hwsim_virtio_rx_work+0x360/0x360 [ 1550.925137] ? lock_release+0x3b2/0x750 [ 1550.925998] ? __kmalloc+0x25b/0x440 [ 1550.926802] hwsim_new_radio_nl+0x9ab/0x1050 [ 1550.927730] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1550.928823] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.929990] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1550.931364] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1550.932737] genl_family_rcv_msg_doit+0x22d/0x330 [ 1550.933761] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1550.935163] ? mutex_lock_io_nested+0x1310/0x1310 [ 1550.936170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.937326] ? cap_capable+0x1eb/0x250 [ 1550.938176] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.939330] ? ns_capable+0xd9/0x100 [ 1550.940137] genl_rcv_msg+0x33c/0x5a0 [ 1550.940939] ? genl_get_cmd+0x480/0x480 [ 1550.941774] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1550.942880] ? lock_release+0x750/0x750 [ 1550.943728] netlink_rcv_skb+0x14b/0x430 [ 1550.944574] ? genl_get_cmd+0x480/0x480 [ 1550.945410] ? netlink_ack+0xa80/0xa80 [ 1550.946247] ? netlink_deliver_tap+0x1b2/0xc30 [ 1550.947221] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1550.948277] ? is_vmalloc_addr+0x7b/0xb0 [ 1550.949141] genl_rcv+0x24/0x40 [ 1550.949831] netlink_unicast+0x54a/0x800 [ 1550.950720] ? netlink_attachskb+0x880/0x880 [ 1550.951634] ? is_vmalloc_addr+0x7b/0xb0 [ 1550.952513] netlink_sendmsg+0x904/0xe00 [ 1550.953378] ? netlink_unicast+0x800/0x800 [ 1550.954277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.955441] ? netlink_unicast+0x800/0x800 [ 1550.956333] sock_sendmsg+0x150/0x190 [ 1550.957145] ____sys_sendmsg+0x703/0x870 [ 1550.958040] ? kernel_sendmsg+0x50/0x50 [ 1550.958879] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1550.959834] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1550.960939] ? lock_release+0x3b2/0x750 [ 1550.961790] ___sys_sendmsg+0xf3/0x170 [ 1550.962612] ? sendmsg_copy_msghdr+0x160/0x160 [ 1550.963573] ? lock_release+0x3b2/0x750 [ 1550.964413] ? lock_downgrade+0x6d0/0x6d0 [ 1550.965287] ? lock_release+0x3b2/0x750 [ 1550.966139] ? ksys_write+0x20c/0x250 [ 1550.966942] ? lock_downgrade+0x6d0/0x6d0 [ 1550.967829] ? __fget_files+0x287/0x470 [ 1550.968690] ? __fget_light+0xea/0x270 [ 1550.969518] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1550.970698] __sys_sendmsg+0xe5/0x1b0 [ 1550.971493] ? __sys_sendmsg_sock+0x30/0x30 [ 1550.972393] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1550.973568] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1550.974667] do_syscall_64+0x3b/0x90 [ 1550.975462] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.976533] RIP: 0033:0x7f406f897b19 [ 1550.977316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.981136] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1550.982730] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1550.984205] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1550.985681] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1550.987170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1550.988646] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1550.990161] 03:00:21 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xf0ffffff, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:00:21 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0xffffe000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:21 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 17) 03:00:21 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:00:21 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 24) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:00:21 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:00:21 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 21) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:00:21 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = fork() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x12) ptrace$setopts(0x4206, r1, 0x100000000001, 0x44) ptrace(0x4208, r1) ptrace(0x10, r1) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x8, r2) tkill(r2, 0x12) ptrace$setopts(0x4206, r2, 0x100000000001, 0x44) ptrace(0x4208, r2) ptrace(0x10, r2) syz_open_procfs(r2, 0x0) [ 1564.696952] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1564.698175] FAULT_INJECTION: forcing a failure. [ 1564.698175] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.699754] CPU: 0 PID: 9147 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1564.700826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1564.702313] Call Trace: [ 1564.702487] FAULT_INJECTION: forcing a failure. [ 1564.702487] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.702645] [ 1564.702654] dump_stack_lvl+0x8b/0xb3 [ 1564.702683] should_fail.cold+0x5/0xa [ 1564.702701] ? create_object.isra.0+0x3a/0xa20 [ 1564.702722] should_failslab+0x5/0x10 [ 1564.702740] kmem_cache_alloc+0x5b/0x480 [ 1564.702766] create_object.isra.0+0x3a/0xa20 [ 1564.702783] ? kasan_unpoison+0x23/0x50 [ 1564.702803] __kmalloc_node+0x26f/0x470 [ 1564.702828] kvmalloc_node+0x3e/0x130 [ 1564.702847] bucket_table_alloc.isra.0+0x89/0x480 [ 1564.710420] rhashtable_init+0x341/0x750 [ 1564.710871] rhltable_init+0x1c/0x60 [ 1564.711350] ? mark_held_locks+0x9e/0xe0 [ 1564.711787] sta_info_init+0x1f/0x110 [ 1564.712258] ieee80211_alloc_hw_nm+0x6d1/0x2190 [ 1564.712727] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1564.713234] ? lock_is_held_type+0xd7/0x130 [ 1564.713705] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1564.714294] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1564.714792] ? hwsim_virtio_rx_work+0x360/0x360 [ 1564.715244] ? lock_release+0x3b2/0x750 [ 1564.715631] ? __kmalloc+0x25b/0x440 [ 1564.716008] hwsim_new_radio_nl+0x9ab/0x1050 [ 1564.716439] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1564.716951] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.717487] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1564.718133] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1564.718793] genl_family_rcv_msg_doit+0x22d/0x330 [ 1564.719295] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1564.719995] ? mutex_lock_io_nested+0x1310/0x1310 [ 1564.720508] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.721094] ? cap_capable+0x1eb/0x250 [ 1564.721516] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.722110] ? ns_capable+0xd9/0x100 [ 1564.722511] genl_rcv_msg+0x33c/0x5a0 [ 1564.722915] ? genl_get_cmd+0x480/0x480 [ 1564.723332] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1564.723885] ? lock_release+0x750/0x750 [ 1564.724309] netlink_rcv_skb+0x14b/0x430 [ 1564.724735] ? genl_get_cmd+0x480/0x480 [ 1564.725155] ? netlink_ack+0xa80/0xa80 [ 1564.725567] ? netlink_deliver_tap+0x1b2/0xc30 [ 1564.726072] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1564.726604] ? is_vmalloc_addr+0x7b/0xb0 [ 1564.727044] genl_rcv+0x24/0x40 [ 1564.727389] netlink_unicast+0x54a/0x800 [ 1564.727824] ? netlink_attachskb+0x880/0x880 [ 1564.728279] ? is_vmalloc_addr+0x7b/0xb0 [ 1564.728716] netlink_sendmsg+0x904/0xe00 [ 1564.729149] ? netlink_unicast+0x800/0x800 [ 1564.729595] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.730193] ? netlink_unicast+0x800/0x800 [ 1564.730634] sock_sendmsg+0x150/0x190 [ 1564.731047] ____sys_sendmsg+0x703/0x870 [ 1564.731475] ? kernel_sendmsg+0x50/0x50 [ 1564.731900] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1564.732378] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1564.732940] ? lock_release+0x3b2/0x750 [ 1564.733367] ___sys_sendmsg+0xf3/0x170 [ 1564.733783] ? sendmsg_copy_msghdr+0x160/0x160 [ 1564.734269] ? lock_release+0x3b2/0x750 [ 1564.734688] ? lock_downgrade+0x6d0/0x6d0 [ 1564.735130] ? lock_release+0x3b2/0x750 [ 1564.735546] ? ksys_write+0x20c/0x250 [ 1564.735959] ? lock_downgrade+0x6d0/0x6d0 [ 1564.736396] ? __fget_files+0x287/0x470 [ 1564.736831] ? __fget_light+0xea/0x270 [ 1564.737244] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1564.737832] __sys_sendmsg+0xe5/0x1b0 [ 1564.738240] ? __sys_sendmsg_sock+0x30/0x30 [ 1564.738695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.739299] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1564.739852] do_syscall_64+0x3b/0x90 [ 1564.740251] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.740799] RIP: 0033:0x7f406f897b19 [ 1564.741184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1564.743118] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1564.743915] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1564.744657] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1564.745400] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1564.746160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1564.746907] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1564.747667] [ 1564.747915] CPU: 1 PID: 9154 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1564.749752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1564.752213] Call Trace: [ 1564.752776] [ 1564.753263] dump_stack_lvl+0x8b/0xb3 [ 1564.754135] should_fail.cold+0x5/0xa [ 1564.754967] ? create_object.isra.0+0x3a/0xa20 [ 1564.755969] should_failslab+0x5/0x10 [ 1564.756801] kmem_cache_alloc+0x5b/0x480 [ 1564.757703] create_object.isra.0+0x3a/0xa20 [ 1564.758664] ? kasan_unpoison+0x23/0x50 [ 1564.759535] __kmalloc_track_caller+0x25e/0x430 [ 1564.760552] ? kstrdup_const+0x53/0x80 [ 1564.761413] kstrdup+0x36/0x70 [ 1564.762137] kstrdup_const+0x53/0x80 [ 1564.762948] kvasprintf_const+0x108/0x190 [ 1564.763853] kobject_set_name_vargs+0x56/0x150 [ 1564.764832] dev_set_name+0xbb/0xf0 [ 1564.765635] ? device_initialize+0x4d0/0x4d0 [ 1564.766603] ? lockdep_init_map_type+0x21a/0x7e0 [ 1564.767643] ? __init_waitqueue_head+0x6b/0xd0 [ 1564.768636] netdev_register_kobject+0xbd/0x3b0 [ 1564.769648] register_netdevice+0xd65/0x1470 [ 1564.770626] ? netdev_change_features+0xb0/0xb0 [ 1564.771636] ? dev_addr_mod+0x29a/0x340 [ 1564.772507] __tun_chr_ioctl+0x20dd/0x3f10 [ 1564.773438] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1564.774434] ? lock_is_held_type+0xd7/0x130 [ 1564.775385] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.776574] ? tun_chr_compat_ioctl+0x30/0x30 [ 1564.777540] __x64_sys_ioctl+0x196/0x210 [ 1564.778431] do_syscall_64+0x3b/0x90 [ 1564.779238] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.780335] RIP: 0033:0x7fb21bfaab19 [ 1564.781122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1564.785033] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1564.785078] blktrace: Concurrent blktraces are not allowed on sg0 [ 1564.786657] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1564.786680] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1564.786697] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1564.791835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1564.793332] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1564.794867] [ 1564.804454] FAULT_INJECTION: forcing a failure. [ 1564.804454] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.805613] CPU: 0 PID: 9161 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1564.806412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1564.807569] Call Trace: [ 1564.807825] [ 1564.808043] dump_stack_lvl+0x8b/0xb3 [ 1564.808448] should_fail.cold+0x5/0xa [ 1564.808830] should_failslab+0x5/0x10 [ 1564.809220] kmem_cache_alloc_lru+0x60/0x7c0 [ 1564.809656] ? __d_alloc+0x31/0x990 [ 1564.810017] __d_alloc+0x31/0x990 [ 1564.810388] ? lock_is_held_type+0xd7/0x130 [ 1564.810829] d_alloc_parallel+0x10a/0x1c00 [ 1564.811303] ? __d_lookup+0x40a/0x780 [ 1564.811681] ? lock_downgrade+0x6d0/0x6d0 [ 1564.812142] ? find_held_lock+0x2c/0x110 [ 1564.812580] ? __d_lookup_rcu+0x730/0x730 [ 1564.812990] ? __d_lookup+0x42c/0x780 [ 1564.813412] ? d_lookup+0x115/0x120 [ 1564.813777] lookup_open.isra.0+0xb37/0x1680 [ 1564.814274] ? lookup_fast+0x6e0/0x6e0 [ 1564.814685] ? perf_trace_802154_rdev_return_int+0x470/0x4a0 [ 1564.815326] ? perf_trace_802154_rdev_return_int+0x470/0x4a0 [ 1564.815915] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.816492] ? __mnt_want_write+0x1fa/0x2e0 [ 1564.816940] path_openat+0x99f/0x2870 [ 1564.817358] ? path_lookupat+0x850/0x850 [ 1564.817776] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1564.818406] ? lock_is_held_type+0xd7/0x130 [ 1564.818914] do_filp_open+0x1aa/0x400 [ 1564.819333] ? may_open_dev+0xf0/0xf0 [ 1564.819732] ? rwlock_bug.part.0+0x90/0x90 [ 1564.820200] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1564.820770] ? _find_next_bit+0x1e5/0x260 [ 1564.821239] ? _raw_spin_unlock+0x24/0x40 [ 1564.821671] ? alloc_fd+0x2f0/0x670 [ 1564.822077] do_sys_openat2+0x16d/0x4c0 [ 1564.822519] ? build_open_flags+0x6f0/0x6f0 [ 1564.822972] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.823592] __x64_sys_openat+0x13f/0x1f0 [ 1564.824014] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1564.824642] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1564.825270] do_syscall_64+0x3b/0x90 [ 1564.825670] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.826235] RIP: 0033:0x7fcdf057ba04 [ 1564.826603] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1564.828625] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1564.829395] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1564.830182] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1564.830925] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1564.831679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1564.832434] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1564.833188] [ 1564.834788] blktrace: Concurrent blktraces are not allowed on sg0 03:00:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:00:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 25) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1564.949614] FAULT_INJECTION: forcing a failure. [ 1564.949614] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.951128] CPU: 0 PID: 9175 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1564.951920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1564.953129] Call Trace: [ 1564.953481] [ 1564.953793] dump_stack_lvl+0x8b/0xb3 [ 1564.954292] should_fail.cold+0x5/0xa [ 1564.954698] ? create_object.isra.0+0x3a/0xa20 [ 1564.955182] should_failslab+0x5/0x10 [ 1564.955586] kmem_cache_alloc+0x5b/0x480 [ 1564.956021] create_object.isra.0+0x3a/0xa20 [ 1564.956480] ? kasan_unpoison+0x23/0x50 [ 1564.956871] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1564.957348] ? __d_alloc+0x31/0x990 [ 1564.957735] __d_alloc+0x31/0x990 [ 1564.958110] ? lock_is_held_type+0xd7/0x130 [ 1564.958564] d_alloc_parallel+0x10a/0x1c00 [ 1564.959012] ? __d_lookup+0x40a/0x780 [ 1564.959408] ? lock_downgrade+0x6d0/0x6d0 [ 1564.959844] ? find_held_lock+0x2c/0x110 [ 1564.960272] ? __d_lookup_rcu+0x730/0x730 [ 1564.960673] ? __d_lookup+0x42c/0x780 [ 1564.961082] ? d_lookup+0x115/0x120 [ 1564.961478] lookup_open.isra.0+0xb37/0x1680 [ 1564.961946] ? lookup_fast+0x6e0/0x6e0 [ 1564.962367] ? perf_trace_802154_rdev_return_int+0x470/0x4a0 [ 1564.962977] ? perf_trace_802154_rdev_return_int+0x470/0x4a0 [ 1564.963576] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.964153] ? __mnt_want_write+0x1fa/0x2e0 [ 1564.964608] path_openat+0x99f/0x2870 [ 1564.965017] ? path_lookupat+0x850/0x850 [ 1564.965413] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1564.965981] ? lock_is_held_type+0xd7/0x130 [ 1564.966407] do_filp_open+0x1aa/0x400 [ 1564.966810] ? may_open_dev+0xf0/0xf0 [ 1564.967226] ? rwlock_bug.part.0+0x90/0x90 [ 1564.967677] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1564.968257] ? _find_next_bit+0x1e5/0x260 [ 1564.968702] ? _raw_spin_unlock+0x24/0x40 [ 1564.969143] ? alloc_fd+0x2f0/0x670 [ 1564.969534] do_sys_openat2+0x16d/0x4c0 [ 1564.969955] ? build_open_flags+0x6f0/0x6f0 [ 1564.970436] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1564.971031] __x64_sys_openat+0x13f/0x1f0 [ 1564.971463] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 1564.971967] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1564.972510] do_syscall_64+0x3b/0x90 [ 1564.972903] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.973439] RIP: 0033:0x7fcdf057ba04 [ 1564.973825] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 1564.975742] RSP: 002b:00007fcdedb3ded0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1564.976531] RAX: ffffffffffffffda RBX: 00007fcdf0612970 RCX: 00007fcdf057ba04 [ 1564.977270] RDX: 0000000000000002 RSI: 00007fcdedb3e000 RDI: 00000000ffffff9c [ 1564.978010] RBP: 00007fcdedb3e000 R08: 0000000000000000 R09: ffffffffffffffff [ 1564.978766] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1564.979499] R13: 0000000000000005 R14: 0000000020000070 R15: 0000000000000002 [ 1564.980251] 03:00:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0xe0ffff00000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xfffff000, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1565.021735] blktrace: Concurrent blktraces are not allowed on sg0 03:00:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1565.028293] blktrace: Concurrent blktraces are not allowed on sg0 03:00:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 18) 03:00:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x100000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1565.072819] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1565.074968] FAULT_INJECTION: forcing a failure. [ 1565.074968] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.076142] CPU: 0 PID: 9184 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1565.076939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1565.078025] Call Trace: [ 1565.078287] [ 1565.078502] dump_stack_lvl+0x8b/0xb3 [ 1565.078888] should_fail.cold+0x5/0xa [ 1565.079265] ? create_object.isra.0+0x3a/0xa20 [ 1565.079713] should_failslab+0x5/0x10 [ 1565.080085] kmem_cache_alloc+0x5b/0x480 [ 1565.080488] create_object.isra.0+0x3a/0xa20 [ 1565.080921] ? kasan_unpoison+0x23/0x50 [ 1565.081311] __kmalloc_node+0x26f/0x470 [ 1565.081707] kvmalloc_node+0x3e/0x130 [ 1565.082090] bucket_table_alloc.isra.0+0x89/0x480 [ 1565.082568] rhashtable_init+0x341/0x750 [ 1565.082971] rhltable_init+0x1c/0x60 [ 1565.083339] ? mark_held_locks+0x9e/0xe0 [ 1565.083736] sta_info_init+0x1f/0x110 [ 1565.084112] ieee80211_alloc_hw_nm+0x6d1/0x2190 [ 1565.084571] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1565.085051] ? lock_is_held_type+0xd7/0x130 [ 1565.085473] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1565.086027] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1565.086542] ? hwsim_virtio_rx_work+0x360/0x360 [ 1565.087010] ? lock_release+0x3b2/0x750 [ 1565.087410] ? __kmalloc+0x25b/0x440 [ 1565.087794] hwsim_new_radio_nl+0x9ab/0x1050 [ 1565.088234] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1565.088764] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1565.089314] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1565.089978] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1565.090642] genl_family_rcv_msg_doit+0x22d/0x330 [ 1565.091124] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1565.091779] ? mutex_lock_io_nested+0x1310/0x1310 [ 1565.092263] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1565.092818] ? cap_capable+0x1eb/0x250 [ 1565.093220] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1565.093774] ? ns_capable+0xd9/0x100 [ 1565.094166] genl_rcv_msg+0x33c/0x5a0 [ 1565.094555] ? genl_get_cmd+0x480/0x480 [ 1565.094950] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1565.095471] ? lock_release+0x750/0x750 [ 1565.095866] netlink_rcv_skb+0x14b/0x430 [ 1565.096270] ? genl_get_cmd+0x480/0x480 [ 1565.096674] ? netlink_ack+0xa80/0xa80 [ 1565.097075] ? netlink_deliver_tap+0x1b2/0xc30 [ 1565.097542] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1565.098041] ? is_vmalloc_addr+0x7b/0xb0 [ 1565.098667] genl_rcv+0x24/0x40 [ 1565.098991] netlink_unicast+0x54a/0x800 [ 1565.099409] ? netlink_attachskb+0x880/0x880 [ 1565.099840] ? is_vmalloc_addr+0x7b/0xb0 [ 1565.100259] netlink_sendmsg+0x904/0xe00 [ 1565.100677] ? netlink_unicast+0x800/0x800 [ 1565.101098] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1565.101666] ? netlink_unicast+0x800/0x800 [ 1565.102091] sock_sendmsg+0x150/0x190 [ 1565.102477] ____sys_sendmsg+0x703/0x870 [ 1565.102886] ? kernel_sendmsg+0x50/0x50 [ 1565.103281] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1565.103730] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1565.104249] ? lock_release+0x3b2/0x750 [ 1565.104654] ___sys_sendmsg+0xf3/0x170 [ 1565.105035] ? sendmsg_copy_msghdr+0x160/0x160 [ 1565.105498] ? lock_release+0x3b2/0x750 [ 1565.105898] ? lock_downgrade+0x6d0/0x6d0 [ 1565.106317] ? lock_release+0x3b2/0x750 [ 1565.106712] ? ksys_write+0x20c/0x250 [ 1565.107101] ? lock_downgrade+0x6d0/0x6d0 [ 1565.107522] ? __fget_files+0x287/0x470 [ 1565.107942] ? __fget_light+0xea/0x270 [ 1565.108338] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1565.108906] __sys_sendmsg+0xe5/0x1b0 [ 1565.109276] ? __sys_sendmsg_sock+0x30/0x30 [ 1565.109702] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1565.110271] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1565.110794] do_syscall_64+0x3b/0x90 [ 1565.111176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1565.111697] RIP: 0033:0x7f406f897b19 [ 1565.112068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.113918] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1565.114687] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1565.115393] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1565.116095] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1565.116810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.117524] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1565.118249] 03:00:22 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 22) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:00:22 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup3(r0, r0, 0x80000) write$binfmt_elf64(r1, &(0x7f0000000040)={{0x7f, 0x45, 0x4c, 0x46, 0x8d, 0x8, 0x1, 0xd8, 0x6, 0x3, 0x3, 0x1, 0x7a, 0x40, 0x25a, 0x9, 0x3, 0x38, 0x1, 0x0, 0x1, 0x1ff}, [{0x70000000, 0x7, 0xfffffffffffffe00, 0x2, 0xff, 0xff, 0x80, 0xffff}], "837b2f5a7446af38cebf765ab8875b1e3965d541caa72b80d7198031b1b257748dd60b3e627786d04825b2ee4698e1abe0125a2b296b0d69e92803bd3daf175cd6ea79ab814083749272ca2c99aa3767115ad2448e907307605f28251b5463b1c2b178eb9d102b4395656b9dce4688", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x6e7) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:00:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xffffff7f, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1565.150103] blktrace: Concurrent blktraces are not allowed on sg0 [ 1565.159335] blktrace: Concurrent blktraces are not allowed on sg0 03:00:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:00:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x108000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1565.225511] FAULT_INJECTION: forcing a failure. [ 1565.225511] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.228163] CPU: 1 PID: 9198 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1565.229067] blktrace: Concurrent blktraces are not allowed on sg0 [ 1565.229886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1565.229907] Call Trace: [ 1565.231588] blktrace: Concurrent blktraces are not allowed on sg0 [ 1565.232890] [ 1565.232902] dump_stack_lvl+0x8b/0xb3 [ 1565.235680] should_fail.cold+0x5/0xa [ 1565.236488] ? device_add+0x10a0/0x1e60 [ 1565.237327] should_failslab+0x5/0x10 [ 1565.238142] kmem_cache_alloc_trace+0x55/0x3c0 [ 1565.239124] device_add+0x10a0/0x1e60 [ 1565.239926] ? device_initialize+0x4d0/0x4d0 [ 1565.240860] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1565.242020] ? __init_waitqueue_head+0x6b/0xd0 [ 1565.243025] netdev_register_kobject+0x17a/0x3b0 [ 1565.244046] register_netdevice+0xd65/0x1470 [ 1565.244995] ? netdev_change_features+0xb0/0xb0 [ 1565.245996] ? dev_addr_mod+0x29a/0x340 [ 1565.246872] __tun_chr_ioctl+0x20dd/0x3f10 [ 1565.247794] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1565.248775] ? lock_is_held_type+0xd7/0x130 [ 1565.249727] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1565.250921] ? tun_chr_compat_ioctl+0x30/0x30 [ 1565.251888] __x64_sys_ioctl+0x196/0x210 [ 1565.252774] do_syscall_64+0x3b/0x90 [ 1565.253576] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1565.254683] RIP: 0033:0x7fb21bfaab19 [ 1565.255467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1565.259350] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1565.260956] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1565.262481] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1565.263985] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1565.265487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1565.266997] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1565.268526] [ 1579.448121] FAULT_INJECTION: forcing a failure. [ 1579.448121] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.449428] CPU: 1 PID: 9212 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1579.450326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1579.451534] Call Trace: [ 1579.451811] [ 1579.452044] dump_stack_lvl+0x8b/0xb3 [ 1579.452471] should_fail.cold+0x5/0xa [ 1579.452887] ? create_object.isra.0+0x3a/0xa20 [ 1579.453378] should_failslab+0x5/0x10 [ 1579.453785] kmem_cache_alloc+0x5b/0x480 [ 1579.454231] create_object.isra.0+0x3a/0xa20 [ 1579.454706] ? kasan_unpoison+0x23/0x50 [ 1579.455137] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1579.455642] device_add+0x10a0/0x1e60 [ 1579.456041] ? device_initialize+0x4d0/0x4d0 [ 1579.456801] ? __fw_devlink_link_to_suppliers+0x470/0x470 03:00:36 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:00:36 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) (fail_nth: 26) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:00:36 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xffffff9e, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:00:36 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x75, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:00:36 executing program 4: rseq(&(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x2, 0x8, 0xfff, 0x4}, 0xb}, 0x20, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r2 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r2, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_PEER_V6={0x14, 0x9, @loopback}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x40041}, 0x20000000) ioctl$sock_ifreq(r1, 0x8919, &(0x7f0000000280)={'veth0_macvtap\x00', @ifru_map}) syz_open_procfs(0x0, 0x0) 03:00:36 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x200000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:36 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 23) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:00:36 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 19) [ 1579.457408] ? __init_waitqueue_head+0x6b/0xd0 [ 1579.458068] netdev_register_kobject+0x17a/0x3b0 [ 1579.458587] register_netdevice+0xd65/0x1470 [ 1579.459056] ? netdev_change_features+0xb0/0xb0 [ 1579.459544] ? dev_addr_mod+0x29a/0x340 [ 1579.459969] __tun_chr_ioctl+0x20dd/0x3f10 [ 1579.460424] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1579.460912] ? lock_is_held_type+0xd7/0x130 [ 1579.461376] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1579.461956] ? tun_chr_compat_ioctl+0x30/0x30 [ 1579.462441] __x64_sys_ioctl+0x196/0x210 [ 1579.462878] do_syscall_64+0x3b/0x90 [ 1579.463279] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1579.463816] RIP: 0033:0x7fb21bfaab19 [ 1579.464201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.466110] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1579.466911] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1579.467673] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1579.468410] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1579.469161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.469910] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1579.470684] [ 1579.474796] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1579.496212] blktrace: Concurrent blktraces are not allowed on sg0 [ 1579.505458] FAULT_INJECTION: forcing a failure. [ 1579.505458] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1579.508261] CPU: 0 PID: 9224 Comm: syz-executor.2 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1579.509918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1579.512182] Call Trace: [ 1579.512705] [ 1579.513152] dump_stack_lvl+0x8b/0xb3 [ 1579.513943] should_fail.cold+0x5/0xa [ 1579.514745] _copy_from_user+0x2a/0x170 [ 1579.515557] kstrtouint_from_user+0xac/0x160 [ 1579.516436] ? kstrtouint+0x120/0x120 [ 1579.517204] ? lock_acquire+0x1b2/0x530 [ 1579.518012] proc_fail_nth_write+0x78/0x220 [ 1579.519047] ? proc_task_getattr+0x1f0/0x1f0 [ 1579.519945] ? lock_is_held_type+0xd7/0x130 [ 1579.520820] ? proc_task_getattr+0x1f0/0x1f0 [ 1579.521712] vfs_write+0x264/0xac0 [ 1579.522466] ksys_write+0x127/0x250 [ 1579.523193] ? __ia32_sys_read+0xb0/0xb0 [ 1579.524024] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.525066] do_syscall_64+0x3b/0x90 [ 1579.525823] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1579.526856] RIP: 0033:0x7fcdf057b5ff [ 1579.526899] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 1579.526924] RSP: 002b:00007fcdedb3e170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1579.532423] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcdf057b5ff [ 1579.533842] RDX: 0000000000000001 RSI: 00007fcdedb3e1e0 RDI: 0000000000000004 [ 1579.535270] RBP: 00007fcdedb3e1d0 R08: 0000000000000000 R09: ffffffffffffffff [ 1579.536689] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1579.538097] R13: 00007ffc90fcf37f R14: 00007fcdedb3e300 R15: 0000000000022000 [ 1579.539541] [ 1579.546849] blktrace: Concurrent blktraces are not allowed on sg0 03:00:36 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000001c0)={'gre0\x00'}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), r0) sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r3, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x4}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3c}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4040}, 0x20000000) 03:00:36 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1579.671543] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1579.673769] FAULT_INJECTION: forcing a failure. [ 1579.673769] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.676064] CPU: 0 PID: 9221 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1579.677707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1579.679993] Call Trace: [ 1579.680512] [ 1579.680966] dump_stack_lvl+0x8b/0xb3 [ 1579.681744] should_fail.cold+0x5/0xa [ 1579.682512] ? create_object.isra.0+0x3a/0xa20 [ 1579.683432] should_failslab+0x5/0x10 [ 1579.684194] kmem_cache_alloc+0x5b/0x480 [ 1579.685026] create_object.isra.0+0x3a/0xa20 [ 1579.685907] ? kasan_unpoison+0x23/0x50 [ 1579.686729] __kmalloc_track_caller+0x25e/0x430 [ 1579.687659] ? kasprintf+0xbb/0xf0 [ 1579.688373] kvasprintf+0xb5/0x150 [ 1579.689059] ? bust_spinlocks+0xe0/0xe0 [ 1579.689858] ? mark_held_locks+0x9e/0xe0 [ 1579.690698] kasprintf+0xbb/0xf0 [ 1579.691369] ? kvasprintf_const+0x190/0x190 [ 1579.692234] ? lock_is_held_type+0xd7/0x130 [ 1579.693106] ieee80211_alloc_led_names+0x82/0x420 [ 1579.694076] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1579.695040] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1579.696021] ? lock_is_held_type+0xd7/0x130 [ 1579.696887] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1579.697996] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1579.699015] ? hwsim_virtio_rx_work+0x360/0x360 [ 1579.699957] ? lock_release+0x3b2/0x750 [ 1579.700751] ? __kmalloc+0x25b/0x440 [ 1579.701505] hwsim_new_radio_nl+0x9ab/0x1050 [ 1579.702402] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1579.703437] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1579.704525] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1579.705823] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1579.707126] genl_family_rcv_msg_doit+0x22d/0x330 [ 1579.708079] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1579.709374] ? mutex_lock_io_nested+0x1310/0x1310 [ 1579.710358] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1579.711457] ? cap_capable+0x1eb/0x250 [ 1579.712258] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1579.713353] ? ns_capable+0xd9/0x100 [ 1579.714114] genl_rcv_msg+0x33c/0x5a0 [ 1579.714884] ? genl_get_cmd+0x480/0x480 [ 1579.715679] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1579.716708] ? lock_release+0x750/0x750 [ 1579.717508] netlink_rcv_skb+0x14b/0x430 [ 1579.718327] ? genl_get_cmd+0x480/0x480 [ 1579.719118] ? netlink_ack+0xa80/0xa80 [ 1579.719901] ? netlink_deliver_tap+0x1b2/0xc30 [ 1579.720816] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1579.721813] ? is_vmalloc_addr+0x7b/0xb0 [ 1579.722640] genl_rcv+0x24/0x40 [ 1579.723293] netlink_unicast+0x54a/0x800 [ 1579.724107] ? netlink_attachskb+0x880/0x880 [ 1579.724976] ? is_vmalloc_addr+0x7b/0xb0 [ 1579.725799] netlink_sendmsg+0x904/0xe00 [ 1579.726628] ? netlink_unicast+0x800/0x800 [ 1579.727474] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1579.728569] ? netlink_unicast+0x800/0x800 [ 1579.729402] sock_sendmsg+0x150/0x190 [ 1579.730169] ____sys_sendmsg+0x703/0x870 [ 1579.730994] ? kernel_sendmsg+0x50/0x50 [ 1579.731787] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1579.732688] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1579.733734] ? lock_release+0x3b2/0x750 [ 1579.734547] ___sys_sendmsg+0xf3/0x170 [ 1579.735317] ? sendmsg_copy_msghdr+0x160/0x160 [ 1579.736219] ? lock_release+0x3b2/0x750 [ 1579.737010] ? lock_downgrade+0x6d0/0x6d0 [ 1579.737833] ? lock_release+0x3b2/0x750 [ 1579.738639] ? ksys_write+0x20c/0x250 [ 1579.739396] ? lock_downgrade+0x6d0/0x6d0 [ 1579.740230] ? __fget_files+0x287/0x470 [ 1579.741044] ? __fget_light+0xea/0x270 [ 1579.741832] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1579.742943] __sys_sendmsg+0xe5/0x1b0 [ 1579.743695] ? __sys_sendmsg_sock+0x30/0x30 [ 1579.744542] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1579.745657] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.746698] do_syscall_64+0x3b/0x90 [ 1579.747451] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1579.748464] RIP: 0033:0x7f406f897b19 [ 1579.749181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.753216] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1579.754953] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1579.756633] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1579.758297] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1579.759956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.761614] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1579.763323] 03:00:52 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 20) 03:00:52 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) shutdown(r2, 0x1) syz_open_procfs(0x0, 0x0) 03:00:52 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1595.621242] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1595.627051] FAULT_INJECTION: forcing a failure. [ 1595.627051] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.628316] CPU: 0 PID: 9243 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1595.629216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1595.630463] Call Trace: [ 1595.630787] [ 1595.631033] dump_stack_lvl+0x8b/0xb3 [ 1595.631466] should_fail.cold+0x5/0xa [ 1595.631901] should_failslab+0x5/0x10 [ 1595.632328] __kmalloc_track_caller+0x79/0x430 [ 1595.632839] ? kasprintf+0xbb/0xf0 [ 1595.633236] kvasprintf+0xb5/0x150 [ 1595.633632] ? bust_spinlocks+0xe0/0xe0 [ 1595.634074] ? mark_held_locks+0x9e/0xe0 [ 1595.634547] kasprintf+0xbb/0xf0 [ 1595.634928] ? kvasprintf_const+0x190/0x190 [ 1595.635409] ? lock_is_held_type+0xd7/0x130 [ 1595.635896] ieee80211_alloc_led_names+0x117/0x420 [ 1595.636450] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1595.636977] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1595.637523] ? lock_is_held_type+0xd7/0x130 [ 1595.638007] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1595.638637] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1595.639196] ? hwsim_virtio_rx_work+0x360/0x360 [ 1595.639682] ? lock_release+0x3b2/0x750 [ 1595.640124] ? __kmalloc+0x25b/0x440 [ 1595.640546] hwsim_new_radio_nl+0x9ab/0x1050 [ 1595.641031] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1595.641595] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.642212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1595.642959] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1595.643687] genl_family_rcv_msg_doit+0x22d/0x330 [ 1595.644218] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1595.644944] ? mutex_lock_io_nested+0x1310/0x1310 [ 1595.645474] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.646082] ? cap_capable+0x1eb/0x250 [ 1595.646499] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.647127] ? ns_capable+0xd9/0x100 [ 1595.647553] genl_rcv_msg+0x33c/0x5a0 [ 1595.647982] ? genl_get_cmd+0x480/0x480 [ 1595.648419] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1595.648988] ? lock_release+0x750/0x750 [ 1595.649444] netlink_rcv_skb+0x14b/0x430 [ 1595.649897] ? genl_get_cmd+0x480/0x480 [ 1595.650337] ? netlink_ack+0xa80/0xa80 [ 1595.650761] ? netlink_deliver_tap+0x1b2/0xc30 [ 1595.651272] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1595.651793] ? is_vmalloc_addr+0x7b/0xb0 [ 1595.652256] genl_rcv+0x24/0x40 [ 1595.652602] netlink_unicast+0x54a/0x800 [ 1595.653057] ? netlink_attachskb+0x880/0x880 [ 1595.653520] ? is_vmalloc_addr+0x7b/0xb0 [ 1595.653969] netlink_sendmsg+0x904/0xe00 [ 1595.654407] ? netlink_unicast+0x800/0x800 [ 1595.654908] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.655526] ? netlink_unicast+0x800/0x800 [ 1595.655997] sock_sendmsg+0x150/0x190 [ 1595.656418] ____sys_sendmsg+0x703/0x870 [ 1595.656877] ? kernel_sendmsg+0x50/0x50 [ 1595.657320] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1595.657825] ? lockdep_hardirqs_on_prepare+0x400/0x400 03:00:52 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x300000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:52 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 24) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:00:52 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xfffffff0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:00:52 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:00:52 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1595.658674] ? lock_release+0x3b2/0x750 [ 1595.659112] ___sys_sendmsg+0xf3/0x170 [ 1595.659545] ? sendmsg_copy_msghdr+0x160/0x160 [ 1595.660051] ? lock_release+0x3b2/0x750 [ 1595.660491] ? lock_downgrade+0x6d0/0x6d0 [ 1595.660951] ? lock_release+0x3b2/0x750 [ 1595.661393] ? ksys_write+0x20c/0x250 [ 1595.661814] ? lock_downgrade+0x6d0/0x6d0 [ 1595.662291] ? __fget_files+0x287/0x470 [ 1595.662766] ? __fget_light+0xea/0x270 [ 1595.663215] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1595.663825] __sys_sendmsg+0xe5/0x1b0 [ 1595.664236] ? __sys_sendmsg_sock+0x30/0x30 [ 1595.664700] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.665316] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.665896] do_syscall_64+0x3b/0x90 [ 1595.666313] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1595.666853] RIP: 0033:0x7f406f897b19 [ 1595.667260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.669291] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1595.670118] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1595.670902] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1595.671682] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.672442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.673227] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1595.674020] [ 1595.687057] blktrace: Concurrent blktraces are not allowed on sg0 [ 1595.690375] FAULT_INJECTION: forcing a failure. [ 1595.690375] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.691777] CPU: 0 PID: 9255 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1595.692691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1595.693940] Call Trace: [ 1595.694230] [ 1595.694478] dump_stack_lvl+0x8b/0xb3 [ 1595.694926] should_fail.cold+0x5/0xa [ 1595.695352] should_failslab+0x5/0x10 [ 1595.695781] __kmalloc_track_caller+0x79/0x430 [ 1595.696289] ? kstrdup_const+0x53/0x80 [ 1595.696736] kstrdup+0x36/0x70 [ 1595.697094] kstrdup_const+0x53/0x80 [ 1595.697504] __kernfs_new_node+0x9d/0x8b0 [ 1595.697989] ? kernfs_path_from_node+0x60/0x60 [ 1595.698467] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1595.699040] ? map_id_range_down+0x1c4/0x340 [ 1595.699540] ? projid_m_show+0x220/0x220 [ 1595.700008] ? make_kgid+0x1c/0x20 [ 1595.700398] kernfs_create_dir_ns+0x9c/0x220 [ 1595.700899] sysfs_create_dir_ns+0x127/0x290 [ 1595.701384] ? sysfs_create_mount_point+0xb0/0xb0 [ 1595.701913] ? rwlock_bug.part.0+0x90/0x90 [ 1595.702389] ? net_namespace+0x9/0x40 [ 1595.702800] ? device_namespace+0x91/0xd0 [ 1595.703267] kobject_add_internal+0x24c/0x8d0 [ 1595.703767] kobject_add+0x150/0x1c0 [ 1595.704187] ? kset_create_and_add+0x1a0/0x1a0 [ 1595.704690] ? lockdep_init_map_type+0x21a/0x7e0 [ 1595.705229] device_add+0x357/0x1e60 [ 1595.705634] ? device_initialize+0x4d0/0x4d0 [ 1595.706129] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1595.706749] ? __init_waitqueue_head+0x6b/0xd0 [ 1595.707268] netdev_register_kobject+0x17a/0x3b0 [ 1595.707794] register_netdevice+0xd65/0x1470 [ 1595.708289] ? netdev_change_features+0xb0/0xb0 [ 1595.708804] ? dev_addr_mod+0x29a/0x340 [ 1595.709251] __tun_chr_ioctl+0x20dd/0x3f10 [ 1595.709727] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1595.710237] ? lock_is_held_type+0xd7/0x130 [ 1595.710712] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.711327] ? tun_chr_compat_ioctl+0x30/0x30 [ 1595.711819] __x64_sys_ioctl+0x196/0x210 [ 1595.712280] do_syscall_64+0x3b/0x90 [ 1595.712697] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1595.713265] RIP: 0033:0x7fb21bfaab19 [ 1595.713667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.715718] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1595.716551] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1595.717336] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1595.718122] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.718910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.719660] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1595.720456] [ 1595.720856] kobject_add_internal failed for rose0 (error: -12 parent: net) [ 1595.747716] blktrace: Concurrent blktraces are not allowed on sg0 [ 1595.761358] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:00:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 21) 03:00:53 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0xffffffff, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1595.856513] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1595.857688] FAULT_INJECTION: forcing a failure. [ 1595.857688] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.858968] CPU: 0 PID: 9267 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1595.859873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1595.861114] Call Trace: [ 1595.861404] [ 1595.861649] dump_stack_lvl+0x8b/0xb3 [ 1595.862078] should_fail.cold+0x5/0xa [ 1595.862521] ? create_object.isra.0+0x3a/0xa20 [ 1595.863048] should_failslab+0x5/0x10 [ 1595.863472] kmem_cache_alloc+0x5b/0x480 [ 1595.863938] create_object.isra.0+0x3a/0xa20 [ 1595.864433] ? kasan_unpoison+0x23/0x50 [ 1595.864884] __kmalloc_track_caller+0x25e/0x430 [ 1595.865397] ? kasprintf+0xbb/0xf0 [ 1595.865774] kvasprintf+0xb5/0x150 [ 1595.866166] ? bust_spinlocks+0xe0/0xe0 [ 1595.866638] ? mark_held_locks+0x9e/0xe0 [ 1595.867091] kasprintf+0xbb/0xf0 [ 1595.867462] ? kvasprintf_const+0x190/0x190 [ 1595.867939] ? lock_is_held_type+0xd7/0x130 [ 1595.868427] ieee80211_alloc_led_names+0x117/0x420 [ 1595.868969] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1595.869499] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1595.870038] ? lock_is_held_type+0xd7/0x130 [ 1595.870502] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1595.871154] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1595.871712] ? hwsim_virtio_rx_work+0x360/0x360 [ 1595.872231] ? lock_release+0x3b2/0x750 [ 1595.872670] ? __kmalloc+0x25b/0x440 [ 1595.873090] hwsim_new_radio_nl+0x9ab/0x1050 [ 1595.873580] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1595.874158] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.874793] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1595.875484] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1595.876213] genl_family_rcv_msg_doit+0x22d/0x330 [ 1595.876753] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1595.877474] ? mutex_lock_io_nested+0x1310/0x1310 [ 1595.878014] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.878652] ? cap_capable+0x1eb/0x250 [ 1595.879099] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.879713] ? ns_capable+0xd9/0x100 [ 1595.880140] genl_rcv_msg+0x33c/0x5a0 [ 1595.880565] ? genl_get_cmd+0x480/0x480 03:00:53 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 25) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1595.881000] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1595.881788] ? lock_release+0x750/0x750 [ 1595.882222] netlink_rcv_skb+0x14b/0x430 [ 1595.882667] ? genl_get_cmd+0x480/0x480 [ 1595.883086] ? netlink_ack+0xa80/0xa80 [ 1595.883502] ? netlink_deliver_tap+0x1b2/0xc30 [ 1595.883986] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1595.884519] ? is_vmalloc_addr+0x7b/0xb0 [ 1595.884956] genl_rcv+0x24/0x40 [ 1595.885303] netlink_unicast+0x54a/0x800 [ 1595.885733] ? netlink_attachskb+0x880/0x880 [ 1595.886199] ? is_vmalloc_addr+0x7b/0xb0 [ 1595.886664] netlink_sendmsg+0x904/0xe00 [ 1595.887096] ? netlink_unicast+0x800/0x800 [ 1595.887542] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.888130] ? netlink_unicast+0x800/0x800 [ 1595.888580] sock_sendmsg+0x150/0x190 [ 1595.888984] ____sys_sendmsg+0x703/0x870 [ 1595.889416] ? kernel_sendmsg+0x50/0x50 [ 1595.889835] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1595.890315] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1595.890894] ? lock_release+0x3b2/0x750 [ 1595.891324] ___sys_sendmsg+0xf3/0x170 [ 1595.891734] ? sendmsg_copy_msghdr+0x160/0x160 [ 1595.892223] ? lock_release+0x3b2/0x750 [ 1595.892644] ? lock_downgrade+0x6d0/0x6d0 [ 1595.893101] ? lock_release+0x3b2/0x750 [ 1595.893525] ? ksys_write+0x20c/0x250 [ 1595.893933] ? lock_downgrade+0x6d0/0x6d0 [ 1595.894373] ? __fget_files+0x287/0x470 [ 1595.894828] ? __fget_light+0xea/0x270 [ 1595.895237] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1595.895813] __sys_sendmsg+0xe5/0x1b0 [ 1595.896219] ? __sys_sendmsg_sock+0x30/0x30 [ 1595.896676] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.897264] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.897817] do_syscall_64+0x3b/0x90 [ 1595.898212] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1595.898787] RIP: 0033:0x7f406f897b19 [ 1595.899171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.901089] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1595.901894] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1595.902655] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1595.903402] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.904146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.904894] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1595.905658] 03:00:53 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) r1 = fork() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x12) sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x44}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x21}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3b}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x4008014) ptrace$setopts(0x4206, r1, 0x100000000001, 0x44) ptrace(0x4208, r1) ptrace(0x10, r1) syz_open_procfs(r1, 0x0) 03:00:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:00:53 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x400000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:53 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1595.950366] FAULT_INJECTION: forcing a failure. [ 1595.950366] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.951721] CPU: 0 PID: 9270 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1595.952585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1595.953768] Call Trace: [ 1595.954039] [ 1595.954267] dump_stack_lvl+0x8b/0xb3 [ 1595.954699] should_fail.cold+0x5/0xa [ 1595.955116] ? create_object.isra.0+0x3a/0xa20 [ 1595.955604] should_failslab+0x5/0x10 [ 1595.956009] kmem_cache_alloc+0x5b/0x480 [ 1595.956454] create_object.isra.0+0x3a/0xa20 [ 1595.956919] ? kasan_unpoison+0x23/0x50 [ 1595.957342] __kmalloc_track_caller+0x25e/0x430 [ 1595.957838] ? kstrdup_const+0x53/0x80 [ 1595.958263] kstrdup+0x36/0x70 [ 1595.958642] kstrdup_const+0x53/0x80 [ 1595.959035] __kernfs_new_node+0x9d/0x8b0 [ 1595.959497] ? kernfs_path_from_node+0x60/0x60 [ 1595.959978] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1595.960515] ? map_id_range_down+0x1c4/0x340 [ 1595.960988] ? projid_m_show+0x220/0x220 [ 1595.961431] ? make_kgid+0x1c/0x20 [ 1595.961811] kernfs_create_dir_ns+0x9c/0x220 [ 1595.962276] sysfs_create_dir_ns+0x127/0x290 [ 1595.962767] ? sysfs_create_mount_point+0xb0/0xb0 [ 1595.963273] ? rwlock_bug.part.0+0x90/0x90 [ 1595.963724] ? net_namespace+0x9/0x40 [ 1595.964125] ? device_namespace+0x91/0xd0 [ 1595.964568] kobject_add_internal+0x24c/0x8d0 [ 1595.965051] kobject_add+0x150/0x1c0 [ 1595.965448] ? kset_create_and_add+0x1a0/0x1a0 [ 1595.965928] ? lockdep_init_map_type+0x21a/0x7e0 [ 1595.966440] device_add+0x357/0x1e60 [ 1595.966848] ? device_initialize+0x4d0/0x4d0 [ 1595.967325] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1595.967910] ? __init_waitqueue_head+0x6b/0xd0 [ 1595.968401] netdev_register_kobject+0x17a/0x3b0 [ 1595.968903] register_netdevice+0xd65/0x1470 [ 1595.969381] ? netdev_change_features+0xb0/0xb0 [ 1595.969879] ? dev_addr_mod+0x29a/0x340 [ 1595.970305] __tun_chr_ioctl+0x20dd/0x3f10 [ 1595.970792] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1595.971279] ? lock_is_held_type+0xd7/0x130 [ 1595.971746] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1595.972335] ? tun_chr_compat_ioctl+0x30/0x30 [ 1595.972825] __x64_sys_ioctl+0x196/0x210 [ 1595.973258] do_syscall_64+0x3b/0x90 [ 1595.973660] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1595.974199] RIP: 0033:0x7fb21bfaab19 [ 1595.974601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.976528] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1595.977317] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1595.978059] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1595.978824] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.979570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.980305] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1595.981056] [ 1596.000145] blktrace: Concurrent blktraces are not allowed on sg0 [ 1596.004141] blktrace: Concurrent blktraces are not allowed on sg0 03:00:53 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:00:53 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x500000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1596.036396] blktrace: Concurrent blktraces are not allowed on sg0 [ 1596.042864] blktrace: Concurrent blktraces are not allowed on sg0 03:00:53 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x600000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1596.115172] blktrace: Concurrent blktraces are not allowed on sg0 [ 1596.119732] blktrace: Concurrent blktraces are not allowed on sg0 03:00:53 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:00:53 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x700000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:00:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x3, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1596.169884] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:00:53 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 26) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1596.196163] blktrace: Concurrent blktraces are not allowed on sg0 [ 1596.215185] blktrace: Concurrent blktraces are not allowed on sg0 03:00:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 22) [ 1596.276283] FAULT_INJECTION: forcing a failure. [ 1596.276283] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.277662] CPU: 0 PID: 9304 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1596.278590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1596.279842] Call Trace: [ 1596.280125] [ 1596.280367] dump_stack_lvl+0x8b/0xb3 [ 1596.280803] should_fail.cold+0x5/0xa [ 1596.281226] ? __kernfs_new_node+0xd4/0x8b0 [ 1596.281711] should_failslab+0x5/0x10 [ 1596.282132] kmem_cache_alloc+0x5b/0x480 [ 1596.282619] __kernfs_new_node+0xd4/0x8b0 [ 1596.283090] ? kernfs_path_from_node+0x60/0x60 [ 1596.283594] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1596.284152] ? map_id_range_down+0x1c4/0x340 [ 1596.284647] ? projid_m_show+0x220/0x220 [ 1596.285109] ? make_kgid+0x1c/0x20 [ 1596.285510] kernfs_create_dir_ns+0x9c/0x220 [ 1596.286004] sysfs_create_dir_ns+0x127/0x290 [ 1596.286485] ? sysfs_create_mount_point+0xb0/0xb0 [ 1596.287036] ? rwlock_bug.part.0+0x90/0x90 [ 1596.287515] ? net_namespace+0x9/0x40 [ 1596.287935] ? device_namespace+0x91/0xd0 [ 1596.288411] kobject_add_internal+0x24c/0x8d0 [ 1596.288925] kobject_add+0x150/0x1c0 [ 1596.289334] ? kset_create_and_add+0x1a0/0x1a0 [ 1596.289865] ? lockdep_init_map_type+0x21a/0x7e0 [ 1596.290409] device_add+0x357/0x1e60 [ 1596.291315] ? device_initialize+0x4d0/0x4d0 [ 1596.292396] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1596.293702] ? __init_waitqueue_head+0x6b/0xd0 [ 1596.294828] netdev_register_kobject+0x17a/0x3b0 [ 1596.296106] register_netdevice+0xd65/0x1470 [ 1596.296997] ? netdev_change_features+0xb0/0xb0 [ 1596.297922] ? dev_addr_mod+0x29a/0x340 [ 1596.298736] __tun_chr_ioctl+0x20dd/0x3f10 [ 1596.299589] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1596.300495] ? lock_is_held_type+0xd7/0x130 [ 1596.301368] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1596.302457] ? tun_chr_compat_ioctl+0x30/0x30 [ 1596.303364] __x64_sys_ioctl+0x196/0x210 [ 1596.304179] do_syscall_64+0x3b/0x90 [ 1596.304921] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1596.305930] RIP: 0033:0x7fb21bfaab19 [ 1596.306683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.310277] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1596.311770] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1596.313166] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1596.314562] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.315955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.317345] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1596.318784] [ 1596.320076] kobject_add_internal failed for rose0 (error: -12 parent: net) [ 1596.331303] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1596.339266] FAULT_INJECTION: forcing a failure. [ 1596.339266] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.341525] CPU: 1 PID: 9308 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1596.343155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1596.345365] Call Trace: [ 1596.345868] [ 1596.346306] dump_stack_lvl+0x8b/0xb3 [ 1596.347082] should_fail.cold+0x5/0xa [ 1596.347845] should_failslab+0x5/0x10 [ 1596.348601] __kmalloc_track_caller+0x79/0x430 [ 1596.349510] ? kasprintf+0xbb/0xf0 [ 1596.350221] kvasprintf+0xb5/0x150 [ 1596.350940] ? bust_spinlocks+0xe0/0xe0 [ 1596.351729] ? mark_held_locks+0x9e/0xe0 [ 1596.352548] kasprintf+0xbb/0xf0 [ 1596.353214] ? kvasprintf_const+0x190/0x190 [ 1596.354073] ? lock_is_held_type+0xd7/0x130 [ 1596.354941] ieee80211_alloc_led_names+0x1ac/0x420 [ 1596.355919] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1596.356866] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1596.357837] ? lock_is_held_type+0xd7/0x130 [ 1596.358700] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1596.359792] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1596.360771] ? hwsim_virtio_rx_work+0x360/0x360 [ 1596.361691] ? lock_release+0x3b2/0x750 [ 1596.362479] ? __kmalloc+0x25b/0x440 [ 1596.363250] hwsim_new_radio_nl+0x9ab/0x1050 [ 1596.364122] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1596.365154] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1596.366248] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1596.367548] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1596.368835] genl_family_rcv_msg_doit+0x22d/0x330 [ 1596.369785] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1596.371082] ? mutex_lock_io_nested+0x1310/0x1310 [ 1596.372033] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1596.373118] ? cap_capable+0x1eb/0x250 [ 1596.373910] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1596.375013] ? ns_capable+0xd9/0x100 [ 1596.375771] genl_rcv_msg+0x33c/0x5a0 [ 1596.376528] ? genl_get_cmd+0x480/0x480 [ 1596.377311] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1596.378334] ? lock_release+0x750/0x750 [ 1596.379146] netlink_rcv_skb+0x14b/0x430 [ 1596.379946] ? genl_get_cmd+0x480/0x480 [ 1596.380733] ? netlink_ack+0xa80/0xa80 [ 1596.381511] ? netlink_deliver_tap+0x1b2/0xc30 [ 1596.382421] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1596.383427] ? is_vmalloc_addr+0x7b/0xb0 [ 1596.384240] genl_rcv+0x24/0x40 [ 1596.384892] netlink_unicast+0x54a/0x800 [ 1596.385702] ? netlink_attachskb+0x880/0x880 [ 1596.386573] ? is_vmalloc_addr+0x7b/0xb0 [ 1596.387393] netlink_sendmsg+0x904/0xe00 [ 1596.388203] ? netlink_unicast+0x800/0x800 [ 1596.389047] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1596.390141] ? netlink_unicast+0x800/0x800 [ 1596.390989] sock_sendmsg+0x150/0x190 [ 1596.391753] ____sys_sendmsg+0x703/0x870 [ 1596.392566] ? kernel_sendmsg+0x50/0x50 [ 1596.393353] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1596.394249] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1596.395299] ? lock_release+0x3b2/0x750 [ 1596.396099] ___sys_sendmsg+0xf3/0x170 [ 1596.396863] ? sendmsg_copy_msghdr+0x160/0x160 [ 1596.397758] ? lock_release+0x3b2/0x750 [ 1596.398562] ? lock_downgrade+0x6d0/0x6d0 [ 1596.399387] ? lock_release+0x3b2/0x750 [ 1596.400171] ? ksys_write+0x20c/0x250 [ 1596.400923] ? lock_downgrade+0x6d0/0x6d0 [ 1596.401751] ? __fget_files+0x287/0x470 [ 1596.402566] ? __fget_light+0xea/0x270 [ 1596.403343] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1596.404438] __sys_sendmsg+0xe5/0x1b0 [ 1596.405184] ? __sys_sendmsg_sock+0x30/0x30 [ 1596.406024] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1596.407148] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1596.408171] do_syscall_64+0x3b/0x90 [ 1596.408915] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1596.409925] RIP: 0033:0x7f406f897b19 [ 1596.410660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.414247] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1596.415750] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1596.417144] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1596.418545] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.419938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.421333] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1596.422761] 03:01:06 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0xf, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:01:06 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:01:06 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 23) 03:01:06 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x4, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:06 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:06 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:01:06 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 27) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1609.383562] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1609.388322] FAULT_INJECTION: forcing a failure. [ 1609.388322] name failslab, interval 1, probability 0, space 0, times 0 [ 1609.389625] CPU: 1 PID: 9327 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1609.390497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1609.391698] Call Trace: [ 1609.391971] [ 1609.392208] dump_stack_lvl+0x8b/0xb3 [ 1609.392623] should_fail.cold+0x5/0xa [ 1609.393030] ? create_object.isra.0+0x3a/0xa20 [ 1609.393531] should_failslab+0x5/0x10 [ 1609.393945] kmem_cache_alloc+0x5b/0x480 [ 1609.394390] create_object.isra.0+0x3a/0xa20 [ 1609.394867] ? kasan_unpoison+0x23/0x50 [ 1609.395295] kmem_cache_alloc+0x239/0x480 [ 1609.395742] __kernfs_new_node+0xd4/0x8b0 [ 1609.396193] ? kernfs_path_from_node+0x60/0x60 [ 1609.396684] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1609.397224] ? map_id_range_down+0x1c4/0x340 [ 1609.397697] ? projid_m_show+0x220/0x220 [ 1609.398133] ? lockdep_hardirqs_on+0x79/0x100 [ 1609.398605] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1609.399207] ? make_kgid+0x1c/0x20 [ 1609.399591] kernfs_create_dir_ns+0x9c/0x220 [ 1609.400065] sysfs_create_dir_ns+0x127/0x290 03:01:06 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1609.400538] ? sysfs_create_mount_point+0xb0/0xb0 [ 1609.401254] ? rwlock_bug.part.0+0x90/0x90 [ 1609.401720] ? net_namespace+0x9/0x40 [ 1609.402135] ? device_namespace+0x91/0xd0 [ 1609.402596] kobject_add_internal+0x24c/0x8d0 [ 1609.403086] kobject_add+0x150/0x1c0 [ 1609.403478] ? kset_create_and_add+0x1a0/0x1a0 [ 1609.403961] ? lockdep_init_map_type+0x21a/0x7e0 [ 1609.404481] device_add+0x357/0x1e60 [ 1609.404872] ? device_initialize+0x4d0/0x4d0 [ 1609.405341] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1609.405925] ? __init_waitqueue_head+0x6b/0xd0 [ 1609.406418] netdev_register_kobject+0x17a/0x3b0 [ 1609.406947] register_netdevice+0xd65/0x1470 [ 1609.407444] ? netdev_change_features+0xb0/0xb0 [ 1609.407968] ? dev_addr_mod+0x29a/0x340 [ 1609.408418] __tun_chr_ioctl+0x20dd/0x3f10 [ 1609.408902] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1609.409421] ? lock_is_held_type+0xd7/0x130 [ 1609.409926] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1609.410537] ? tun_chr_compat_ioctl+0x30/0x30 [ 1609.411056] __x64_sys_ioctl+0x196/0x210 [ 1609.411519] do_syscall_64+0x3b/0x90 [ 1609.411942] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1609.412511] RIP: 0033:0x7fb21bfaab19 [ 1609.412926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1609.414989] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1609.415829] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1609.416616] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1609.417408] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1609.418190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1609.418999] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1609.419822] [ 1609.420205] blktrace: Concurrent blktraces are not allowed on sg0 [ 1609.447438] blktrace: Concurrent blktraces are not allowed on sg0 [ 1609.488727] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1609.493962] FAULT_INJECTION: forcing a failure. [ 1609.493962] name failslab, interval 1, probability 0, space 0, times 0 [ 1609.496549] CPU: 0 PID: 9335 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1609.498178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1609.500424] Call Trace: [ 1609.500926] [ 1609.501365] dump_stack_lvl+0x8b/0xb3 [ 1609.502131] should_fail.cold+0x5/0xa [ 1609.502904] ? create_object.isra.0+0x3a/0xa20 [ 1609.503817] should_failslab+0x5/0x10 [ 1609.504570] kmem_cache_alloc+0x5b/0x480 [ 1609.505386] create_object.isra.0+0x3a/0xa20 [ 1609.506252] ? kasan_unpoison+0x23/0x50 [ 1609.507070] __kmalloc_track_caller+0x25e/0x430 [ 1609.507996] ? kasprintf+0xbb/0xf0 [ 1609.508704] kvasprintf+0xb5/0x150 [ 1609.509399] ? bust_spinlocks+0xe0/0xe0 [ 1609.510186] ? mark_held_locks+0x9e/0xe0 [ 1609.511011] kasprintf+0xbb/0xf0 [ 1609.511677] ? kvasprintf_const+0x190/0x190 [ 1609.512534] ? lock_is_held_type+0xd7/0x130 [ 1609.513402] ieee80211_alloc_led_names+0x1ac/0x420 [ 1609.514377] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1609.515378] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1609.516364] ? lock_is_held_type+0xd7/0x130 [ 1609.517235] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1609.518326] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1609.519312] ? hwsim_virtio_rx_work+0x360/0x360 [ 1609.520227] ? lock_release+0x3b2/0x750 [ 1609.521012] ? __kmalloc+0x25b/0x440 [ 1609.521768] hwsim_new_radio_nl+0x9ab/0x1050 [ 1609.522637] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1609.523685] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1609.524780] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1609.526077] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1609.527383] genl_family_rcv_msg_doit+0x22d/0x330 [ 1609.528341] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1609.529643] ? mutex_lock_io_nested+0x1310/0x1310 [ 1609.530598] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1609.531699] ? cap_capable+0x1eb/0x250 [ 1609.532495] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1609.533580] ? ns_capable+0xd9/0x100 [ 1609.534336] genl_rcv_msg+0x33c/0x5a0 [ 1609.535136] ? genl_get_cmd+0x480/0x480 [ 1609.535922] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1609.536951] ? lock_release+0x750/0x750 [ 1609.537746] ? io_schedule_timeout+0x140/0x140 [ 1609.538658] netlink_rcv_skb+0x14b/0x430 [ 1609.539478] ? genl_get_cmd+0x480/0x480 [ 1609.540281] ? netlink_ack+0xa80/0xa80 [ 1609.541062] ? netlink_deliver_tap+0x1b2/0xc30 [ 1609.541971] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1609.542978] ? is_vmalloc_addr+0x7b/0xb0 [ 1609.543800] genl_rcv+0x24/0x40 [ 1609.544457] netlink_unicast+0x54a/0x800 [ 1609.545265] ? netlink_attachskb+0x880/0x880 [ 1609.546134] ? is_vmalloc_addr+0x7b/0xb0 [ 1609.546984] netlink_sendmsg+0x904/0xe00 [ 1609.547788] ? netlink_unicast+0x800/0x800 [ 1609.548641] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1609.549741] ? netlink_unicast+0x800/0x800 [ 1609.550571] sock_sendmsg+0x150/0x190 [ 1609.551348] ____sys_sendmsg+0x703/0x870 [ 1609.552167] ? kernel_sendmsg+0x50/0x50 [ 1609.552963] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1609.553864] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1609.554934] ? lock_release+0x3b2/0x750 [ 1609.555740] ___sys_sendmsg+0xf3/0x170 [ 1609.556504] ? sendmsg_copy_msghdr+0x160/0x160 [ 1609.557404] ? lock_release+0x3b2/0x750 [ 1609.558198] ? lock_downgrade+0x6d0/0x6d0 [ 1609.559042] ? lock_release+0x3b2/0x750 [ 1609.559840] ? ksys_write+0x20c/0x250 [ 1609.560598] ? lock_downgrade+0x6d0/0x6d0 [ 1609.561429] ? __fget_files+0x287/0x470 [ 1609.562251] ? __fget_light+0xea/0x270 [ 1609.563057] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1609.564175] __sys_sendmsg+0xe5/0x1b0 [ 1609.564941] ? __sys_sendmsg_sock+0x30/0x30 [ 1609.565800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1609.566943] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1609.567987] do_syscall_64+0x3b/0x90 [ 1609.568740] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1609.569775] RIP: 0033:0x7f406f897b19 [ 1609.570523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1609.574216] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1609.575753] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1609.577150] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1609.578565] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1609.580014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1609.581427] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1609.582885] 03:01:06 executing program 4: sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x0, 0x202, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x1}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x1}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) syz_open_procfs(0x0, 0x0) 03:01:06 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}) 03:01:06 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x3}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1609.605351] blktrace: Concurrent blktraces are not allowed on sg0 [ 1609.657750] blktrace: Concurrent blktraces are not allowed on sg0 [ 1609.701584] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:01:22 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}) 03:01:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 24) 03:01:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:22 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 28) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:01:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0xc0, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1624.898026] FAULT_INJECTION: forcing a failure. [ 1624.898026] name failslab, interval 1, probability 0, space 0, times 0 [ 1624.899294] CPU: 0 PID: 9357 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1624.900153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1624.901340] Call Trace: [ 1624.901617] [ 1624.901852] dump_stack_lvl+0x8b/0xb3 [ 1624.902278] should_fail.cold+0x5/0xa [ 1624.902697] ? __kernfs_new_node+0xd4/0x8b0 [ 1624.903186] should_failslab+0x5/0x10 [ 1624.903593] kmem_cache_alloc+0x5b/0x480 [ 1624.904031] ? lock_downgrade+0x6d0/0x6d0 [ 1624.904467] __kernfs_new_node+0xd4/0x8b0 [ 1624.904927] ? __lock_acquire+0x164e/0x6120 [ 1624.905399] ? kernfs_path_from_node+0x60/0x60 [ 1624.905928] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1624.906512] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1624.907085] ? map_id_range_down+0x1c4/0x340 [ 1624.907575] kernfs_new_node+0x93/0x120 [ 1624.908026] __kernfs_create_file+0x51/0x350 [ 1624.908519] sysfs_add_file_mode_ns+0x218/0x430 [ 1624.909027] ? component_del+0x4c0/0x4c0 03:01:22 executing program 4: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x28, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x28}}, 0x0) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x0, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_FAMILY={0x6}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x10, 0x1, '\\-\'/\\$^})*)\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x28}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4040801) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8919, &(0x7f0000000040)={'veth1_to_hsr\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1624.909484] sysfs_create_file_ns+0x127/0x1c0 [ 1624.910077] ? sysfs_add_file_mode_ns+0x430/0x430 [ 1624.910611] ? down_read+0x198/0x440 [ 1624.911031] ? up_write+0x460/0x460 [ 1624.911420] device_create_file+0xea/0x1d0 [ 1624.911870] device_add+0x4b0/0x1e60 [ 1624.912268] ? device_initialize+0x4d0/0x4d0 [ 1624.912749] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1624.913322] ? __init_waitqueue_head+0x6b/0xd0 [ 1624.913809] netdev_register_kobject+0x17a/0x3b0 [ 1624.914320] register_netdevice+0xd65/0x1470 [ 1624.914807] ? netdev_change_features+0xb0/0xb0 [ 1624.915304] ? dev_addr_mod+0x29a/0x340 [ 1624.915740] __tun_chr_ioctl+0x20dd/0x3f10 [ 1624.916199] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1624.916687] ? lock_is_held_type+0xd7/0x130 [ 1624.917160] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 03:01:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x5, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1624.917750] ? tun_chr_compat_ioctl+0x30/0x30 [ 1624.918278] __x64_sys_ioctl+0x196/0x210 [ 1624.918722] do_syscall_64+0x3b/0x90 [ 1624.919135] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1624.919687] RIP: 0033:0x7fb21bfaab19 [ 1624.920074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1624.921984] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1624.922770] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1624.923502] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1624.924240] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1624.924970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1624.925695] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1624.926433] 03:01:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x4}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1624.935510] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1624.943774] blktrace: Concurrent blktraces are not allowed on sg0 [ 1624.945417] FAULT_INJECTION: forcing a failure. [ 1624.945417] name failslab, interval 1, probability 0, space 0, times 0 [ 1624.947748] CPU: 1 PID: 9356 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1624.949392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1624.952125] Call Trace: [ 1624.952756] [ 1624.953302] dump_stack_lvl+0x8b/0xb3 [ 1624.954305] should_fail.cold+0x5/0xa [ 1624.955295] ? create_object.isra.0+0x3a/0xa20 [ 1624.956458] should_failslab+0x5/0x10 [ 1624.957430] kmem_cache_alloc+0x5b/0x480 [ 1624.958428] create_object.isra.0+0x3a/0xa20 [ 1624.959362] ? kasan_unpoison+0x23/0x50 [ 1624.960189] __kmalloc_track_caller+0x25e/0x430 [ 1624.961141] ? kasprintf+0xbb/0xf0 [ 1624.961881] kvasprintf+0xb5/0x150 [ 1624.962614] ? bust_spinlocks+0xe0/0xe0 [ 1624.963438] ? mark_held_locks+0x9e/0xe0 [ 1624.964278] kasprintf+0xbb/0xf0 [ 1624.964962] ? kvasprintf_const+0x190/0x190 [ 1624.965839] ? lock_is_held_type+0xd7/0x130 [ 1624.966730] ieee80211_alloc_led_names+0x1ac/0x420 [ 1624.967771] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1624.968742] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1624.969738] ? lock_is_held_type+0xd7/0x130 [ 1624.970612] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1624.971740] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1624.972756] ? hwsim_virtio_rx_work+0x360/0x360 [ 1624.973700] ? lock_release+0x3b2/0x750 [ 1624.974495] ? __kmalloc+0x25b/0x440 [ 1624.975291] hwsim_new_radio_nl+0x9ab/0x1050 [ 1624.976194] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1624.977252] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1624.978376] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1624.979719] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1624.981033] genl_family_rcv_msg_doit+0x22d/0x330 [ 1624.982003] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1624.983350] ? mutex_lock_io_nested+0x1310/0x1310 [ 1624.984324] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1624.985435] ? cap_capable+0x1eb/0x250 [ 1624.986253] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1624.987380] ? ns_capable+0xd9/0x100 [ 1624.988167] genl_rcv_msg+0x33c/0x5a0 [ 1624.988944] ? genl_get_cmd+0x480/0x480 [ 1624.989750] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1624.990799] ? lock_release+0x750/0x750 [ 1624.991635] netlink_rcv_skb+0x14b/0x430 [ 1624.992438] ? genl_get_cmd+0x480/0x480 [ 1624.993255] ? netlink_ack+0xa80/0xa80 [ 1624.994057] ? netlink_deliver_tap+0x1b2/0xc30 [ 1624.994995] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1624.996004] ? is_vmalloc_addr+0x7b/0xb0 [ 1624.996847] genl_rcv+0x24/0x40 [ 1624.997503] netlink_unicast+0x54a/0x800 [ 1624.998329] ? netlink_attachskb+0x880/0x880 [ 1624.999236] ? is_vmalloc_addr+0x7b/0xb0 [ 1625.000080] netlink_sendmsg+0x904/0xe00 [ 1625.000908] ? netlink_unicast+0x800/0x800 [ 1625.001777] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.002897] ? netlink_unicast+0x800/0x800 [ 1625.003782] sock_sendmsg+0x150/0x190 [ 1625.004564] ____sys_sendmsg+0x703/0x870 [ 1625.005438] ? kernel_sendmsg+0x50/0x50 [ 1625.006246] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1625.007201] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1625.008265] ? lock_release+0x3b2/0x750 [ 1625.009102] ___sys_sendmsg+0xf3/0x170 [ 1625.009889] ? sendmsg_copy_msghdr+0x160/0x160 [ 1625.010803] ? lock_release+0x3b2/0x750 [ 1625.011629] ? lock_downgrade+0x6d0/0x6d0 [ 1625.012459] ? lock_release+0x3b2/0x750 [ 1625.013258] ? ksys_write+0x20c/0x250 [ 1625.014048] ? lock_downgrade+0x6d0/0x6d0 [ 1625.014903] ? __fget_files+0x287/0x470 [ 1625.015748] ? __fget_light+0xea/0x270 [ 1625.016536] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1625.017672] __sys_sendmsg+0xe5/0x1b0 [ 1625.018429] ? __sys_sendmsg_sock+0x30/0x30 [ 1625.019322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.020463] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1625.021510] do_syscall_64+0x3b/0x90 [ 1625.022286] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1625.023324] RIP: 0033:0x7f406f897b19 [ 1625.024085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.027778] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1625.029296] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1625.030719] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1625.032168] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1625.033593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1625.035020] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1625.036469] 03:01:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1625.051403] blktrace: Concurrent blktraces are not allowed on sg0 03:01:22 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x5}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1625.121362] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1625.145146] blktrace: Concurrent blktraces are not allowed on sg0 [ 1625.166538] blktrace: Concurrent blktraces are not allowed on sg0 03:01:22 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 29) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:01:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 25) [ 1625.235511] FAULT_INJECTION: forcing a failure. [ 1625.235511] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.236931] CPU: 0 PID: 9388 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1625.237811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1625.239012] Call Trace: [ 1625.239289] [ 1625.239521] dump_stack_lvl+0x8b/0xb3 [ 1625.239936] should_fail.cold+0x5/0xa [ 1625.240338] ? create_object.isra.0+0x3a/0xa20 [ 1625.240839] should_failslab+0x5/0x10 [ 1625.241242] kmem_cache_alloc+0x5b/0x480 [ 1625.241705] create_object.isra.0+0x3a/0xa20 [ 1625.242172] ? kasan_unpoison+0x23/0x50 [ 1625.242610] kmem_cache_alloc+0x239/0x480 [ 1625.243087] __kernfs_new_node+0xd4/0x8b0 [ 1625.243527] ? __lock_acquire+0x164e/0x6120 [ 1625.244007] ? kernfs_path_from_node+0x60/0x60 [ 1625.244495] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1625.245053] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 1625.245579] ? map_id_range_down+0x1c4/0x340 [ 1625.246059] kernfs_new_node+0x93/0x120 [ 1625.246483] __kernfs_create_file+0x51/0x350 [ 1625.246975] sysfs_add_file_mode_ns+0x218/0x430 [ 1625.247479] ? component_del+0x4c0/0x4c0 [ 1625.247921] sysfs_create_file_ns+0x127/0x1c0 [ 1625.248394] ? sysfs_add_file_mode_ns+0x430/0x430 [ 1625.248916] ? down_read+0x198/0x440 [ 1625.249326] ? up_write+0x460/0x460 [ 1625.249712] device_create_file+0xea/0x1d0 [ 1625.250169] device_add+0x4b0/0x1e60 [ 1625.250563] ? device_initialize+0x4d0/0x4d0 [ 1625.251045] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1625.251622] ? __init_waitqueue_head+0x6b/0xd0 [ 1625.252120] netdev_register_kobject+0x17a/0x3b0 [ 1625.252628] register_netdevice+0xd65/0x1470 [ 1625.253106] ? netdev_change_features+0xb0/0xb0 [ 1625.253608] ? dev_addr_mod+0x29a/0x340 [ 1625.254049] __tun_chr_ioctl+0x20dd/0x3f10 [ 1625.254512] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1625.255009] ? lock_is_held_type+0xd7/0x130 [ 1625.255475] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.256061] ? tun_chr_compat_ioctl+0x30/0x30 [ 1625.256547] __x64_sys_ioctl+0x196/0x210 [ 1625.257035] do_syscall_64+0x3b/0x90 [ 1625.257573] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1625.258313] RIP: 0033:0x7fb21bfaab19 [ 1625.258831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.261064] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1625.261900] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1625.262668] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1625.263433] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1625.264194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1625.264959] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1625.265747] [ 1625.321746] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1625.322883] FAULT_INJECTION: forcing a failure. [ 1625.322883] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.324141] CPU: 0 PID: 9390 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1625.325132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1625.326352] Call Trace: [ 1625.326635] [ 1625.326877] dump_stack_lvl+0x8b/0xb3 [ 1625.327302] should_fail.cold+0x5/0xa [ 1625.327712] ? create_object.isra.0+0x3a/0xa20 [ 1625.328190] should_failslab+0x5/0x10 [ 1625.328614] kmem_cache_alloc+0x5b/0x480 [ 1625.329060] create_object.isra.0+0x3a/0xa20 [ 1625.329519] ? kasan_unpoison+0x23/0x50 [ 1625.329957] __kmalloc_track_caller+0x25e/0x430 [ 1625.330450] ? kasprintf+0xbb/0xf0 [ 1625.330870] kvasprintf+0xb5/0x150 [ 1625.331268] ? bust_spinlocks+0xe0/0xe0 [ 1625.331726] ? mark_held_locks+0x9e/0xe0 [ 1625.332192] kasprintf+0xbb/0xf0 [ 1625.332573] ? kvasprintf_const+0x190/0x190 [ 1625.333059] ? lock_is_held_type+0xd7/0x130 [ 1625.333562] ieee80211_alloc_led_names+0x23f/0x420 [ 1625.334137] ieee80211_alloc_hw_nm+0x19e6/0x2190 [ 1625.334685] mac80211_hwsim_new_radio+0x1f6/0x4900 [ 1625.335255] ? lock_is_held_type+0xd7/0x130 [ 1625.335750] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1625.336395] ? do_trace_netlink_extack+0x15d/0x1d0 [ 1625.336977] ? hwsim_virtio_rx_work+0x360/0x360 [ 1625.337494] ? lock_release+0x3b2/0x750 [ 1625.337967] ? __kmalloc+0x25b/0x440 [ 1625.338399] hwsim_new_radio_nl+0x9ab/0x1050 [ 1625.338904] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1625.339495] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.340119] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1625.340874] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1625.341603] genl_family_rcv_msg_doit+0x22d/0x330 [ 1625.342142] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1625.342858] ? mutex_lock_io_nested+0x1310/0x1310 [ 1625.343391] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.343986] ? cap_capable+0x1eb/0x250 [ 1625.344425] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.345026] ? ns_capable+0xd9/0x100 [ 1625.345438] genl_rcv_msg+0x33c/0x5a0 [ 1625.345858] ? genl_get_cmd+0x480/0x480 [ 1625.346282] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1625.346854] ? lock_release+0x750/0x750 [ 1625.347304] netlink_rcv_skb+0x14b/0x430 [ 1625.347748] ? genl_get_cmd+0x480/0x480 [ 1625.348195] ? netlink_ack+0xa80/0xa80 [ 1625.348651] ? netlink_deliver_tap+0x1b2/0xc30 [ 1625.349170] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1625.349731] ? is_vmalloc_addr+0x7b/0xb0 [ 1625.350193] genl_rcv+0x24/0x40 [ 1625.350559] netlink_unicast+0x54a/0x800 [ 1625.351037] ? netlink_attachskb+0x880/0x880 [ 1625.351511] ? is_vmalloc_addr+0x7b/0xb0 [ 1625.351977] netlink_sendmsg+0x904/0xe00 [ 1625.352427] ? netlink_unicast+0x800/0x800 [ 1625.352909] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.353521] ? netlink_unicast+0x800/0x800 [ 1625.354006] sock_sendmsg+0x150/0x190 [ 1625.354444] ____sys_sendmsg+0x703/0x870 [ 1625.354916] ? kernel_sendmsg+0x50/0x50 [ 1625.355393] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1625.355925] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1625.356520] ? lock_release+0x3b2/0x750 [ 1625.356985] ___sys_sendmsg+0xf3/0x170 [ 1625.357425] ? sendmsg_copy_msghdr+0x160/0x160 [ 1625.357944] ? lock_release+0x3b2/0x750 [ 1625.358391] ? lock_downgrade+0x6d0/0x6d0 [ 1625.358871] ? lock_release+0x3b2/0x750 [ 1625.359334] ? ksys_write+0x20c/0x250 [ 1625.359881] ? lock_downgrade+0x6d0/0x6d0 [ 1625.360496] ? __fget_files+0x287/0x470 [ 1625.361102] ? __fget_light+0xea/0x270 [ 1625.361662] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1625.362441] __sys_sendmsg+0xe5/0x1b0 [ 1625.363003] ? __sys_sendmsg_sock+0x30/0x30 [ 1625.363561] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1625.364207] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1625.364817] do_syscall_64+0x3b/0x90 [ 1625.365241] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1625.365858] RIP: 0033:0x7f406f897b19 [ 1625.366266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1625.368331] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1625.369184] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1625.369991] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1625.370797] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1625.371600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1625.372377] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1625.373214] 03:01:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'veth1_to_hsr\x00'}) 03:01:35 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 26) [ 1638.090125] blktrace: Concurrent blktraces are not allowed on sg0 [ 1638.101245] FAULT_INJECTION: forcing a failure. [ 1638.101245] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.102545] CPU: 0 PID: 9410 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 03:01:35 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x6}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:01:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x6, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:35 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0xec0, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:01:35 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}) 03:01:35 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 30) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1638.103495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1638.104960] Call Trace: [ 1638.105249] [ 1638.105499] dump_stack_lvl+0x8b/0xb3 [ 1638.105937] should_fail.cold+0x5/0xa [ 1638.106381] ? __kernfs_new_node+0xd4/0x8b0 [ 1638.106879] should_failslab+0x5/0x10 [ 1638.107331] kmem_cache_alloc+0x5b/0x480 [ 1638.107801] __kernfs_new_node+0xd4/0x8b0 [ 1638.108277] ? kernfs_path_from_node+0x60/0x60 [ 1638.108801] ? lock_is_held_type+0xd7/0x130 [ 1638.109295] ? find_held_lock+0x2c/0x110 [ 1638.109773] ? lock_release+0x3b2/0x750 [ 1638.110201] ? sysfs_do_create_link_sd+0x82/0x140 [ 1638.110763] kernfs_new_node+0x93/0x120 [ 1638.111234] kernfs_create_link+0xcb/0x230 [ 1638.111714] sysfs_do_create_link_sd+0x90/0x140 [ 1638.112242] sysfs_create_link+0x5f/0xc0 [ 1638.112707] device_add+0x53c/0x1e60 [ 1638.113137] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1638.113765] ? __init_waitqueue_head+0x6b/0xd0 [ 1638.114305] netdev_register_kobject+0x17a/0x3b0 [ 1638.114854] register_netdevice+0xd65/0x1470 [ 1638.115347] ? netdev_change_features+0xb0/0xb0 [ 1638.115884] ? dev_addr_mod+0x29a/0x340 [ 1638.116345] __tun_chr_ioctl+0x20dd/0x3f10 [ 1638.116833] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1638.117361] ? lock_is_held_type+0xd7/0x130 [ 1638.117867] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.118497] ? tun_chr_compat_ioctl+0x30/0x30 [ 1638.118995] blktrace: Concurrent blktraces are not allowed on sg0 [ 1638.119009] __x64_sys_ioctl+0x196/0x210 [ 1638.120730] do_syscall_64+0x3b/0x90 [ 1638.121157] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1638.121737] RIP: 0033:0x7fb21bfaab19 [ 1638.122162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.124285] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1638.125148] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1638.125960] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1638.126768] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1638.127576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1638.128358] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1638.129143] [ 1638.136472] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1638.148537] FAULT_INJECTION: forcing a failure. [ 1638.148537] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.149939] CPU: 0 PID: 9417 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1638.150885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1638.152183] Call Trace: [ 1638.152474] [ 1638.152721] dump_stack_lvl+0x8b/0xb3 [ 1638.153158] should_fail.cold+0x5/0xa [ 1638.153597] ? device_create_groups_vargs+0x8a/0x280 [ 1638.154170] should_failslab+0x5/0x10 [ 1638.154603] kmem_cache_alloc_trace+0x55/0x3c0 [ 1638.155148] device_create_groups_vargs+0x8a/0x280 [ 1638.155715] device_create+0xdc/0x110 [ 1638.156141] ? device_create_groups_vargs+0x280/0x280 [ 1638.156717] ? queue_work_node+0x350/0x350 [ 1638.157209] ? init_timer_key+0xd1/0x110 [ 1638.157656] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1638.158171] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1638.158721] ? init_timer_key+0x81/0x110 [ 1638.159200] mac80211_hwsim_new_radio+0x382/0x4900 [ 1638.159762] ? lock_is_held_type+0xd7/0x130 [ 1638.160258] ? hwsim_virtio_rx_work+0x360/0x360 [ 1638.160783] ? lock_release+0x3b2/0x750 [ 1638.161232] ? __kmalloc+0x25b/0x440 [ 1638.161652] hwsim_new_radio_nl+0x9ab/0x1050 [ 1638.162132] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1638.162702] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.163326] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1638.164055] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1638.164769] genl_family_rcv_msg_doit+0x22d/0x330 [ 1638.165293] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1638.166010] ? mutex_lock_io_nested+0x1310/0x1310 [ 1638.166537] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.167174] ? cap_capable+0x1eb/0x250 [ 1638.167615] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.168224] ? ns_capable+0xd9/0x100 [ 1638.168651] genl_rcv_msg+0x33c/0x5a0 [ 1638.169059] ? genl_get_cmd+0x480/0x480 [ 1638.169500] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1638.170060] ? lock_release+0x750/0x750 [ 1638.170521] netlink_rcv_skb+0x14b/0x430 [ 1638.170957] ? genl_get_cmd+0x480/0x480 [ 1638.171424] ? netlink_ack+0xa80/0xa80 [ 1638.171875] ? netlink_deliver_tap+0x1b2/0xc30 [ 1638.172400] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1638.172968] ? is_vmalloc_addr+0x7b/0xb0 [ 1638.173410] genl_rcv+0x24/0x40 [ 1638.173784] netlink_unicast+0x54a/0x800 [ 1638.174231] ? netlink_attachskb+0x880/0x880 [ 1638.174717] ? is_vmalloc_addr+0x7b/0xb0 [ 1638.175180] netlink_sendmsg+0x904/0xe00 [ 1638.175650] ? netlink_unicast+0x800/0x800 [ 1638.176109] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.176734] ? netlink_unicast+0x800/0x800 [ 1638.177206] sock_sendmsg+0x150/0x190 [ 1638.177635] ____sys_sendmsg+0x703/0x870 [ 1638.178098] ? kernel_sendmsg+0x50/0x50 [ 1638.178551] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1638.179069] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1638.179687] ? lock_release+0x3b2/0x750 [ 1638.180148] ___sys_sendmsg+0xf3/0x170 [ 1638.180589] ? sendmsg_copy_msghdr+0x160/0x160 [ 1638.181105] ? lock_release+0x3b2/0x750 [ 1638.181563] ? lock_downgrade+0x6d0/0x6d0 [ 1638.182041] ? lock_release+0x3b2/0x750 [ 1638.182492] ? ksys_write+0x20c/0x250 [ 1638.182921] ? lock_downgrade+0x6d0/0x6d0 [ 1638.183414] ? __fget_files+0x287/0x470 [ 1638.183878] ? __fget_light+0xea/0x270 [ 1638.184331] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1638.184962] __sys_sendmsg+0xe5/0x1b0 [ 1638.185400] ? __sys_sendmsg_sock+0x30/0x30 [ 1638.185886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.186527] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1638.187111] do_syscall_64+0x3b/0x90 [ 1638.187556] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1638.188136] RIP: 0033:0x7f406f897b19 [ 1638.188547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.190624] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1638.191501] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1638.192309] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1638.193122] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1638.193925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1638.194724] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1638.195562] 03:01:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:35 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x7}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1638.254944] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:01:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x7, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1638.338892] blktrace: Concurrent blktraces are not allowed on sg0 03:01:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x8, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1638.368769] blktrace: Concurrent blktraces are not allowed on sg0 03:01:35 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 31) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:01:35 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x108}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1638.467222] FAULT_INJECTION: forcing a failure. [ 1638.467222] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.471417] CPU: 1 PID: 9444 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1638.473090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1638.475360] Call Trace: [ 1638.475894] [ 1638.476337] dump_stack_lvl+0x8b/0xb3 [ 1638.477124] should_fail.cold+0x5/0xa [ 1638.477899] ? create_object.isra.0+0x3a/0xa20 [ 1638.478529] blktrace: Concurrent blktraces are not allowed on sg0 [ 1638.478826] should_failslab+0x5/0x10 [ 1638.478861] kmem_cache_alloc+0x5b/0x480 [ 1638.481148] create_object.isra.0+0x3a/0xa20 [ 1638.482035] ? kasan_unpoison+0x23/0x50 [ 1638.482863] kmem_cache_alloc+0x239/0x480 [ 1638.483745] __kernfs_new_node+0xd4/0x8b0 [ 1638.484598] ? kernfs_path_from_node+0x60/0x60 [ 1638.484648] blktrace: Concurrent blktraces are not allowed on sg0 [ 1638.485528] ? lock_is_held_type+0xd7/0x130 [ 1638.487091] ? find_held_lock+0x2c/0x110 [ 1638.487947] ? lock_release+0x3b2/0x750 [ 1638.488757] ? sysfs_do_create_link_sd+0x82/0x140 [ 1638.489731] kernfs_new_node+0x93/0x120 [ 1638.490538] kernfs_create_link+0xcb/0x230 [ 1638.491420] sysfs_do_create_link_sd+0x90/0x140 [ 1638.492379] sysfs_create_link+0x5f/0xc0 [ 1638.493205] device_add+0x53c/0x1e60 [ 1638.493967] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1638.495073] ? __init_waitqueue_head+0x6b/0xd0 [ 1638.496043] netdev_register_kobject+0x17a/0x3b0 [ 1638.497014] register_netdevice+0xd65/0x1470 [ 1638.498163] ? netdev_change_features+0xb0/0xb0 [ 1638.499423] ? dev_addr_mod+0x29a/0x340 [ 1638.500507] __tun_chr_ioctl+0x20dd/0x3f10 [ 1638.501637] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1638.502867] ? lock_is_held_type+0xd7/0x130 [ 1638.504061] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1638.505531] ? tun_chr_compat_ioctl+0x30/0x30 [ 1638.506736] __x64_sys_ioctl+0x196/0x210 [ 1638.507852] do_syscall_64+0x3b/0x90 [ 1638.508857] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1638.510216] RIP: 0033:0x7fb21bfaab19 [ 1638.511211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1638.516108] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1638.518088] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1638.520011] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1638.521847] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1638.523723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1638.525581] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1638.527439] [ 1651.738809] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1651.747368] FAULT_INJECTION: forcing a failure. [ 1651.747368] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.749835] CPU: 0 PID: 9464 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 03:01:48 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x33fe0, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1651.751985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1651.754901] Call Trace: [ 1651.755625] [ 1651.756157] dump_stack_lvl+0x8b/0xb3 [ 1651.757083] should_fail.cold+0x5/0xa [ 1651.757999] ? __kernfs_new_node+0xd4/0x8b0 [ 1651.759044] should_failslab+0x5/0x10 [ 1651.759930] kmem_cache_alloc+0x5b/0x480 [ 1651.760769] __kernfs_new_node+0xd4/0x8b0 [ 1651.761616] ? kernfs_path_from_node+0x60/0x60 [ 1651.762542] ? lock_is_held_type+0xd7/0x130 [ 1651.763413] ? find_held_lock+0x2c/0x110 [ 1651.764233] ? lock_release+0x3b2/0x750 [ 1651.765029] ? sysfs_do_create_link_sd+0x82/0x140 [ 1651.765999] kernfs_new_node+0x93/0x120 [ 1651.766812] kernfs_create_link+0xcb/0x230 [ 1651.767683] sysfs_do_create_link_sd+0x90/0x140 [ 1651.768625] sysfs_create_link+0x5f/0xc0 [ 1651.769446] device_add+0x53c/0x1e60 [ 1651.770201] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1651.771306] ? __init_waitqueue_head+0x6b/0xd0 [ 1651.772242] netdev_register_kobject+0x17a/0x3b0 [ 1651.773201] register_netdevice+0xd65/0x1470 [ 1651.774092] ? netdev_change_features+0xb0/0xb0 [ 1651.775039] ? dev_addr_mod+0x29a/0x340 [ 1651.775872] __tun_chr_ioctl+0x20dd/0x3f10 [ 1651.776746] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1651.777668] ? lock_is_held_type+0xd7/0x130 [ 1651.778556] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1651.779681] ? tun_chr_compat_ioctl+0x30/0x30 [ 1651.780588] __x64_sys_ioctl+0x196/0x210 [ 1651.781410] do_syscall_64+0x3b/0x90 [ 1651.782168] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1651.783198] RIP: 0033:0x7fb21bfaab19 [ 1651.783944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1651.787614] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1651.789120] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1651.790534] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1651.791932] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1651.793342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1651.794762] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1651.796222] 03:01:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:48 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 32) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:01:48 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, 0x0) 03:01:48 executing program 4: r0 = epoll_create(0x9) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)) r2 = epoll_create(0x9) r3 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000440)) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000080)={0x40, 0x3f, 0x1, 0x0, 0x0, [{{r3}, 0x800}]}) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r5) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000000c0)={0xffffffffffffffff, 0x80000, 0x3f, 0xfffffffffffffff7}) bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:01:48 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x18, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:48 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x300}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:01:48 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 27) [ 1651.808672] blktrace: Concurrent blktraces are not allowed on sg0 [ 1651.834342] blktrace: Concurrent blktraces are not allowed on sg0 03:01:49 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:49 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x500}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:01:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x87, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1652.107146] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1652.123100] FAULT_INJECTION: forcing a failure. [ 1652.123100] name failslab, interval 1, probability 0, space 0, times 0 [ 1652.125324] CPU: 1 PID: 9458 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1652.126907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1652.129100] Call Trace: [ 1652.129607] [ 1652.130038] dump_stack_lvl+0x8b/0xb3 [ 1652.130807] should_fail.cold+0x5/0xa [ 1652.131581] ? create_object.isra.0+0x3a/0xa20 [ 1652.132509] should_failslab+0x5/0x10 [ 1652.133257] kmem_cache_alloc+0x5b/0x480 [ 1652.134085] create_object.isra.0+0x3a/0xa20 [ 1652.134948] ? kasan_unpoison+0x23/0x50 [ 1652.135772] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1652.136695] device_create_groups_vargs+0x8a/0x280 [ 1652.137670] device_create+0xdc/0x110 [ 1652.138419] ? device_create_groups_vargs+0x280/0x280 [ 1652.139437] ? queue_work_node+0x350/0x350 [ 1652.140268] ? init_timer_key+0xd1/0x110 [ 1652.141087] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1652.141989] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1652.142943] ? init_timer_key+0x81/0x110 [ 1652.143783] mac80211_hwsim_new_radio+0x382/0x4900 [ 1652.144760] ? lock_is_held_type+0xd7/0x130 [ 1652.145629] ? hwsim_virtio_rx_work+0x360/0x360 [ 1652.146549] ? lock_release+0x3b2/0x750 [ 1652.147355] ? __kmalloc+0x25b/0x440 [ 1652.148115] hwsim_new_radio_nl+0x9ab/0x1050 [ 1652.148990] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1652.150027] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.151124] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1652.152447] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1652.153747] genl_family_rcv_msg_doit+0x22d/0x330 [ 1652.154707] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1652.156029] ? mutex_lock_io_nested+0x1310/0x1310 [ 1652.156998] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.158103] ? cap_capable+0x1eb/0x250 [ 1652.158907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.160021] ? ns_capable+0xd9/0x100 [ 1652.160784] genl_rcv_msg+0x33c/0x5a0 [ 1652.161544] ? genl_get_cmd+0x480/0x480 [ 1652.162334] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1652.163382] ? lock_release+0x750/0x750 [ 1652.164185] netlink_rcv_skb+0x14b/0x430 [ 1652.164989] ? genl_get_cmd+0x480/0x480 [ 1652.165780] ? netlink_ack+0xa80/0xa80 [ 1652.166559] ? netlink_deliver_tap+0x1b2/0xc30 [ 1652.167480] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1652.168470] ? is_vmalloc_addr+0x7b/0xb0 [ 1652.169287] genl_rcv+0x24/0x40 [ 1652.169941] netlink_unicast+0x54a/0x800 [ 1652.170751] ? netlink_attachskb+0x880/0x880 [ 1652.171623] ? is_vmalloc_addr+0x7b/0xb0 [ 1652.172445] netlink_sendmsg+0x904/0xe00 [ 1652.173254] ? netlink_unicast+0x800/0x800 [ 1652.174101] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.175194] ? netlink_unicast+0x800/0x800 [ 1652.176046] sock_sendmsg+0x150/0x190 [ 1652.176815] ____sys_sendmsg+0x703/0x870 [ 1652.177629] ? kernel_sendmsg+0x50/0x50 [ 1652.178424] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1652.179322] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1652.180375] ? lock_release+0x3b2/0x750 [ 1652.181176] ___sys_sendmsg+0xf3/0x170 [ 1652.181949] ? sendmsg_copy_msghdr+0x160/0x160 [ 1652.182850] ? lock_release+0x3b2/0x750 [ 1652.183664] ? lock_downgrade+0x6d0/0x6d0 [ 1652.184488] ? lock_release+0x3b2/0x750 [ 1652.185276] ? ksys_write+0x20c/0x250 [ 1652.186029] ? lock_downgrade+0x6d0/0x6d0 [ 1652.186862] ? __fget_files+0x287/0x470 [ 1652.187685] ? __fget_light+0xea/0x270 [ 1652.188463] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1652.189565] __sys_sendmsg+0xe5/0x1b0 [ 1652.190313] ? __sys_sendmsg_sock+0x30/0x30 [ 1652.191159] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.192282] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1652.193306] do_syscall_64+0x3b/0x90 [ 1652.194053] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1652.195064] RIP: 0033:0x7f406f897b19 [ 1652.195825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1652.199438] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1652.200928] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1652.202328] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1652.203747] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1652.205142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1652.206544] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1652.207987] 03:01:49 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 33) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1652.264669] blktrace: Concurrent blktraces are not allowed on sg0 [ 1652.277767] blktrace: Concurrent blktraces are not allowed on sg0 03:01:49 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, 0x0) 03:01:49 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x25, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:49 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x600}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1652.381335] FAULT_INJECTION: forcing a failure. [ 1652.381335] name failslab, interval 1, probability 0, space 0, times 0 [ 1652.383740] CPU: 0 PID: 9493 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1652.385379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1652.387670] Call Trace: [ 1652.388189] [ 1652.388633] dump_stack_lvl+0x8b/0xb3 [ 1652.389410] should_fail.cold+0x5/0xa [ 1652.390188] ? create_object.isra.0+0x3a/0xa20 [ 1652.391119] should_failslab+0x5/0x10 [ 1652.391875] kmem_cache_alloc+0x5b/0x480 [ 1652.392710] create_object.isra.0+0x3a/0xa20 [ 1652.393567] ? kasan_unpoison+0x23/0x50 [ 1652.394371] __kmalloc_track_caller+0x25e/0x430 [ 1652.395304] ? kstrdup_const+0x53/0x80 [ 1652.396107] kstrdup+0x36/0x70 [ 1652.396755] kstrdup_const+0x53/0x80 [ 1652.397500] __kernfs_new_node+0x9d/0x8b0 [ 1652.398336] ? kernfs_add_one+0x3c6/0x550 [ 1652.399176] ? kernfs_path_from_node+0x60/0x60 [ 1652.400118] ? lock_is_held_type+0xd7/0x130 [ 1652.400974] ? find_held_lock+0x2c/0x110 [ 1652.401788] ? lock_release+0x3b2/0x750 [ 1652.402582] ? sysfs_do_create_link_sd+0x82/0x140 [ 1652.403561] kernfs_new_node+0x93/0x120 [ 1652.404372] kernfs_create_link+0xcb/0x230 [ 1652.405217] sysfs_do_create_link_sd+0x90/0x140 [ 1652.406150] sysfs_create_link+0x5f/0xc0 [ 1652.406959] device_add+0x660/0x1e60 [ 1652.407719] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1652.408815] ? __init_waitqueue_head+0x6b/0xd0 [ 1652.409743] netdev_register_kobject+0x17a/0x3b0 [ 1652.410698] register_netdevice+0xd65/0x1470 [ 1652.411612] ? netdev_change_features+0xb0/0xb0 [ 1652.412551] ? dev_addr_mod+0x29a/0x340 [ 1652.413360] __tun_chr_ioctl+0x20dd/0x3f10 [ 1652.414231] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1652.415158] ? lock_is_held_type+0xd7/0x130 [ 1652.416064] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.417170] ? tun_chr_compat_ioctl+0x30/0x30 [ 1652.417567] blktrace: Concurrent blktraces are not allowed on sg0 [ 1652.418076] __x64_sys_ioctl+0x196/0x210 [ 1652.420153] do_syscall_64+0x3b/0x90 [ 1652.420912] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1652.421940] RIP: 0033:0x7fb21bfaab19 [ 1652.422676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1652.425614] blktrace: Concurrent blktraces are not allowed on sg0 [ 1652.426523] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1652.426552] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1652.430651] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1652.432066] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1652.433474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1652.434881] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1652.436330] [ 1652.505027] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:01:49 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x7ffff000, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:01:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:01:49 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x64, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:01:49 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x700}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:01:49 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_io_uring_setup(0x3c72, &(0x7f0000000280), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000300)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0}, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000040), 0x0, 0xdb153bfb00f738d9) sendfile(r0, r4, 0x0, 0x8) syz_io_uring_setup(0x73a2, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)) r6 = syz_io_uring_setup(0x3e5b, &(0x7f0000000100), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000340)) syz_io_uring_submit(r7, 0x0, &(0x7f0000000200)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x365cf}, 0x0) socketpair(0x10, 0x6, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) syz_io_uring_setup(0x74aa, &(0x7f0000000000)={0x0, 0x1196, 0x8, 0x0, 0x175, 0x0, r6}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="100018000000", @ANYRES32=r8, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r11 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r11, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r9, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r10, 0x80, &(0x7f0000000280)=@llc={0x1a, 0x3, 0xfe, 0x3, 0x8, 0x80, @broadcast}, 0x0, 0x0, 0x0, {0x0, r12}}, 0x1) syz_io_uring_submit(r5, r3, &(0x7f0000000380)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd_index=0x4, 0x1, {0x0, r0}, 0x3, 0x3, 0x0, {0x0, r12, r4}}, 0x0) io_uring_enter(r1, 0x1, 0x1, 0x1, 0x0, 0x0) syz_open_procfs(0x0, 0x0) fcntl$notify(r0, 0x402, 0x180000026) 03:01:49 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 28) [ 1652.606908] blktrace: Concurrent blktraces are not allowed on sg0 [ 1652.619082] blktrace: Concurrent blktraces are not allowed on sg0 03:01:49 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x801}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1652.748359] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1652.750503] FAULT_INJECTION: forcing a failure. [ 1652.750503] name failslab, interval 1, probability 0, space 0, times 0 [ 1652.752802] CPU: 0 PID: 9515 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1652.754417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1652.756698] Call Trace: [ 1652.757191] [ 1652.757641] dump_stack_lvl+0x8b/0xb3 [ 1652.758392] should_fail.cold+0x5/0xa [ 1652.759156] should_failslab+0x5/0x10 [ 1652.759926] __kmalloc_track_caller+0x79/0x430 [ 1652.760839] ? kvasprintf_const+0x60/0x190 [ 1652.761663] kvasprintf+0xb5/0x150 [ 1652.762371] ? bust_spinlocks+0xe0/0xe0 [ 1652.763166] ? lockdep_init_map_type+0x21a/0x7e0 [ 1652.764123] ? memset+0x20/0x40 [ 1652.764785] ? lockdep_init_map_type+0x21a/0x7e0 [ 1652.765735] kvasprintf_const+0x60/0x190 [ 1652.766542] kobject_set_name_vargs+0x56/0x150 [ 1652.767472] device_create_groups_vargs+0x1c0/0x280 [ 1652.768470] device_create+0xdc/0x110 [ 1652.769230] ? device_create_groups_vargs+0x280/0x280 [ 1652.769411] blktrace: Concurrent blktraces are not allowed on sg0 [ 1652.770248] ? queue_work_node+0x350/0x350 [ 1652.770289] ? init_timer_key+0xd1/0x110 [ 1652.773152] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1652.774059] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1652.775023] ? init_timer_key+0x81/0x110 [ 1652.775859] mac80211_hwsim_new_radio+0x382/0x4900 [ 1652.776847] ? lock_is_held_type+0xd7/0x130 [ 1652.776877] blktrace: Concurrent blktraces are not allowed on sg0 [ 1652.777716] ? hwsim_virtio_rx_work+0x360/0x360 [ 1652.777746] ? lock_release+0x3b2/0x750 [ 1652.780637] ? __kmalloc+0x25b/0x440 [ 1652.781394] hwsim_new_radio_nl+0x9ab/0x1050 [ 1652.782271] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1652.783306] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.784428] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1652.785737] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1652.787039] genl_family_rcv_msg_doit+0x22d/0x330 [ 1652.788010] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1652.789316] ? mutex_lock_io_nested+0x1310/0x1310 [ 1652.790273] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.791385] ? cap_capable+0x1eb/0x250 [ 1652.792188] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.793283] ? ns_capable+0xd9/0x100 [ 1652.794044] genl_rcv_msg+0x33c/0x5a0 [ 1652.794808] ? genl_get_cmd+0x480/0x480 [ 1652.795606] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1652.796636] ? lock_release+0x750/0x750 [ 1652.797438] netlink_rcv_skb+0x14b/0x430 [ 1652.798245] ? genl_get_cmd+0x480/0x480 [ 1652.799039] ? netlink_ack+0xa80/0xa80 [ 1652.799830] ? netlink_deliver_tap+0x1b2/0xc30 [ 1652.800748] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1652.801749] ? is_vmalloc_addr+0x7b/0xb0 [ 1652.802569] genl_rcv+0x24/0x40 [ 1652.803223] netlink_unicast+0x54a/0x800 [ 1652.804063] ? netlink_attachskb+0x880/0x880 [ 1652.804936] ? is_vmalloc_addr+0x7b/0xb0 [ 1652.805763] netlink_sendmsg+0x904/0xe00 [ 1652.806576] ? netlink_unicast+0x800/0x800 [ 1652.807434] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.808539] ? netlink_unicast+0x800/0x800 [ 1652.809376] sock_sendmsg+0x150/0x190 [ 1652.810143] ____sys_sendmsg+0x703/0x870 [ 1652.810967] ? kernel_sendmsg+0x50/0x50 [ 1652.811781] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1652.812685] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1652.813735] ? lock_release+0x3b2/0x750 [ 1652.814541] ___sys_sendmsg+0xf3/0x170 [ 1652.815316] ? sendmsg_copy_msghdr+0x160/0x160 [ 1652.816229] ? lock_release+0x3b2/0x750 [ 1652.817026] ? lock_downgrade+0x6d0/0x6d0 [ 1652.817861] ? lock_release+0x3b2/0x750 [ 1652.818657] ? ksys_write+0x20c/0x250 [ 1652.819424] ? lock_downgrade+0x6d0/0x6d0 [ 1652.820261] ? __fget_files+0x287/0x470 [ 1652.821081] ? __fget_light+0xea/0x270 [ 1652.821865] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1652.822971] __sys_sendmsg+0xe5/0x1b0 [ 1652.823740] ? __sys_sendmsg_sock+0x30/0x30 [ 1652.824592] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1652.825723] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1652.826761] do_syscall_64+0x3b/0x90 [ 1652.827520] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1652.828540] RIP: 0033:0x7f406f897b19 [ 1652.829272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1652.832907] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1652.834412] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1652.835835] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1652.837238] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1652.838647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1652.840063] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1652.841495] 03:02:07 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 29) 03:02:07 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0xfffffdef, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:02:07 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 34) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:07 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x89, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:02:07 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, 0x0) 03:02:07 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0xe0ffff}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:07 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xf0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:07 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = memfd_secret(0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r2, 0x4b4c, &(0x7f00000001c0)) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r3, 0x4b4c, &(0x7f00000001c0)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000a80)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='\x00e0\x00']) r5 = signalfd(r4, &(0x7f0000000040)={[0x8]}, 0x8) ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000ac0)={0x7, 0x1f, 0x80}) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000b40), r4) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r5, &(0x7f0000000cc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x20002}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x70, r6, 0x800, 0x70bd2a, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20020000}, 0x4000) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x10c, r6, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x939}, {0x6, 0x11, 0x401}, {0x8, 0x15, 0xd0d6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xffffff8b}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0xffff0000}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xffff}, {0x6, 0x11, 0x7f}, {0x8, 0x15, 0x4}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8}, {0x6, 0x11, 0x8}, {0x8, 0x15, 0x24f5}}]}, 0x10c}, 0x1, 0x0, 0x0, 0x4d99a123ba9e09e6}, 0x4008081) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1670.241723] blktrace: Concurrent blktraces are not allowed on sg0 [ 1670.247751] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1670.251333] FAULT_INJECTION: forcing a failure. [ 1670.251333] name failslab, interval 1, probability 0, space 0, times 0 [ 1670.253830] CPU: 1 PID: 9546 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1670.255462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1670.255470] FAULT_INJECTION: forcing a failure. [ 1670.255470] name failslab, interval 1, probability 0, space 0, times 0 [ 1670.257689] Call Trace: [ 1670.257698] [ 1670.257708] dump_stack_lvl+0x8b/0xb3 [ 1670.257752] should_fail.cold+0x5/0xa [ 1670.257785] ? create_object.isra.0+0x3a/0xa20 [ 1670.257822] should_failslab+0x5/0x10 [ 1670.264035] kmem_cache_alloc+0x5b/0x480 [ 1670.264864] create_object.isra.0+0x3a/0xa20 [ 1670.265740] ? kasan_unpoison+0x23/0x50 [ 1670.266534] __kmalloc_track_caller+0x25e/0x430 [ 1670.267461] ? kvasprintf_const+0x60/0x190 [ 1670.268314] kvasprintf+0xb5/0x150 [ 1670.269019] ? bust_spinlocks+0xe0/0xe0 [ 1670.269814] ? lockdep_init_map_type+0x21a/0x7e0 [ 1670.270752] ? memset+0x20/0x40 [ 1670.271405] ? lockdep_init_map_type+0x21a/0x7e0 [ 1670.272376] kvasprintf_const+0x60/0x190 [ 1670.273180] kobject_set_name_vargs+0x56/0x150 [ 1670.274087] device_create_groups_vargs+0x1c0/0x280 [ 1670.275087] device_create+0xdc/0x110 [ 1670.275855] ? device_create_groups_vargs+0x280/0x280 [ 1670.276877] ? queue_work_node+0x350/0x350 [ 1670.277727] ? init_timer_key+0xd1/0x110 [ 1670.278541] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1670.279447] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1670.280432] ? init_timer_key+0x81/0x110 [ 1670.281254] mac80211_hwsim_new_radio+0x382/0x4900 [ 1670.282234] ? lock_is_held_type+0xd7/0x130 [ 1670.283111] ? hwsim_virtio_rx_work+0x360/0x360 [ 1670.284058] ? lock_release+0x3b2/0x750 [ 1670.284855] ? __kmalloc+0x25b/0x440 [ 1670.285614] hwsim_new_radio_nl+0x9ab/0x1050 [ 1670.286498] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1670.287543] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1670.288665] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1670.289982] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1670.291286] genl_family_rcv_msg_doit+0x22d/0x330 [ 1670.292268] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1670.293577] ? mutex_lock_io_nested+0x1310/0x1310 [ 1670.294536] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1670.295648] ? cap_capable+0x1eb/0x250 [ 1670.296451] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1670.297556] ? ns_capable+0xd9/0x100 [ 1670.298323] genl_rcv_msg+0x33c/0x5a0 [ 1670.299092] ? genl_get_cmd+0x480/0x480 [ 1670.299908] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1670.300940] ? lock_release+0x750/0x750 [ 1670.301748] netlink_rcv_skb+0x14b/0x430 [ 1670.302558] ? genl_get_cmd+0x480/0x480 [ 1670.303355] ? netlink_ack+0xa80/0xa80 [ 1670.304151] ? netlink_deliver_tap+0x1b2/0xc30 [ 1670.305071] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1670.306071] ? is_vmalloc_addr+0x7b/0xb0 [ 1670.306892] genl_rcv+0x24/0x40 [ 1670.307543] netlink_unicast+0x54a/0x800 [ 1670.308380] ? netlink_attachskb+0x880/0x880 [ 1670.309252] ? is_vmalloc_addr+0x7b/0xb0 [ 1670.310082] netlink_sendmsg+0x904/0xe00 [ 1670.310900] ? netlink_unicast+0x800/0x800 [ 1670.311762] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1670.312867] ? netlink_unicast+0x800/0x800 [ 1670.313708] sock_sendmsg+0x150/0x190 [ 1670.314476] ____sys_sendmsg+0x703/0x870 [ 1670.315299] ? kernel_sendmsg+0x50/0x50 [ 1670.316109] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1670.317018] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1670.318072] ? lock_release+0x3b2/0x750 [ 1670.318889] ___sys_sendmsg+0xf3/0x170 [ 1670.319677] ? sendmsg_copy_msghdr+0x160/0x160 [ 1670.320584] ? lock_release+0x3b2/0x750 [ 1670.321384] ? lock_downgrade+0x6d0/0x6d0 [ 1670.322225] ? lock_release+0x3b2/0x750 [ 1670.323022] ? ksys_write+0x20c/0x250 [ 1670.323789] ? lock_downgrade+0x6d0/0x6d0 [ 1670.324630] ? __fget_files+0x287/0x470 [ 1670.325445] ? __fget_light+0xea/0x270 [ 1670.326232] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1670.327351] __sys_sendmsg+0xe5/0x1b0 [ 1670.328128] ? __sys_sendmsg_sock+0x30/0x30 [ 1670.328982] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1670.330106] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1670.331143] do_syscall_64+0x3b/0x90 [ 1670.331915] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1670.332934] RIP: 0033:0x7f406f897b19 [ 1670.333668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1670.337307] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1670.338810] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1670.340233] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1670.341638] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1670.343043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1670.344458] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1670.345898] [ 1670.346359] CPU: 0 PID: 9544 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1670.348078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1670.350432] Call Trace: [ 1670.350443] [ 1670.350453] dump_stack_lvl+0x8b/0xb3 [ 1670.350501] should_fail.cold+0x5/0xa [ 1670.350534] ? create_object.isra.0+0x3a/0xa20 [ 1670.350573] should_failslab+0x5/0x10 [ 1670.350605] kmem_cache_alloc+0x5b/0x480 [ 1670.350653] create_object.isra.0+0x3a/0xa20 [ 1670.350682] ? kasan_unpoison+0x23/0x50 [ 1670.350718] __kmalloc_track_caller+0x25e/0x430 [ 1670.350754] ? kstrdup_const+0x53/0x80 [ 1670.350795] kstrdup+0x36/0x70 [ 1670.350828] kstrdup_const+0x53/0x80 [ 1670.350859] __kernfs_new_node+0x9d/0x8b0 [ 1670.350900] ? kernfs_add_one+0x3c6/0x550 [ 1670.350937] ? kernfs_path_from_node+0x60/0x60 [ 1670.350983] ? lock_is_held_type+0xd7/0x130 [ 1670.351011] ? find_held_lock+0x2c/0x110 03:02:07 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1670.351046] ? lock_release+0x3b2/0x750 [ 1670.351076] ? sysfs_do_create_link_sd+0x82/0x140 [ 1670.351110] blktrace: Concurrent blktraces are not allowed on sg0 03:02:07 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x1000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:07 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1670.351112] kernfs_new_node+0x93/0x120 [ 1670.351158] kernfs_create_link+0xcb/0x230 [ 1670.351189] sysfs_do_create_link_sd+0x90/0x140 [ 1670.351221] sysfs_create_link+0x5f/0xc0 [ 1670.351251] device_add+0x660/0x1e60 [ 1670.351289] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1670.351321] ? __init_waitqueue_head+0x6b/0xd0 [ 1670.351362] netdev_register_kobject+0x17a/0x3b0 [ 1670.351404] register_netdevice+0xd65/0x1470 [ 1670.351449] ? netdev_change_features+0xb0/0xb0 [ 1670.351486] ? dev_addr_mod+0x29a/0x340 [ 1670.351530] __tun_chr_ioctl+0x20dd/0x3f10 [ 1670.351578] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1670.351637] ? lock_is_held_type+0xd7/0x130 [ 1670.351688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1670.351727] ? tun_chr_compat_ioctl+0x30/0x30 [ 1670.351766] __x64_sys_ioctl+0x196/0x210 [ 1670.351808] do_syscall_64+0x3b/0x90 [ 1670.351845] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1670.351871] RIP: 0033:0x7fb21bfaab19 [ 1670.351892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1670.351915] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1670.351941] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1670.351957] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1670.351973] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1670.351989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1670.352004] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1670.352046] [ 1670.486884] blktrace: Concurrent blktraces are not allowed on sg0 [ 1670.490528] blktrace: Concurrent blktraces are not allowed on sg0 [ 1670.690462] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:02:20 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'hsr0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:02:20 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_io_uring_setup(0x3c72, &(0x7f0000000280), &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000300)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0}, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000040), 0x0, 0xdb153bfb00f738d9) sendfile(r0, r4, 0x0, 0x8) syz_io_uring_setup(0x73a2, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)) r6 = syz_io_uring_setup(0x3e5b, &(0x7f0000000100), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000340)) syz_io_uring_submit(r7, 0x0, &(0x7f0000000200)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x365cf}, 0x0) socketpair(0x10, 0x6, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) syz_io_uring_setup(0x74aa, &(0x7f0000000000)={0x0, 0x1196, 0x8, 0x0, 0x175, 0x0, r6}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="100018000000", @ANYRES32=r8, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r11 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r11, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r9, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r10, 0x80, &(0x7f0000000280)=@llc={0x1a, 0x3, 0xfe, 0x3, 0x8, 0x80, @broadcast}, 0x0, 0x0, 0x0, {0x0, r12}}, 0x1) syz_io_uring_submit(r5, r3, &(0x7f0000000380)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd_index=0x4, 0x1, {0x0, r0}, 0x3, 0x3, 0x0, {0x0, r12, r4}}, 0x0) io_uring_enter(r1, 0x1, 0x1, 0x1, 0x0, 0x0) syz_open_procfs(0x0, 0x0) fcntl$notify(r0, 0x402, 0x180000026) 03:02:20 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfe, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:20 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 35) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:20 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:02:20 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x1080000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:20 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 30) 03:02:20 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x2, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1683.691046] blktrace: Concurrent blktraces are not allowed on sg0 [ 1683.692875] blktrace: Concurrent blktraces are not allowed on sg0 [ 1683.705687] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1683.706865] FAULT_INJECTION: forcing a failure. [ 1683.706865] name failslab, interval 1, probability 0, space 0, times 0 [ 1683.708115] CPU: 1 PID: 9579 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1683.708998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1683.710195] Call Trace: [ 1683.710455] [ 1683.710697] dump_stack_lvl+0x8b/0xb3 [ 1683.711108] should_fail.cold+0x5/0xa [ 1683.711521] ? device_add+0x10a0/0x1e60 [ 1683.711964] should_failslab+0x5/0x10 [ 1683.712381] kmem_cache_alloc_trace+0x55/0x3c0 [ 1683.712883] device_add+0x10a0/0x1e60 [ 1683.713282] ? lock_is_held_type+0xd7/0x130 [ 1683.713743] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1683.714311] ? kfree+0x217/0x410 [ 1683.714684] device_create_groups_vargs+0x203/0x280 [ 1683.715213] device_create+0xdc/0x110 [ 1683.715626] ? device_create_groups_vargs+0x280/0x280 [ 1683.716144] ? queue_work_node+0x350/0x350 [ 1683.716563] ? init_timer_key+0xd1/0x110 [ 1683.716968] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1683.717413] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1683.717895] ? init_timer_key+0x81/0x110 [ 1683.718301] mac80211_hwsim_new_radio+0x382/0x4900 [ 1683.718784] ? lock_is_held_type+0xd7/0x130 [ 1683.719212] ? hwsim_virtio_rx_work+0x360/0x360 [ 1683.719664] ? lock_release+0x3b2/0x750 [ 1683.720116] ? __kmalloc+0x25b/0x440 [ 1683.720491] hwsim_new_radio_nl+0x9ab/0x1050 [ 1683.720919] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1683.721425] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1683.721960] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1683.722594] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1683.723317] genl_family_rcv_msg_doit+0x22d/0x330 [ 1683.723796] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1683.724493] ? mutex_lock_io_nested+0x1310/0x1310 [ 1683.725016] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1683.725569] ? cap_capable+0x1eb/0x250 [ 1683.725969] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1683.726521] ? ns_capable+0xd9/0x100 [ 1683.726902] genl_rcv_msg+0x33c/0x5a0 [ 1683.727291] ? genl_get_cmd+0x480/0x480 [ 1683.727689] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1683.728221] ? lock_release+0x750/0x750 [ 1683.728630] netlink_rcv_skb+0x14b/0x430 [ 1683.729046] ? genl_get_cmd+0x480/0x480 [ 1683.729452] ? netlink_ack+0xa80/0xa80 [ 1683.729869] ? netlink_deliver_tap+0x1b2/0xc30 [ 1683.730344] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1683.730858] ? is_vmalloc_addr+0x7b/0xb0 [ 1683.731272] genl_rcv+0x24/0x40 [ 1683.731608] netlink_unicast+0x54a/0x800 [ 1683.732053] ? netlink_attachskb+0x880/0x880 [ 1683.732503] ? is_vmalloc_addr+0x7b/0xb0 [ 1683.732963] netlink_sendmsg+0x904/0xe00 [ 1683.733384] ? netlink_unicast+0x800/0x800 [ 1683.733814] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1683.734376] ? netlink_unicast+0x800/0x800 [ 1683.734811] sock_sendmsg+0x150/0x190 [ 1683.735236] ____sys_sendmsg+0x703/0x870 [ 1683.735661] ? kernel_sendmsg+0x50/0x50 [ 1683.736123] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1683.736592] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1683.737129] ? lock_release+0x3b2/0x750 [ 1683.737534] ___sys_sendmsg+0xf3/0x170 [ 1683.737921] ? sendmsg_copy_msghdr+0x160/0x160 [ 1683.738432] ? lock_release+0x3b2/0x750 [ 1683.738838] ? lock_downgrade+0x6d0/0x6d0 [ 1683.739266] ? lock_release+0x3b2/0x750 [ 1683.739705] ? ksys_write+0x20c/0x250 [ 1683.740107] ? lock_downgrade+0x6d0/0x6d0 [ 1683.740525] ? __fget_files+0x287/0x470 [ 1683.740950] ? __fget_light+0xea/0x270 [ 1683.741336] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1683.741894] __sys_sendmsg+0xe5/0x1b0 [ 1683.742269] ? __sys_sendmsg_sock+0x30/0x30 [ 1683.742692] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1683.743258] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1683.743819] do_syscall_64+0x3b/0x90 [ 1683.744204] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1683.744726] RIP: 0033:0x7f406f897b19 [ 1683.745117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1683.746938] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1683.747752] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1683.748485] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1683.749195] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1683.749922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1683.750616] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1683.751334] 03:02:20 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x2000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1683.779226] FAULT_INJECTION: forcing a failure. [ 1683.779226] name failslab, interval 1, probability 0, space 0, times 0 [ 1683.781964] CPU: 0 PID: 9588 Comm: syz-executor.1 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1683.783702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1683.786071] Call Trace: [ 1683.786604] [ 1683.787078] dump_stack_lvl+0x8b/0xb3 [ 1683.787937] should_fail.cold+0x5/0xa [ 1683.788757] ? __kernfs_new_node+0xd4/0x8b0 [ 1683.789685] should_failslab+0x5/0x10 [ 1683.790500] kmem_cache_alloc+0x5b/0x480 [ 1683.791387] __kernfs_new_node+0xd4/0x8b0 [ 1683.792286] ? kernfs_add_one+0x3c6/0x550 [ 1683.793174] ? kernfs_path_from_node+0x60/0x60 [ 1683.794160] ? lock_is_held_type+0xd7/0x130 [ 1683.795077] ? find_held_lock+0x2c/0x110 [ 1683.795961] ? lock_release+0x3b2/0x750 [ 1683.796807] ? sysfs_do_create_link_sd+0x82/0x140 [ 1683.797837] kernfs_new_node+0x93/0x120 [ 1683.798699] kernfs_create_link+0xcb/0x230 [ 1683.799597] sysfs_do_create_link_sd+0x90/0x140 [ 1683.800601] sysfs_create_link+0x5f/0xc0 [ 1683.801463] device_add+0x660/0x1e60 [ 1683.802267] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1683.803432] ? __init_waitqueue_head+0x6b/0xd0 [ 1683.804414] netdev_register_kobject+0x17a/0x3b0 [ 1683.805413] register_netdevice+0xd65/0x1470 [ 1683.806326] ? netdev_change_features+0xb0/0xb0 [ 1683.807293] ? dev_addr_mod+0x29a/0x340 [ 1683.808139] __tun_chr_ioctl+0x20dd/0x3f10 [ 1683.809032] ? tun_attach.isra.0+0x15f0/0x15f0 [ 1683.809970] ? lock_is_held_type+0xd7/0x130 [ 1683.810881] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1683.812022] ? tun_chr_compat_ioctl+0x30/0x30 [ 1683.812971] __x64_sys_ioctl+0x196/0x210 [ 1683.813853] do_syscall_64+0x3b/0x90 [ 1683.814648] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1683.815738] RIP: 0033:0x7fb21bfaab19 [ 1683.816531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1683.820440] RSP: 002b:00007fb219520188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1683.822020] RAX: ffffffffffffffda RBX: 00007fb21c0bdf60 RCX: 00007fb21bfaab19 [ 1683.823494] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005 [ 1683.824983] RBP: 00007fb2195201d0 R08: 0000000000000000 R09: 0000000000000000 [ 1683.826454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1683.827931] R13: 00007ffd4cd3d90f R14: 00007fb219520300 R15: 0000000000022000 [ 1683.829430] 03:02:21 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x8}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) [ 1683.847873] blktrace: Concurrent blktraces are not allowed on sg0 [ 1683.852017] blktrace: Concurrent blktraces are not allowed on sg0 [ 1683.874749] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:02:21 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x3000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1683.932053] blktrace: Concurrent blktraces are not allowed on sg0 03:02:21 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 31) 03:02:21 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1683.955713] blktrace: Concurrent blktraces are not allowed on sg0 03:02:21 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x300, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:21 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1684.002098] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1684.003424] FAULT_INJECTION: forcing a failure. [ 1684.003424] name failslab, interval 1, probability 0, space 0, times 0 [ 1684.004701] CPU: 1 PID: 9608 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1684.005622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1684.006822] Call Trace: [ 1684.007103] [ 1684.007362] dump_stack_lvl+0x8b/0xb3 [ 1684.007810] should_fail.cold+0x5/0xa [ 1684.008234] ? device_add+0x10a0/0x1e60 [ 1684.008671] should_failslab+0x5/0x10 [ 1684.009102] kmem_cache_alloc_trace+0x55/0x3c0 [ 1684.009629] device_add+0x10a0/0x1e60 [ 1684.010055] ? lock_is_held_type+0xd7/0x130 [ 1684.010541] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1684.011156] ? kfree+0x217/0x410 [ 1684.011536] device_create_groups_vargs+0x203/0x280 [ 1684.012126] device_create+0xdc/0x110 [ 1684.012554] ? device_create_groups_vargs+0x280/0x280 [ 1684.013135] ? queue_work_node+0x350/0x350 [ 1684.013611] ? init_timer_key+0xd1/0x110 [ 1684.014080] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1684.014585] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1684.015131] ? init_timer_key+0x81/0x110 [ 1684.015599] mac80211_hwsim_new_radio+0x382/0x4900 [ 1684.016165] ? lock_is_held_type+0xd7/0x130 [ 1684.016655] ? hwsim_virtio_rx_work+0x360/0x360 [ 1684.017177] ? lock_release+0x3b2/0x750 [ 1684.017621] ? __kmalloc+0x25b/0x440 [ 1684.018045] hwsim_new_radio_nl+0x9ab/0x1050 [ 1684.018540] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1684.019132] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1684.019744] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1684.020485] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1684.021197] genl_family_rcv_msg_doit+0x22d/0x330 [ 1684.021725] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1684.022434] ? mutex_lock_io_nested+0x1310/0x1310 [ 1684.022949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1684.023535] ? cap_capable+0x1eb/0x250 [ 1684.023976] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1684.024573] ? ns_capable+0xd9/0x100 [ 1684.024981] genl_rcv_msg+0x33c/0x5a0 [ 1684.025397] ? genl_get_cmd+0x480/0x480 [ 1684.025828] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1684.026378] ? lock_release+0x750/0x750 [ 1684.026813] netlink_rcv_skb+0x14b/0x430 [ 1684.027249] ? genl_get_cmd+0x480/0x480 [ 1684.027680] ? netlink_ack+0xa80/0xa80 [ 1684.028118] ? netlink_deliver_tap+0x1b2/0xc30 [ 1684.028619] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1684.029176] ? is_vmalloc_addr+0x7b/0xb0 [ 1684.029636] genl_rcv+0x24/0x40 [ 1684.030000] netlink_unicast+0x54a/0x800 [ 1684.030440] ? netlink_attachskb+0x880/0x880 [ 1684.030922] ? is_vmalloc_addr+0x7b/0xb0 [ 1684.031378] netlink_sendmsg+0x904/0xe00 [ 1684.031847] ? netlink_unicast+0x800/0x800 [ 1684.032312] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1684.032918] ? netlink_unicast+0x800/0x800 [ 1684.033372] sock_sendmsg+0x150/0x190 [ 1684.033799] ____sys_sendmsg+0x703/0x870 [ 1684.034249] ? kernel_sendmsg+0x50/0x50 [ 1684.034688] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1684.035186] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1684.035762] ? lock_release+0x3b2/0x750 [ 1684.036202] ___sys_sendmsg+0xf3/0x170 [ 1684.036623] ? sendmsg_copy_msghdr+0x160/0x160 [ 1684.037110] ? lock_release+0x3b2/0x750 [ 1684.037558] ? lock_downgrade+0x6d0/0x6d0 [ 1684.038009] ? lock_release+0x3b2/0x750 [ 1684.038437] ? ksys_write+0x20c/0x250 [ 1684.038854] ? lock_downgrade+0x6d0/0x6d0 [ 1684.039312] ? __fget_files+0x287/0x470 [ 1684.039769] ? __fget_light+0xea/0x270 [ 1684.040232] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1684.040858] __sys_sendmsg+0xe5/0x1b0 [ 1684.041279] ? __sys_sendmsg_sock+0x30/0x30 [ 1684.041763] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1684.042391] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1684.042966] do_syscall_64+0x3b/0x90 [ 1684.043387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1684.043981] RIP: 0033:0x7f406f897b19 [ 1684.044397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1684.046435] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1684.047281] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1684.048081] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1684.048879] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1684.049676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1684.050470] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1684.051281] 03:02:35 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x4, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:02:35 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x4000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x480, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:35 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:02:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:02:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x1f, 0x1, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r1) getsockopt$inet_udp_int(r1, 0x11, 0x67, &(0x7f00000000c0), &(0x7f0000000080)=0x4) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:02:35 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) (fail_nth: 36) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:35 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 32) 03:02:35 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x8, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1698.480089] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1698.481265] FAULT_INJECTION: forcing a failure. [ 1698.481265] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.482693] CPU: 0 PID: 9634 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1698.483545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1698.484768] Call Trace: [ 1698.485157] [ 1698.485444] dump_stack_lvl+0x8b/0xb3 [ 1698.485865] should_fail.cold+0x5/0xa [ 1698.486279] should_failslab+0x5/0x10 [ 1698.486700] __kmalloc_track_caller+0x79/0x430 [ 1698.487190] ? kstrdup_const+0x53/0x80 [ 1698.487617] kstrdup+0x36/0x70 [ 1698.487966] kstrdup_const+0x53/0x80 [ 1698.488383] __kernfs_new_node+0x9d/0x8b0 [ 1698.488826] ? kernfs_path_from_node+0x60/0x60 [ 1698.489325] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1698.489908] kernfs_create_dir_ns+0x9c/0x220 [ 1698.490394] sysfs_create_dir_ns+0x127/0x290 [ 1698.490873] ? sysfs_create_mount_point+0xb0/0xb0 [ 1698.491394] ? rwlock_bug.part.0+0x90/0x90 [ 1698.491859] ? class_dir_child_ns_type+0x9/0x60 [ 1698.492375] kobject_add_internal+0x24c/0x8d0 [ 1698.492882] kobject_add+0x150/0x1c0 [ 1698.493289] ? kset_create_and_add+0x1a0/0x1a0 [ 1698.493800] ? lockdep_init_map_type+0x21a/0x7e0 [ 1698.494332] device_add+0x357/0x1e60 [ 1698.494732] ? lock_is_held_type+0xd7/0x130 [ 1698.495199] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1698.495784] ? kfree+0x217/0x410 [ 1698.496182] device_create_groups_vargs+0x203/0x280 [ 1698.496731] device_create+0xdc/0x110 [ 1698.497145] ? device_create_groups_vargs+0x280/0x280 [ 1698.497703] ? queue_work_node+0x350/0x350 [ 1698.498149] ? init_timer_key+0xd1/0x110 [ 1698.498603] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1698.499096] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1698.499629] ? init_timer_key+0x81/0x110 [ 1698.500074] mac80211_hwsim_new_radio+0x382/0x4900 [ 1698.500615] ? lock_is_held_type+0xd7/0x130 [ 1698.501078] ? hwsim_virtio_rx_work+0x360/0x360 [ 1698.501588] ? lock_release+0x3b2/0x750 [ 1698.502015] ? __kmalloc+0x25b/0x440 [ 1698.502426] hwsim_new_radio_nl+0x9ab/0x1050 [ 1698.502898] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1698.503453] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.504079] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1698.504780] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1698.505484] genl_family_rcv_msg_doit+0x22d/0x330 [ 1698.506017] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1698.506741] ? mutex_lock_io_nested+0x1310/0x1310 [ 1698.507264] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.507857] ? cap_capable+0x1eb/0x250 [ 1698.508315] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.508911] ? ns_capable+0xd9/0x100 [ 1698.509327] genl_rcv_msg+0x33c/0x5a0 [ 1698.509761] ? genl_get_cmd+0x480/0x480 [ 1698.510180] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1698.510756] ? lock_release+0x750/0x750 [ 1698.511189] netlink_rcv_skb+0x14b/0x430 [ 1698.511636] ? genl_get_cmd+0x480/0x480 [ 1698.512073] ? netlink_ack+0xa80/0xa80 [ 1698.512518] ? netlink_deliver_tap+0x1b2/0xc30 [ 1698.513011] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1698.513571] ? is_vmalloc_addr+0x7b/0xb0 [ 1698.514011] genl_rcv+0x24/0x40 [ 1698.514375] netlink_unicast+0x54a/0x800 [ 1698.514823] ? netlink_attachskb+0x880/0x880 [ 1698.515300] ? is_vmalloc_addr+0x7b/0xb0 [ 1698.515755] netlink_sendmsg+0x904/0xe00 [ 1698.516212] ? netlink_unicast+0x800/0x800 [ 1698.516677] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.517270] ? netlink_unicast+0x800/0x800 [ 1698.517720] sock_sendmsg+0x150/0x190 [ 1698.518138] ____sys_sendmsg+0x703/0x870 [ 1698.518583] ? kernel_sendmsg+0x50/0x50 [ 1698.519018] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1698.519510] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1698.520088] ? lock_release+0x3b2/0x750 [ 1698.520540] ___sys_sendmsg+0xf3/0x170 [ 1698.520955] ? sendmsg_copy_msghdr+0x160/0x160 [ 1698.521464] ? lock_release+0x3b2/0x750 [ 1698.521904] ? lock_downgrade+0x6d0/0x6d0 [ 1698.522370] ? lock_release+0x3b2/0x750 [ 1698.522797] ? ksys_write+0x20c/0x250 [ 1698.523215] ? lock_downgrade+0x6d0/0x6d0 [ 1698.523677] ? __fget_files+0x287/0x470 [ 1698.524133] ? __fget_light+0xea/0x270 [ 1698.524569] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1698.525153] __sys_sendmsg+0xe5/0x1b0 [ 1698.525560] ? __sys_sendmsg_sock+0x30/0x30 [ 1698.526023] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.526640] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.527206] do_syscall_64+0x3b/0x90 [ 1698.527613] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1698.528184] RIP: 0033:0x7f406f897b19 [ 1698.528578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.530535] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1698.531349] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1698.532123] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1698.532881] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.533637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.534382] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1698.535150] [ 1698.535500] kobject_add_internal failed for hwsim195 (error: -12 parent: mac80211_hwsim) [ 1698.569981] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1698.571177] blktrace: Concurrent blktraces are not allowed on sg0 [ 1698.585964] blktrace: Concurrent blktraces are not allowed on sg0 03:02:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x500, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:35 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:02:35 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x5000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:35 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 33) 03:02:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1698.748465] blktrace: Concurrent blktraces are not allowed on sg0 [ 1698.759164] blktrace: Concurrent blktraces are not allowed on sg0 03:02:35 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:36 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1698.893428] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1698.894643] FAULT_INJECTION: forcing a failure. [ 1698.894643] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.895850] CPU: 0 PID: 9658 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1698.896727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1698.897908] Call Trace: [ 1698.898201] [ 1698.898440] dump_stack_lvl+0x8b/0xb3 [ 1698.898855] should_fail.cold+0x5/0xa [ 1698.899264] ? create_object.isra.0+0x3a/0xa20 [ 1698.899757] should_failslab+0x5/0x10 [ 1698.900180] kmem_cache_alloc+0x5b/0x480 [ 1698.900635] create_object.isra.0+0x3a/0xa20 [ 1698.901103] ? kasan_unpoison+0x23/0x50 [ 1698.901528] __kmalloc_track_caller+0x25e/0x430 [ 1698.902030] ? kstrdup_const+0x53/0x80 [ 1698.902455] kstrdup+0x36/0x70 [ 1698.902805] kstrdup_const+0x53/0x80 [ 1698.903206] __kernfs_new_node+0x9d/0x8b0 [ 1698.903662] ? kernfs_path_from_node+0x60/0x60 [ 1698.904196] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1698.904775] kernfs_create_dir_ns+0x9c/0x220 [ 1698.905272] sysfs_create_dir_ns+0x127/0x290 [ 1698.905744] ? sysfs_create_mount_point+0xb0/0xb0 [ 1698.906272] ? rwlock_bug.part.0+0x90/0x90 [ 1698.906744] ? class_dir_child_ns_type+0x9/0x60 [ 1698.907262] kobject_add_internal+0x24c/0x8d0 [ 1698.907761] kobject_add+0x150/0x1c0 [ 1698.908174] ? kset_create_and_add+0x1a0/0x1a0 [ 1698.908668] ? lockdep_init_map_type+0x21a/0x7e0 [ 1698.909193] device_add+0x357/0x1e60 [ 1698.909600] ? lock_is_held_type+0xd7/0x130 [ 1698.910069] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1698.910664] ? kfree+0x217/0x410 [ 1698.911051] device_create_groups_vargs+0x203/0x280 [ 1698.911596] device_create+0xdc/0x110 [ 1698.911997] ? device_create_groups_vargs+0x280/0x280 [ 1698.912568] ? queue_work_node+0x350/0x350 [ 1698.913033] ? init_timer_key+0xd1/0x110 [ 1698.913477] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1698.913972] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1698.914499] ? init_timer_key+0x81/0x110 [ 1698.914939] mac80211_hwsim_new_radio+0x382/0x4900 [ 1698.915461] ? lock_is_held_type+0xd7/0x130 [ 1698.915936] ? hwsim_virtio_rx_work+0x360/0x360 [ 1698.916447] ? lock_release+0x3b2/0x750 [ 1698.916876] ? __kmalloc+0x25b/0x440 [ 1698.917274] hwsim_new_radio_nl+0x9ab/0x1050 [ 1698.917752] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1698.918307] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.918900] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1698.919608] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1698.920310] genl_family_rcv_msg_doit+0x22d/0x330 [ 1698.920829] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1698.921525] ? mutex_lock_io_nested+0x1310/0x1310 [ 1698.922042] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.922632] ? cap_capable+0x1eb/0x250 [ 1698.923058] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.923651] ? ns_capable+0xd9/0x100 [ 1698.924073] genl_rcv_msg+0x33c/0x5a0 [ 1698.924479] ? genl_get_cmd+0x480/0x480 [ 1698.924907] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1698.925460] ? lock_release+0x750/0x750 [ 1698.925889] netlink_rcv_skb+0x14b/0x430 [ 1698.926323] ? genl_get_cmd+0x480/0x480 [ 1698.926756] ? netlink_ack+0xa80/0xa80 [ 1698.927171] ? netlink_deliver_tap+0x1b2/0xc30 [ 1698.927659] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1698.928212] ? is_vmalloc_addr+0x7b/0xb0 [ 1698.928655] genl_rcv+0x24/0x40 [ 1698.929002] netlink_unicast+0x54a/0x800 [ 1698.929435] ? netlink_attachskb+0x880/0x880 [ 1698.929896] ? is_vmalloc_addr+0x7b/0xb0 [ 1698.930338] netlink_sendmsg+0x904/0xe00 [ 1698.930777] ? netlink_unicast+0x800/0x800 [ 1698.931226] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.931820] ? netlink_unicast+0x800/0x800 [ 1698.932273] sock_sendmsg+0x150/0x190 [ 1698.932696] ____sys_sendmsg+0x703/0x870 [ 1698.933138] ? kernel_sendmsg+0x50/0x50 [ 1698.933570] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1698.934058] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1698.934620] ? lock_release+0x3b2/0x750 [ 1698.935046] ___sys_sendmsg+0xf3/0x170 [ 1698.935464] ? sendmsg_copy_msghdr+0x160/0x160 [ 1698.935945] ? lock_release+0x3b2/0x750 [ 1698.936383] ? lock_downgrade+0x6d0/0x6d0 [ 1698.936829] ? lock_release+0x3b2/0x750 [ 1698.937249] ? ksys_write+0x20c/0x250 [ 1698.937653] ? lock_downgrade+0x6d0/0x6d0 [ 1698.938097] ? __fget_files+0x287/0x470 [ 1698.938533] ? __fget_light+0xea/0x270 [ 1698.938949] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1698.939538] __sys_sendmsg+0xe5/0x1b0 [ 1698.939945] ? __sys_sendmsg_sock+0x30/0x30 [ 1698.940404] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1698.941000] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.941554] do_syscall_64+0x3b/0x90 [ 1698.941953] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1698.942493] RIP: 0033:0x7f406f897b19 [ 1698.942894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.944824] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1698.945620] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1698.946380] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1698.947119] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.947859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.948616] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1698.949366] 03:02:48 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x2, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:48 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:02:48 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x6000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:48 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x600, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1711.434102] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. 03:02:48 executing program 4: ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:02:48 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:02:48 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 34) [ 1711.436887] FAULT_INJECTION: forcing a failure. [ 1711.436887] name failslab, interval 1, probability 0, space 0, times 0 [ 1711.439307] CPU: 1 PID: 9677 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1711.440953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1711.443217] Call Trace: [ 1711.443731] [ 1711.444206] dump_stack_lvl+0x8b/0xb3 [ 1711.444975] should_fail.cold+0x5/0xa [ 1711.445747] ? __kernfs_new_node+0xd4/0x8b0 [ 1711.446619] should_failslab+0x5/0x10 [ 1711.447393] kmem_cache_alloc+0x5b/0x480 [ 1711.448215] __kernfs_new_node+0xd4/0x8b0 [ 1711.449061] ? kernfs_path_from_node+0x60/0x60 [ 1711.449968] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1711.451057] kernfs_create_dir_ns+0x9c/0x220 [ 1711.451941] sysfs_create_dir_ns+0x127/0x290 [ 1711.452847] ? sysfs_create_mount_point+0xb0/0xb0 03:02:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x91, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1711.453824] ? rwlock_bug.part.0+0x90/0x90 [ 1711.454794] ? class_dir_child_ns_type+0x9/0x60 [ 1711.455750] kobject_add_internal+0x24c/0x8d0 [ 1711.456679] kobject_add+0x150/0x1c0 [ 1711.457428] ? kset_create_and_add+0x1a0/0x1a0 [ 1711.458357] ? lockdep_init_map_type+0x21a/0x7e0 [ 1711.459340] device_add+0x357/0x1e60 [ 1711.460092] ? lock_is_held_type+0xd7/0x130 [ 1711.460981] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1711.462086] ? kfree+0x217/0x410 [ 1711.462794] device_create_groups_vargs+0x203/0x280 [ 1711.463805] device_create+0xdc/0x110 [ 1711.464594] ? device_create_groups_vargs+0x280/0x280 [ 1711.465628] ? queue_work_node+0x350/0x350 [ 1711.466496] ? init_timer_key+0xd1/0x110 [ 1711.467328] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1711.468271] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1711.469251] ? init_timer_key+0x81/0x110 [ 1711.470084] mac80211_hwsim_new_radio+0x382/0x4900 [ 1711.471080] ? lock_is_held_type+0xd7/0x130 [ 1711.471952] ? hwsim_virtio_rx_work+0x360/0x360 [ 1711.472901] ? lock_release+0x3b2/0x750 [ 1711.473692] ? __kmalloc+0x25b/0x440 [ 1711.474460] hwsim_new_radio_nl+0x9ab/0x1050 [ 1711.475351] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1711.476405] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.477518] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1711.478820] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1711.480139] genl_family_rcv_msg_doit+0x22d/0x330 [ 1711.481111] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 03:02:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) socket$inet6(0xa, 0x5, 0x8001) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1711.482412] ? mutex_lock_io_nested+0x1310/0x1310 [ 1711.483489] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.484626] ? cap_capable+0x1eb/0x250 [ 1711.485425] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.486546] ? ns_capable+0xd9/0x100 [ 1711.487312] genl_rcv_msg+0x33c/0x5a0 [ 1711.488156] ? genl_get_cmd+0x480/0x480 [ 1711.488963] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1711.490015] ? lock_release+0x750/0x750 [ 1711.490821] netlink_rcv_skb+0x14b/0x430 [ 1711.491625] ? genl_get_cmd+0x480/0x480 [ 1711.492434] ? netlink_ack+0xa80/0xa80 [ 1711.493217] ? netlink_deliver_tap+0x1b2/0xc30 [ 1711.494130] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1711.495125] ? is_vmalloc_addr+0x7b/0xb0 [ 1711.495940] genl_rcv+0x24/0x40 [ 1711.496612] netlink_unicast+0x54a/0x800 [ 1711.497428] ? netlink_attachskb+0x880/0x880 [ 1711.498290] ? is_vmalloc_addr+0x7b/0xb0 [ 1711.499114] netlink_sendmsg+0x904/0xe00 [ 1711.499926] ? netlink_unicast+0x800/0x800 [ 1711.500780] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.501874] ? netlink_unicast+0x800/0x800 [ 1711.502712] sock_sendmsg+0x150/0x190 [ 1711.503478] ____sys_sendmsg+0x703/0x870 [ 1711.504326] ? kernel_sendmsg+0x50/0x50 [ 1711.505118] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1711.506036] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1711.507087] ? lock_release+0x3b2/0x750 [ 1711.507910] ___sys_sendmsg+0xf3/0x170 [ 1711.508689] ? sendmsg_copy_msghdr+0x160/0x160 [ 1711.509595] ? lock_release+0x3b2/0x750 [ 1711.510390] ? lock_downgrade+0x6d0/0x6d0 [ 1711.511215] ? lock_release+0x3b2/0x750 [ 1711.512004] ? ksys_write+0x20c/0x250 [ 1711.512770] ? lock_downgrade+0x6d0/0x6d0 [ 1711.513612] ? __fget_files+0x287/0x470 [ 1711.514424] ? __fget_light+0xea/0x270 [ 1711.515205] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1711.516327] __sys_sendmsg+0xe5/0x1b0 [ 1711.517084] ? __sys_sendmsg_sock+0x30/0x30 [ 1711.517939] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.519053] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1711.520079] do_syscall_64+0x3b/0x90 [ 1711.520855] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1711.521872] RIP: 0033:0x7f406f897b19 [ 1711.522605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1711.526233] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1711.527734] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1711.529143] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1711.530541] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1711.531939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1711.533360] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1711.534787] [ 1711.535606] kobject_add_internal failed for hwsim198 (error: -12 parent: mac80211_hwsim) [ 1711.571119] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:02:48 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x7000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1711.630267] blktrace: Concurrent blktraces are not allowed on sg0 [ 1711.664636] blktrace: Concurrent blktraces are not allowed on sg0 03:02:48 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 35) 03:02:48 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x300, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:02:48 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}, {&(0x7f0000000180)=""/173, 0xad}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/89, 0x59}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/205, 0xcd}], 0x7}, 0x100}], 0x1, 0x40010000, &(0x7f00000005c0)={0x0, 0x3938700}) 03:02:48 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x700, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = epoll_create(0x5) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x21, &(0x7f0000000080)=0xb3, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) r3 = epoll_create(0x9) r4 = socket$netlink(0x10, 0x3, 0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000440)={0x60000002}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000440)) r5 = epoll_create(0x9) r6 = socket$netlink(0x10, 0x3, 0xf) setsockopt$sock_int(r6, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000440)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r5, &(0x7f0000000040)={0x40000000}) shutdown(r4, 0x0) syz_open_procfs(0x0, 0x0) [ 1711.737279] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1711.748889] FAULT_INJECTION: forcing a failure. [ 1711.748889] name failslab, interval 1, probability 0, space 0, times 0 [ 1711.750120] CPU: 0 PID: 9710 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1711.750967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1711.752115] Call Trace: [ 1711.752384] [ 1711.752616] dump_stack_lvl+0x8b/0xb3 [ 1711.753021] should_fail.cold+0x5/0xa [ 1711.753412] ? create_object.isra.0+0x3a/0xa20 [ 1711.753888] should_failslab+0x5/0x10 [ 1711.754281] kmem_cache_alloc+0x5b/0x480 [ 1711.754710] create_object.isra.0+0x3a/0xa20 [ 1711.755161] ? kasan_unpoison+0x23/0x50 [ 1711.755572] kmem_cache_alloc+0x239/0x480 [ 1711.756003] __kernfs_new_node+0xd4/0x8b0 [ 1711.756439] ? kernfs_path_from_node+0x60/0x60 [ 1711.756913] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1711.757468] kernfs_create_dir_ns+0x9c/0x220 [ 1711.757930] sysfs_create_dir_ns+0x127/0x290 [ 1711.758386] ? sysfs_create_mount_point+0xb0/0xb0 [ 1711.758878] ? rwlock_bug.part.0+0x90/0x90 [ 1711.759317] ? class_dir_child_ns_type+0x9/0x60 [ 1711.759804] kobject_add_internal+0x24c/0x8d0 [ 1711.760278] kobject_add+0x150/0x1c0 [ 1711.760664] ? kset_create_and_add+0x1a0/0x1a0 [ 1711.761133] ? lockdep_init_map_type+0x21a/0x7e0 [ 1711.761634] device_add+0x357/0x1e60 [ 1711.762018] ? lock_is_held_type+0xd7/0x130 [ 1711.762462] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1711.763017] ? kfree+0x217/0x410 [ 1711.763376] device_create_groups_vargs+0x203/0x280 [ 1711.763893] device_create+0xdc/0x110 [ 1711.764296] ? device_create_groups_vargs+0x280/0x280 [ 1711.764819] ? queue_work_node+0x350/0x350 [ 1711.765247] ? init_timer_key+0xd1/0x110 [ 1711.765671] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1711.766132] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1711.766630] ? init_timer_key+0x81/0x110 [ 1711.767054] mac80211_hwsim_new_radio+0x382/0x4900 [ 1711.767560] ? lock_is_held_type+0xd7/0x130 [ 1711.768015] ? hwsim_virtio_rx_work+0x360/0x360 [ 1711.768496] ? lock_release+0x3b2/0x750 [ 1711.768909] ? __kmalloc+0x25b/0x440 [ 1711.769295] hwsim_new_radio_nl+0x9ab/0x1050 [ 1711.769750] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1711.770283] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.770858] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1711.771531] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1711.772211] genl_family_rcv_msg_doit+0x22d/0x330 [ 1711.772705] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1711.773372] ? mutex_lock_io_nested+0x1310/0x1310 [ 1711.773874] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.774429] ? cap_capable+0x1eb/0x250 [ 1711.774842] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.775399] ? ns_capable+0xd9/0x100 [ 1711.775799] genl_rcv_msg+0x33c/0x5a0 [ 1711.776197] ? genl_get_cmd+0x480/0x480 [ 1711.776605] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1711.777129] ? lock_release+0x750/0x750 [ 1711.777541] netlink_rcv_skb+0x14b/0x430 [ 1711.777958] ? genl_get_cmd+0x480/0x480 [ 1711.778363] ? netlink_ack+0xa80/0xa80 [ 1711.778768] ? netlink_deliver_tap+0x1b2/0xc30 [ 1711.779241] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1711.779759] ? is_vmalloc_addr+0x7b/0xb0 [ 1711.780185] genl_rcv+0x24/0x40 [ 1711.780544] netlink_unicast+0x54a/0x800 [ 1711.780976] ? netlink_attachskb+0x880/0x880 [ 1711.781425] ? is_vmalloc_addr+0x7b/0xb0 [ 1711.781855] netlink_sendmsg+0x904/0xe00 [ 1711.782281] ? netlink_unicast+0x800/0x800 [ 1711.782723] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.783300] ? netlink_unicast+0x800/0x800 [ 1711.783742] sock_sendmsg+0x150/0x190 [ 1711.784136] ____sys_sendmsg+0x703/0x870 [ 1711.784579] ? kernel_sendmsg+0x50/0x50 [ 1711.784986] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1711.785469] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1711.786015] ? lock_release+0x3b2/0x750 [ 1711.786444] ___sys_sendmsg+0xf3/0x170 [ 1711.786842] ? sendmsg_copy_msghdr+0x160/0x160 [ 1711.787321] ? lock_release+0x3b2/0x750 [ 1711.787738] ? lock_downgrade+0x6d0/0x6d0 [ 1711.788163] ? lock_release+0x3b2/0x750 [ 1711.788593] ? ksys_write+0x20c/0x250 [ 1711.788988] ? lock_downgrade+0x6d0/0x6d0 [ 1711.789437] ? __fget_files+0x287/0x470 [ 1711.789871] ? __fget_light+0xea/0x270 [ 1711.790281] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1711.790843] __sys_sendmsg+0xe5/0x1b0 [ 1711.791234] ? __sys_sendmsg_sock+0x30/0x30 [ 1711.791666] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1711.792277] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1711.792803] do_syscall_64+0x3b/0x90 [ 1711.793198] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1711.793719] RIP: 0033:0x7f406f897b19 [ 1711.794110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1711.795930] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1711.796706] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1711.797419] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1711.798127] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1711.798849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1711.799561] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1711.800301] 03:02:48 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x4b47, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x92, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:02:48 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0xffffe000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:49 executing program 4: ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000180)={0xa9, 0x80000001, 0x23, "497e057f3027a50ba0d93b0c9951670a95b5f9fae915574bd672a89fe72c746472c929c8b4f2f5867e6387bf41676f5280939e7268ac1c284dd2426bc5b50fdd35d6cd1ae155e21a8d36f2dabf277e676b0ff4a778d6abbbe73af9ecc4932d93c65e4f282de25856553c7f2043739a88dc0d06c97826eb5671eb6a5097569dcc66246efccb9286321549e1ed6ce711886f6483d2972f6ae23b07ed61b8a65e2003d58a2a03473b31d1"}) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0xc0286687, &(0x7f0000000140)={0x1, 0x1, 0xcc, &(0x7f0000000040)=""/204}) [ 1711.878648] blktrace: Concurrent blktraces are not allowed on sg0 [ 1711.898362] blktrace: Concurrent blktraces are not allowed on sg0 03:02:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x93, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:02:49 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1800, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:02:49 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0xe0ffff00000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:02:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1712.011135] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:02:49 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x4b49, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:02:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x95, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1712.062411] blktrace: Concurrent blktraces are not allowed on sg0 03:02:49 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'vxcan1\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002480), 0x0, 0x13020, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000040)) syz_open_procfs(0x0, 0x0) r3 = signalfd4(r0, &(0x7f00000000c0)={[0x3]}, 0x8, 0xc0000) r4 = epoll_create(0x9) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'}) [ 1712.083929] blktrace: Concurrent blktraces are not allowed on sg0 03:03:06 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x541b, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:03:06 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x8000, 0x3, &(0x7f0000000380)=[{&(0x7f0000000140)="be79ddbc066815f6aefd34e0fe187de603f0d532cdd6d443295a36587fe4f5596f1a22966d54be4ab9e50c9ce3a390067bd99eedb24e502c318e859c9c22382722929bae9729d53368c80970870672c2d0bf0d68cd22b5c87c20116c914d2dfabb884867bbe3fe17669b9de38155baf8bccd6f5ea112008bb89f7c8911d670d1d8b88e4536dd395c8f018a39df1d3b469f8dc7583edadce186f6ba83e884e7adc9ff573b8f7448d4650ecbf1e6d97c08bcb66e68a9365d8226bfce809b2d8f5bcfce6334b2108b7b6c0d3f695a4eba62721c8032a9937062ce5c922e4bae7ef83cd6870bcc", 0xe5, 0x1}, {&(0x7f0000000240), 0x0, 0x101}, {&(0x7f0000000280)="9faaf3055c08eb77edaa642d3097a58eafba69d212ff74522447b7a5a8402ceb900cd6e32fe5a451dbc23509bedbaa9c55de6338d00b90676cbc25ed8cebb67c3d6d97fb3dc44d4d869636145e888e7db5c380fed15006893a68ffa04b2203fd8268b8c9b5f9fa991b2b654cc98d60a9b66b0b411be92824d7503799a0e4043b81fa471e1f7a936a0268b7463cc616585531c428ea564f970625d3f0b3ad1c96b45f9779939ec1d39999edb61063acf51cb3bfdd23cd9eb5faa3019b190d143ed1496c395742f522b719feb2152131ee524efc7393c368ee8d3c5cf1584ff4e0118814d8", 0xe4, 0x7}], 0x3000, &(0x7f0000000400)={[{@sysvgroups}, {@orlov}, {@minixdf}, {@dioread_nolock}, {@prjquota}, {@journal_checksum}, {@dax}, {@nobarrier}], [{@dont_hash}]}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f0000000040), &(0x7f0000000080)=0x8) 03:03:06 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c00, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:03:06 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x100000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:03:06 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) r1 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:03:06 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf00, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:03:06 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x96, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:03:06 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 36) [ 1729.252727] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1729.254450] FAULT_INJECTION: forcing a failure. [ 1729.254450] name failslab, interval 1, probability 0, space 0, times 0 [ 1729.256306] CPU: 1 PID: 9768 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1729.257553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1729.259253] Call Trace: [ 1729.259633] [ 1729.259964] dump_stack_lvl+0x8b/0xb3 [ 1729.260560] should_fail.cold+0x5/0xa [ 1729.261146] ? __kernfs_new_node+0xd4/0x8b0 [ 1729.261801] should_failslab+0x5/0x10 [ 1729.262372] kmem_cache_alloc+0x5b/0x480 [ 1729.262978] ? lock_downgrade+0x6d0/0x6d0 [ 1729.263623] __kernfs_new_node+0xd4/0x8b0 [ 1729.264266] ? __lock_acquire+0x164e/0x6120 [ 1729.264871] ? kernfs_path_from_node+0x60/0x60 [ 1729.265368] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1729.265930] kernfs_new_node+0x93/0x120 [ 1729.266350] __kernfs_create_file+0x51/0x350 [ 1729.266812] sysfs_add_file_mode_ns+0x218/0x430 [ 1729.267299] ? component_del+0x4c0/0x4c0 [ 1729.267737] sysfs_create_file_ns+0x127/0x1c0 [ 1729.268208] ? sysfs_add_file_mode_ns+0x430/0x430 [ 1729.268741] ? down_read+0x198/0x440 [ 1729.269142] ? up_write+0x460/0x460 [ 1729.269535] device_create_file+0xea/0x1d0 [ 1729.269994] device_add+0x4b0/0x1e60 [ 1729.270385] ? lock_is_held_type+0xd7/0x130 [ 1729.270848] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1729.271420] ? kfree+0x217/0x410 [ 1729.271787] device_create_groups_vargs+0x203/0x280 [ 1729.272307] device_create+0xdc/0x110 [ 1729.272724] ? device_create_groups_vargs+0x280/0x280 [ 1729.273258] ? queue_work_node+0x350/0x350 [ 1729.273715] ? init_timer_key+0xd1/0x110 [ 1729.274146] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1729.274639] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1729.275150] ? init_timer_key+0x81/0x110 [ 1729.275587] mac80211_hwsim_new_radio+0x382/0x4900 [ 1729.276115] ? lock_is_held_type+0xd7/0x130 [ 1729.276610] ? hwsim_virtio_rx_work+0x360/0x360 [ 1729.277118] ? lock_release+0x3b2/0x750 [ 1729.277555] ? __kmalloc+0x25b/0x440 [ 1729.277968] hwsim_new_radio_nl+0x9ab/0x1050 [ 1729.278435] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1729.278987] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1729.279561] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1729.280258] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1729.280960] genl_family_rcv_msg_doit+0x22d/0x330 [ 1729.281465] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1729.282143] ? mutex_lock_io_nested+0x1310/0x1310 [ 1729.282650] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1729.283221] ? cap_capable+0x1eb/0x250 [ 1729.283650] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1729.284225] ? ns_capable+0xd9/0x100 [ 1729.284638] genl_rcv_msg+0x33c/0x5a0 [ 1729.285046] ? genl_get_cmd+0x480/0x480 [ 1729.285483] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1729.286036] ? lock_release+0x750/0x750 [ 1729.286462] netlink_rcv_skb+0x14b/0x430 [ 1729.286890] ? genl_get_cmd+0x480/0x480 [ 1729.287304] ? netlink_ack+0xa80/0xa80 [ 1729.287724] ? netlink_deliver_tap+0x1b2/0xc30 [ 1729.288212] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1729.288766] ? is_vmalloc_addr+0x7b/0xb0 [ 1729.289203] genl_rcv+0x24/0x40 [ 1729.289549] netlink_unicast+0x54a/0x800 [ 1729.289983] ? netlink_attachskb+0x880/0x880 [ 1729.290444] ? is_vmalloc_addr+0x7b/0xb0 [ 1729.290881] netlink_sendmsg+0x904/0xe00 [ 1729.291317] ? netlink_unicast+0x800/0x800 [ 1729.291769] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1729.292358] ? netlink_unicast+0x800/0x800 [ 1729.292821] sock_sendmsg+0x150/0x190 [ 1729.293232] ____sys_sendmsg+0x703/0x870 [ 1729.293676] ? kernel_sendmsg+0x50/0x50 [ 1729.294109] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1729.294596] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1729.295151] ? lock_release+0x3b2/0x750 [ 1729.295578] ___sys_sendmsg+0xf3/0x170 [ 1729.295995] ? sendmsg_copy_msghdr+0x160/0x160 [ 1729.296487] ? lock_release+0x3b2/0x750 [ 1729.296921] ? lock_downgrade+0x6d0/0x6d0 [ 1729.297369] ? lock_release+0x3b2/0x750 [ 1729.297787] ? ksys_write+0x20c/0x250 [ 1729.298182] ? lock_downgrade+0x6d0/0x6d0 [ 1729.298638] ? __fget_files+0x287/0x470 [ 1729.299074] ? __fget_light+0xea/0x270 [ 1729.299501] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1729.300089] __sys_sendmsg+0xe5/0x1b0 [ 1729.300503] ? __sys_sendmsg_sock+0x30/0x30 [ 1729.300949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1729.301532] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1729.302068] do_syscall_64+0x3b/0x90 [ 1729.302469] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1729.303010] RIP: 0033:0x7f406f897b19 [ 1729.303409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1729.305309] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1729.306115] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1729.306865] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1729.307606] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1729.308348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1729.309102] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1729.309858] [ 1729.317399] blktrace: Concurrent blktraces are not allowed on sg0 03:03:06 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x108000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1729.361438] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:03:06 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:03:06 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'syzkaller0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:03:06 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1729.406065] blktrace: Concurrent blktraces are not allowed on sg0 [ 1729.410810] blktrace: Concurrent blktraces are not allowed on sg0 03:03:06 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x200000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1729.485962] blktrace: Concurrent blktraces are not allowed on sg0 [ 1729.493050] blktrace: Concurrent blktraces are not allowed on sg0 03:03:06 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:03:06 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2500, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:03:06 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x300000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1729.605550] blktrace: Concurrent blktraces are not allowed on sg0 [ 1729.612434] blktrace: Concurrent blktraces are not allowed on sg0 03:03:21 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) sendmsg$AUDIT_SET_FEATURE(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1040440c}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x400, 0x70bd25, 0x25dfdbfe, {}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x2}, 0x0) 03:03:21 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x5421, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:03:21 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x6400, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:03:21 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x400000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:03:21 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 37) 03:03:21 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:03:21 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:03:21 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1744.644887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1018 sclass=netlink_route_socket pid=9819 comm=syz-executor.4 [ 1744.659240] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1018 sclass=netlink_route_socket pid=9826 comm=syz-executor.4 [ 1744.667670] blktrace: Concurrent blktraces are not allowed on sg0 [ 1744.669406] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1744.670668] FAULT_INJECTION: forcing a failure. [ 1744.670668] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.671850] CPU: 0 PID: 9825 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1744.672718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1744.673908] Call Trace: [ 1744.674180] [ 1744.674416] dump_stack_lvl+0x8b/0xb3 [ 1744.674837] should_fail.cold+0x5/0xa [ 1744.675241] ? create_object.isra.0+0x3a/0xa20 [ 1744.675746] should_failslab+0x5/0x10 [ 1744.676156] kmem_cache_alloc+0x5b/0x480 [ 1744.676592] create_object.isra.0+0x3a/0xa20 [ 1744.677081] ? kasan_unpoison+0x23/0x50 [ 1744.677514] kmem_cache_alloc+0x239/0x480 [ 1744.677971] __kernfs_new_node+0xd4/0x8b0 [ 1744.678422] ? __lock_acquire+0x164e/0x6120 [ 1744.678887] ? kernfs_path_from_node+0x60/0x60 [ 1744.679380] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1744.679936] kernfs_new_node+0x93/0x120 [ 1744.680364] __kernfs_create_file+0x51/0x350 [ 1744.680835] sysfs_add_file_mode_ns+0x218/0x430 [ 1744.681330] ? component_del+0x4c0/0x4c0 [ 1744.681777] sysfs_create_file_ns+0x127/0x1c0 [ 1744.682254] ? sysfs_add_file_mode_ns+0x430/0x430 [ 1744.682759] ? down_read+0x198/0x440 [ 1744.683158] ? up_write+0x460/0x460 [ 1744.683563] device_create_file+0xea/0x1d0 [ 1744.684014] device_add+0x4b0/0x1e60 [ 1744.684414] ? lock_is_held_type+0xd7/0x130 [ 1744.684895] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1744.685479] ? kfree+0x217/0x410 [ 1744.685870] device_create_groups_vargs+0x203/0x280 [ 1744.686422] device_create+0xdc/0x110 [ 1744.686833] ? device_create_groups_vargs+0x280/0x280 [ 1744.687393] ? queue_work_node+0x350/0x350 [ 1744.687856] ? init_timer_key+0xd1/0x110 [ 1744.688295] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1744.688783] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1744.689292] ? init_timer_key+0x81/0x110 [ 1744.689740] mac80211_hwsim_new_radio+0x382/0x4900 [ 1744.690256] ? lock_is_held_type+0xd7/0x130 [ 1744.690731] ? hwsim_virtio_rx_work+0x360/0x360 [ 1744.691236] ? lock_release+0x3b2/0x750 [ 1744.691661] ? __kmalloc+0x25b/0x440 [ 1744.692069] hwsim_new_radio_nl+0x9ab/0x1050 [ 1744.692550] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1744.693124] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.693728] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1744.694436] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1744.695117] genl_family_rcv_msg_doit+0x22d/0x330 [ 1744.695638] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1744.696345] ? mutex_lock_io_nested+0x1310/0x1310 [ 1744.696875] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.697477] ? cap_capable+0x1eb/0x250 [ 1744.697910] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.698500] ? ns_capable+0xd9/0x100 [ 1744.698908] genl_rcv_msg+0x33c/0x5a0 [ 1744.699316] ? genl_get_cmd+0x480/0x480 [ 1744.699742] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1744.700294] ? lock_release+0x750/0x750 [ 1744.700736] netlink_rcv_skb+0x14b/0x430 [ 1744.701170] ? genl_get_cmd+0x480/0x480 [ 1744.701596] ? netlink_ack+0xa80/0xa80 [ 1744.702025] ? netlink_deliver_tap+0x1b2/0xc30 [ 1744.702521] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1744.703060] ? is_vmalloc_addr+0x7b/0xb0 [ 1744.703505] genl_rcv+0x24/0x40 [ 1744.703861] netlink_unicast+0x54a/0x800 [ 1744.704288] ? netlink_attachskb+0x880/0x880 [ 1744.704763] ? is_vmalloc_addr+0x7b/0xb0 [ 1744.705201] netlink_sendmsg+0x904/0xe00 [ 1744.705637] ? netlink_unicast+0x800/0x800 [ 1744.706091] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.706693] ? netlink_unicast+0x800/0x800 [ 1744.707147] sock_sendmsg+0x150/0x190 [ 1744.707560] ____sys_sendmsg+0x703/0x870 [ 1744.707987] ? kernel_sendmsg+0x50/0x50 [ 1744.708417] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1744.708918] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1744.709471] ? lock_release+0x3b2/0x750 [ 1744.709892] ___sys_sendmsg+0xf3/0x170 [ 1744.710314] ? sendmsg_copy_msghdr+0x160/0x160 [ 1744.710799] ? lock_release+0x3b2/0x750 [ 1744.711218] ? lock_downgrade+0x6d0/0x6d0 [ 1744.711663] ? lock_release+0x3b2/0x750 [ 1744.712084] ? ksys_write+0x20c/0x250 [ 1744.712493] ? lock_downgrade+0x6d0/0x6d0 [ 1744.712938] ? __fget_files+0x287/0x470 [ 1744.713374] ? __fget_light+0xea/0x270 [ 1744.713788] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1744.714365] __sys_sendmsg+0xe5/0x1b0 [ 1744.714768] ? __sys_sendmsg_sock+0x30/0x30 [ 1744.715216] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.715805] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1744.716352] do_syscall_64+0x3b/0x90 [ 1744.716767] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1744.717296] RIP: 0033:0x7f406f897b19 [ 1744.717680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.719571] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1744.720351] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1744.721109] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1744.721848] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1744.722598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.723335] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1744.724084] 03:03:22 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:03:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 38) 03:03:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x34000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1744.880933] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1744.884028] FAULT_INJECTION: forcing a failure. [ 1744.884028] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.885288] CPU: 0 PID: 9845 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1744.886142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1744.887323] Call Trace: [ 1744.887588] [ 1744.887826] dump_stack_lvl+0x8b/0xb3 [ 1744.888235] should_fail.cold+0x5/0xa [ 1744.888645] ? create_object.isra.0+0x3a/0xa20 [ 1744.889146] should_failslab+0x5/0x10 [ 1744.889557] kmem_cache_alloc+0x5b/0x480 [ 1744.889999] create_object.isra.0+0x3a/0xa20 [ 1744.890463] ? kasan_unpoison+0x23/0x50 [ 1744.890889] kmem_cache_alloc+0x239/0x480 [ 1744.891333] __kernfs_new_node+0xd4/0x8b0 [ 1744.891781] ? __lock_acquire+0x164e/0x6120 [ 1744.892236] ? kernfs_path_from_node+0x60/0x60 [ 1744.892750] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1744.893312] kernfs_new_node+0x93/0x120 [ 1744.893743] __kernfs_create_file+0x51/0x350 [ 1744.894202] sysfs_add_file_mode_ns+0x218/0x430 [ 1744.894697] ? component_del+0x4c0/0x4c0 [ 1744.895140] sysfs_create_file_ns+0x127/0x1c0 [ 1744.895626] ? sysfs_add_file_mode_ns+0x430/0x430 [ 1744.896136] ? down_read+0x198/0x440 [ 1744.896546] ? up_write+0x460/0x460 [ 1744.896943] device_create_file+0xea/0x1d0 [ 1744.897403] device_add+0x4b0/0x1e60 [ 1744.897808] ? lock_is_held_type+0xd7/0x130 [ 1744.898266] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1744.898884] ? kfree+0x217/0x410 [ 1744.899262] device_create_groups_vargs+0x203/0x280 [ 1744.899821] device_create+0xdc/0x110 [ 1744.900249] ? device_create_groups_vargs+0x280/0x280 [ 1744.900809] ? queue_work_node+0x350/0x350 [ 1744.901281] ? init_timer_key+0xd1/0x110 [ 1744.901727] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1744.902225] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1744.902744] ? init_timer_key+0x81/0x110 [ 1744.903182] mac80211_hwsim_new_radio+0x382/0x4900 [ 1744.903720] ? lock_is_held_type+0xd7/0x130 [ 1744.904195] ? hwsim_virtio_rx_work+0x360/0x360 [ 1744.904704] ? lock_release+0x3b2/0x750 [ 1744.905137] ? __kmalloc+0x25b/0x440 [ 1744.905552] hwsim_new_radio_nl+0x9ab/0x1050 [ 1744.906048] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1744.906617] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.907221] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1744.907939] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1744.908636] genl_family_rcv_msg_doit+0x22d/0x330 [ 1744.909161] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1744.909848] ? mutex_lock_io_nested+0x1310/0x1310 [ 1744.910373] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.910979] ? cap_capable+0x1eb/0x250 [ 1744.911415] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.912022] ? ns_capable+0xd9/0x100 [ 1744.912435] genl_rcv_msg+0x33c/0x5a0 [ 1744.912866] ? genl_get_cmd+0x480/0x480 [ 1744.913301] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1744.913871] ? lock_release+0x750/0x750 [ 1744.914307] netlink_rcv_skb+0x14b/0x430 [ 1744.914751] ? genl_get_cmd+0x480/0x480 [ 1744.915178] ? netlink_ack+0xa80/0xa80 [ 1744.915612] ? netlink_deliver_tap+0x1b2/0xc30 [ 1744.916113] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1744.916659] ? is_vmalloc_addr+0x7b/0xb0 [ 1744.917127] genl_rcv+0x24/0x40 [ 1744.917473] netlink_unicast+0x54a/0x800 [ 1744.917917] ? netlink_attachskb+0x880/0x880 [ 1744.918404] ? is_vmalloc_addr+0x7b/0xb0 [ 1744.918850] netlink_sendmsg+0x904/0xe00 [ 1744.919304] ? netlink_unicast+0x800/0x800 [ 1744.919768] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.920359] ? netlink_unicast+0x800/0x800 [ 1744.920844] sock_sendmsg+0x150/0x190 [ 1744.921269] ____sys_sendmsg+0x703/0x870 [ 1744.921701] ? kernel_sendmsg+0x50/0x50 [ 1744.922132] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1744.922634] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1744.923207] ? lock_release+0x3b2/0x750 [ 1744.923646] ___sys_sendmsg+0xf3/0x170 [ 1744.924065] ? sendmsg_copy_msghdr+0x160/0x160 [ 1744.924547] ? lock_release+0x3b2/0x750 [ 1744.924996] ? lock_downgrade+0x6d0/0x6d0 [ 1744.925433] ? lock_release+0x3b2/0x750 [ 1744.925854] ? ksys_write+0x20c/0x250 [ 1744.926261] ? lock_downgrade+0x6d0/0x6d0 [ 1744.926713] ? __fget_files+0x287/0x470 [ 1744.927140] ? __fget_light+0xea/0x270 [ 1744.927546] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1744.928138] __sys_sendmsg+0xe5/0x1b0 [ 1744.928538] ? __sys_sendmsg_sock+0x30/0x30 [ 1744.928991] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1744.929592] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1744.930141] do_syscall_64+0x3b/0x90 [ 1744.930542] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1744.931090] RIP: 0033:0x7f406f897b19 [ 1744.931477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.933401] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1744.934214] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1744.934971] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1744.935728] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1744.936478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.937237] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1744.938012] 03:03:40 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x80000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:03:40 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 39) 03:03:40 executing program 4: ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'ip6gre0\x00', 0x0, 0x4, 0x0, 0x1f, 0x8f, 0x42, @private0, @loopback, 0x8, 0x80, 0x0, 0x8}}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000380)={'erspan0\x00', &(0x7f0000000280)={'tunl0\x00', r1, 0x7800, 0x80, 0x20, 0x0, {{0x38, 0x4, 0x3, 0xf, 0xe0, 0x65, 0x0, 0x3, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x14}, @empty, {[@generic={0x82, 0x7, "ec0dae58d9"}, @lsrr={0x83, 0x13, 0x27, [@loopback, @multicast1, @private=0xa010102, @local]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0xf, 0x9e, [@broadcast, @rand_addr=0x64010100, @local]}, @rr={0x7, 0xf, 0xf2, [@multicast1, @remote, @broadcast]}, @timestamp_prespec={0x44, 0x44, 0x41, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@loopback, 0x2}, {@multicast1, 0x4}, {@local, 0x4}, {@local, 0x7ff}, {@private=0xa010102, 0x5}, {@multicast1, 0x5}, {@empty, 0x3}]}, @timestamp_addr={0x44, 0x4c, 0xf2, 0x1, 0x0, [{@multicast2, 0x401}, {@multicast2, 0x4}, {@multicast2, 0x2}, {@broadcast, 0x3c}, {@empty, 0x6}, {@remote, 0x6}, {@remote, 0x2}, {@empty, 0x1}, {@dev={0xac, 0x14, 0x14, 0xd}, 0x800}]}]}}}}}) syz_open_procfs(0x0, 0x0) 03:03:40 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x500000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:03:40 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x5450, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:03:40 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1762.847369] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. 03:03:40 executing program 7: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:03:40 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x8004, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1762.870276] FAULT_INJECTION: forcing a failure. [ 1762.870276] name failslab, interval 1, probability 0, space 0, times 0 [ 1762.872319] CPU: 0 PID: 9861 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1762.873678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1762.875397] Call Trace: [ 1762.875789] [ 1762.876129] dump_stack_lvl+0x8b/0xb3 [ 1762.876727] should_fail.cold+0x5/0xa [ 1762.877324] ? create_object.isra.0+0x3a/0xa20 [ 1762.878036] should_failslab+0x5/0x10 [ 1762.878624] kmem_cache_alloc+0x5b/0x480 [ 1762.879266] create_object.isra.0+0x3a/0xa20 [ 1762.879901] ? kasan_unpoison+0x23/0x50 [ 1762.880508] kmem_cache_alloc+0x239/0x480 [ 1762.881167] __kernfs_new_node+0xd4/0x8b0 [ 1762.881811] ? __lock_acquire+0x164e/0x6120 [ 1762.882500] ? kernfs_path_from_node+0x60/0x60 [ 1762.883213] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1762.884055] kernfs_new_node+0x93/0x120 [ 1762.884695] __kernfs_create_file+0x51/0x350 [ 1762.885395] sysfs_add_file_mode_ns+0x218/0x430 [ 1762.886130] ? component_del+0x4c0/0x4c0 [ 1762.886766] sysfs_create_file_ns+0x127/0x1c0 [ 1762.887444] ? sysfs_add_file_mode_ns+0x430/0x430 [ 1762.888194] ? down_read+0x198/0x440 [ 1762.888780] ? up_write+0x460/0x460 [ 1762.889375] device_create_file+0xea/0x1d0 [ 1762.890056] device_add+0x4b0/0x1e60 [ 1762.890651] ? lock_is_held_type+0xd7/0x130 [ 1762.891333] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1762.892186] ? kfree+0x217/0x410 [ 1762.892743] device_create_groups_vargs+0x203/0x280 [ 1762.893543] device_create+0xdc/0x110 [ 1762.894162] ? device_create_groups_vargs+0x280/0x280 [ 1762.894977] ? queue_work_node+0x350/0x350 [ 1762.895609] ? init_timer_key+0xd1/0x110 [ 1762.896201] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1762.896872] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1762.897564] ? init_timer_key+0x81/0x110 [ 1762.898171] mac80211_hwsim_new_radio+0x382/0x4900 [ 1762.898895] ? lock_is_held_type+0xd7/0x130 [ 1762.899535] ? hwsim_virtio_rx_work+0x360/0x360 [ 1762.900203] ? lock_release+0x3b2/0x750 [ 1762.900793] ? __kmalloc+0x25b/0x440 [ 1762.901356] hwsim_new_radio_nl+0x9ab/0x1050 [ 1762.902009] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1762.902776] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1762.903577] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1762.904546] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1762.905534] genl_family_rcv_msg_doit+0x22d/0x330 [ 1762.906241] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1762.907202] ? mutex_lock_io_nested+0x1310/0x1310 [ 1762.907915] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1762.908720] ? cap_capable+0x1eb/0x250 [ 1762.909321] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1762.910127] ? ns_capable+0xd9/0x100 [ 1762.910696] genl_rcv_msg+0x33c/0x5a0 [ 1762.911258] ? genl_get_cmd+0x480/0x480 [ 1762.911840] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1762.912594] ? lock_release+0x750/0x750 [ 1762.913192] netlink_rcv_skb+0x14b/0x430 [ 1762.913799] ? genl_get_cmd+0x480/0x480 [ 1762.914391] ? netlink_ack+0xa80/0xa80 [ 1762.914976] ? netlink_deliver_tap+0x1b2/0xc30 [ 1762.915655] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1762.916388] ? is_vmalloc_addr+0x7b/0xb0 [ 1762.917015] genl_rcv+0x24/0x40 [ 1762.917504] netlink_unicast+0x54a/0x800 [ 1762.918105] ? netlink_attachskb+0x880/0x880 [ 1762.918748] ? is_vmalloc_addr+0x7b/0xb0 [ 1762.919362] netlink_sendmsg+0x904/0xe00 [ 1762.919944] ? netlink_unicast+0x800/0x800 [ 1762.920552] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1762.921370] ? netlink_unicast+0x800/0x800 [ 1762.921978] sock_sendmsg+0x150/0x190 [ 1762.922523] ____sys_sendmsg+0x703/0x870 [ 1762.923124] ? kernel_sendmsg+0x50/0x50 [ 1762.923707] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1762.924364] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1762.925176] ? lock_release+0x3b2/0x750 [ 1762.925771] ___sys_sendmsg+0xf3/0x170 [ 1762.926343] ? sendmsg_copy_msghdr+0x160/0x160 [ 1762.927007] ? lock_release+0x3b2/0x750 [ 1762.927588] ? lock_downgrade+0x6d0/0x6d0 [ 1762.928201] ? lock_release+0x3b2/0x750 [ 1762.928794] ? ksys_write+0x20c/0x250 [ 1762.929361] ? lock_downgrade+0x6d0/0x6d0 [ 1762.929985] ? __fget_files+0x287/0x470 [ 1762.930588] ? __fget_light+0xea/0x270 [ 1762.931169] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1762.931917] blktrace: Concurrent blktraces are not allowed on sg0 [ 1762.931987] __sys_sendmsg+0xe5/0x1b0 [ 1762.933815] ? __sys_sendmsg_sock+0x30/0x30 [ 1762.934460] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1762.935284] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1762.936054] do_syscall_64+0x3b/0x90 [ 1762.936610] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1762.937379] RIP: 0033:0x7f406f897b19 [ 1762.937944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1762.940648] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1762.941758] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1762.942797] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1762.943833] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1762.944868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1762.945941] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1762.946992] 03:03:40 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x400300, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:03:40 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000004b40)) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:03:40 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x600000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:03:40 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x8008, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1763.144329] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:03:40 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 40) [ 1763.199789] blktrace: Concurrent blktraces are not allowed on sg0 [ 1763.215544] blktrace: Concurrent blktraces are not allowed on sg0 [ 1763.317315] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1763.319948] FAULT_INJECTION: forcing a failure. [ 1763.319948] name failslab, interval 1, probability 0, space 0, times 0 [ 1763.322265] CPU: 0 PID: 9894 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1763.323883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1763.326147] Call Trace: [ 1763.326660] [ 1763.327107] dump_stack_lvl+0x8b/0xb3 [ 1763.327880] should_fail.cold+0x5/0xa [ 1763.328656] should_failslab+0x5/0x10 [ 1763.329419] __kmalloc_track_caller+0x79/0x430 [ 1763.330328] ? kstrdup_const+0x53/0x80 [ 1763.331114] kstrdup+0x36/0x70 [ 1763.331748] kstrdup_const+0x53/0x80 [ 1763.332476] __kernfs_new_node+0x9d/0x8b0 [ 1763.333313] ? kernfs_add_one+0x3c6/0x550 [ 1763.334120] ? kernfs_path_from_node+0x60/0x60 [ 1763.335023] ? lock_is_held_type+0xd7/0x130 [ 1763.335855] ? find_held_lock+0x2c/0x110 [ 1763.336650] ? lock_release+0x3b2/0x750 [ 1763.337434] ? sysfs_do_create_link_sd+0x82/0x140 [ 1763.338369] kernfs_new_node+0x93/0x120 [ 1763.339160] kernfs_create_link+0xcb/0x230 [ 1763.339986] sysfs_do_create_link_sd+0x90/0x140 [ 1763.340887] sysfs_create_link+0x5f/0xc0 [ 1763.341710] device_add+0x660/0x1e60 [ 1763.342451] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1763.343503] ? kfree+0x217/0x410 [ 1763.344190] device_create_groups_vargs+0x203/0x280 [ 1763.345171] device_create+0xdc/0x110 [ 1763.345906] ? device_create_groups_vargs+0x280/0x280 [ 1763.346908] ? queue_work_node+0x350/0x350 [ 1763.347762] ? init_timer_key+0xd1/0x110 [ 1763.348568] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1763.349486] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1763.350418] ? init_timer_key+0x81/0x110 [ 1763.351209] mac80211_hwsim_new_radio+0x382/0x4900 [ 1763.352166] ? lock_is_held_type+0xd7/0x130 [ 1763.353024] ? hwsim_virtio_rx_work+0x360/0x360 [ 1763.353920] ? lock_release+0x3b2/0x750 [ 1763.354692] ? __kmalloc+0x25b/0x440 [ 1763.355425] hwsim_new_radio_nl+0x9ab/0x1050 [ 1763.356281] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1763.357307] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1763.358372] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1763.359635] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1763.360901] genl_family_rcv_msg_doit+0x22d/0x330 [ 1763.361854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1763.363125] ? mutex_lock_io_nested+0x1310/0x1310 [ 1763.364054] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1763.365129] ? cap_capable+0x1eb/0x250 [ 1763.365902] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1763.366980] ? ns_capable+0xd9/0x100 [ 1763.367725] genl_rcv_msg+0x33c/0x5a0 [ 1763.368478] ? genl_get_cmd+0x480/0x480 [ 1763.369284] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1763.370293] ? lock_release+0x750/0x750 [ 1763.371074] netlink_rcv_skb+0x14b/0x430 [ 1763.371858] ? genl_get_cmd+0x480/0x480 [ 1763.372639] ? netlink_ack+0xa80/0xa80 [ 1763.373416] ? netlink_deliver_tap+0x1b2/0xc30 [ 1763.374305] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1763.375271] ? is_vmalloc_addr+0x7b/0xb0 [ 1763.376070] genl_rcv+0x24/0x40 [ 1763.376714] netlink_unicast+0x54a/0x800 [ 1763.377549] ? netlink_attachskb+0x880/0x880 [ 1763.378402] ? is_vmalloc_addr+0x7b/0xb0 [ 1763.379242] netlink_sendmsg+0x904/0xe00 [ 1763.380046] ? netlink_unicast+0x800/0x800 [ 1763.380903] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1763.382030] ? netlink_unicast+0x800/0x800 [ 1763.382851] sock_sendmsg+0x150/0x190 [ 1763.383607] ____sys_sendmsg+0x703/0x870 [ 1763.384412] ? kernel_sendmsg+0x50/0x50 [ 1763.385211] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1763.386098] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1763.387131] ? lock_release+0x3b2/0x750 [ 1763.387927] ___sys_sendmsg+0xf3/0x170 [ 1763.388688] ? sendmsg_copy_msghdr+0x160/0x160 [ 1763.389584] ? lock_release+0x3b2/0x750 [ 1763.390365] ? lock_downgrade+0x6d0/0x6d0 [ 1763.391195] ? lock_release+0x3b2/0x750 [ 1763.391980] ? ksys_write+0x20c/0x250 [ 1763.392727] ? lock_downgrade+0x6d0/0x6d0 [ 1763.393559] ? __fget_files+0x287/0x470 [ 1763.394364] ? __fget_light+0xea/0x270 [ 1763.395137] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1763.396230] __sys_sendmsg+0xe5/0x1b0 [ 1763.397002] ? __sys_sendmsg_sock+0x30/0x30 [ 1763.397842] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1763.398950] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1763.399967] do_syscall_64+0x3b/0x90 [ 1763.400707] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1763.401723] RIP: 0033:0x7f406f897b19 [ 1763.402444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1763.406006] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1763.407478] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1763.408855] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1763.410253] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1763.411629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1763.413009] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1763.414414] 03:03:56 executing program 4: socket$inet_udp(0x2, 0x2, 0x0) r0 = epoll_create(0x9) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) getsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000440)) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8919, &(0x7f0000000000)={'lo\x00'}) r3 = syz_open_dev$vcsa(&(0x7f0000000040), 0x9cf4, 0x0) recvmmsg$unix(r3, &(0x7f0000002480)=[{{&(0x7f0000000140)=@abs, 0x6e, &(0x7f0000000400)=[{&(0x7f00000001c0)=""/209, 0xd1}, {&(0x7f00000002c0)=""/215, 0xd7}, {&(0x7f00000003c0)=""/54, 0x36}, {&(0x7f0000000480)=""/176, 0xb0}], 0x4, &(0x7f0000000540)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x108}}, {{&(0x7f0000000680)=@abs, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000700)=""/255, 0xff}], 0x1}}, {{&(0x7f0000000840)=@abs, 0x6e, &(0x7f0000001b40)=[{&(0x7f00000008c0)=""/84, 0x54}, {&(0x7f0000000940)=""/182, 0xb6}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000001a00)=""/233, 0xe9}, {&(0x7f0000001b00)=""/50, 0x32}], 0x5, &(0x7f0000001bc0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x118}}, {{&(0x7f0000001d00), 0x6e, &(0x7f0000002140)=[{&(0x7f0000001d80)=""/248, 0xf8}, {&(0x7f0000001e80)=""/185, 0xb9}, {&(0x7f0000001f40)=""/141, 0x8d}, {&(0x7f0000002000)=""/18, 0x12}, {&(0x7f0000002040)=""/163, 0xa3}, {&(0x7f0000002100)=""/2, 0x2}], 0x6, &(0x7f00000021c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc8}}, {{&(0x7f00000022c0)=@abs, 0x6e, &(0x7f0000002400)=[{&(0x7f0000002340)=""/154, 0x9a}], 0x1, &(0x7f0000002440)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}], 0x5, 0x20, 0x0) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f00000025c0)={0xa0000004}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:03:56 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1779.183522] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1779.184894] FAULT_INJECTION: forcing a failure. [ 1779.184894] name failslab, interval 1, probability 0, space 0, times 0 [ 1779.186144] CPU: 0 PID: 9903 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1779.187038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1779.188278] Call Trace: [ 1779.188565] [ 1779.188813] dump_stack_lvl+0x8b/0xb3 [ 1779.189250] should_fail.cold+0x5/0xa [ 1779.189678] ? create_object.isra.0+0x3a/0xa20 [ 1779.190187] should_failslab+0x5/0x10 [ 1779.190610] kmem_cache_alloc+0x5b/0x480 [ 1779.191077] create_object.isra.0+0x3a/0xa20 [ 1779.191566] ? kasan_unpoison+0x23/0x50 [ 1779.192015] __kmalloc_track_caller+0x25e/0x430 [ 1779.192536] ? kstrdup_const+0x53/0x80 [ 1779.192970] kstrdup+0x36/0x70 [ 1779.193330] kstrdup_const+0x53/0x80 [ 1779.193738] __kernfs_new_node+0x9d/0x8b0 [ 1779.194207] ? kernfs_add_one+0x3c6/0x550 [ 1779.194668] ? kernfs_path_from_node+0x60/0x60 [ 1779.195188] ? lock_is_held_type+0xd7/0x130 [ 1779.195663] ? find_held_lock+0x2c/0x110 [ 1779.196112] ? lock_release+0x3b2/0x750 [ 1779.196543] ? sysfs_do_create_link_sd+0x82/0x140 [ 1779.197074] kernfs_new_node+0x93/0x120 [ 1779.197535] kernfs_create_link+0xcb/0x230 [ 1779.197997] sysfs_do_create_link_sd+0x90/0x140 [ 1779.198497] sysfs_create_link+0x5f/0xc0 [ 1779.198936] device_add+0x660/0x1e60 [ 1779.199342] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1779.199932] ? kfree+0x217/0x410 [ 1779.200309] device_create_groups_vargs+0x203/0x280 [ 1779.200849] device_create+0xdc/0x110 [ 1779.201269] ? device_create_groups_vargs+0x280/0x280 [ 1779.201821] ? queue_work_node+0x350/0x350 [ 1779.202280] ? init_timer_key+0xd1/0x110 [ 1779.202724] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1779.203217] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1779.203741] ? init_timer_key+0x81/0x110 [ 1779.204187] mac80211_hwsim_new_radio+0x382/0x4900 [ 1779.204722] ? lock_is_held_type+0xd7/0x130 [ 1779.205212] ? hwsim_virtio_rx_work+0x360/0x360 [ 1779.205693] ? lock_release+0x3b2/0x750 [ 1779.206125] ? __kmalloc+0x25b/0x440 [ 1779.206533] hwsim_new_radio_nl+0x9ab/0x1050 [ 1779.207007] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1779.207566] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.208169] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1779.208881] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1779.209600] genl_family_rcv_msg_doit+0x22d/0x330 [ 1779.210124] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1779.210824] ? mutex_lock_io_nested+0x1310/0x1310 [ 1779.211345] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.211940] ? cap_capable+0x1eb/0x250 [ 1779.212374] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.212968] ? ns_capable+0xd9/0x100 [ 1779.213401] genl_rcv_msg+0x33c/0x5a0 [ 1779.213819] ? genl_get_cmd+0x480/0x480 [ 1779.214248] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1779.214802] ? lock_release+0x750/0x750 [ 1779.215241] netlink_rcv_skb+0x14b/0x430 [ 1779.215680] ? genl_get_cmd+0x480/0x480 [ 1779.216108] ? netlink_ack+0xa80/0xa80 [ 1779.216540] ? netlink_deliver_tap+0x1b2/0xc30 [ 1779.217038] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1779.217570] ? is_vmalloc_addr+0x7b/0xb0 [ 1779.218015] genl_rcv+0x24/0x40 [ 1779.218368] netlink_unicast+0x54a/0x800 [ 1779.218810] ? netlink_attachskb+0x880/0x880 [ 1779.219275] ? is_vmalloc_addr+0x7b/0xb0 [ 1779.219718] netlink_sendmsg+0x904/0xe00 [ 1779.220155] ? netlink_unicast+0x800/0x800 [ 1779.220614] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.221222] ? netlink_unicast+0x800/0x800 [ 1779.221661] sock_sendmsg+0x150/0x190 [ 1779.222080] ____sys_sendmsg+0x703/0x870 [ 1779.222520] ? kernel_sendmsg+0x50/0x50 [ 1779.222947] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1779.223435] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1779.224007] ? lock_release+0x3b2/0x750 [ 1779.224441] ___sys_sendmsg+0xf3/0x170 [ 1779.224864] ? sendmsg_copy_msghdr+0x160/0x160 [ 1779.225364] ? lock_release+0x3b2/0x750 [ 1779.225794] ? lock_downgrade+0x6d0/0x6d0 [ 1779.226244] ? lock_release+0x3b2/0x750 [ 1779.226670] ? ksys_write+0x20c/0x250 [ 1779.227080] ? lock_downgrade+0x6d0/0x6d0 [ 1779.227530] ? __fget_files+0x287/0x470 [ 1779.227971] ? __fget_light+0xea/0x270 [ 1779.228391] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1779.228988] __sys_sendmsg+0xe5/0x1b0 [ 1779.229393] ? __sys_sendmsg_sock+0x30/0x30 [ 1779.229858] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.230472] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1779.231030] do_syscall_64+0x3b/0x90 [ 1779.231432] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1779.231983] RIP: 0033:0x7f406f897b19 [ 1779.232377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1779.234359] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1779.235168] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1779.235928] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1779.236681] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1779.237450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1779.238174] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1779.238952] 03:03:56 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:03:56 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 41) 03:03:56 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf0ffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:03:56 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0x0, 0x700000000000000}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:03:56 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xeffd, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1779.289000] blktrace: Concurrent blktraces are not allowed on sg0 [ 1779.290687] blktrace: Concurrent blktraces are not allowed on sg0 03:03:56 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x5451, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1779.309769] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:03:56 executing program 0: syncfs(0xffffffffffffffff) r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) signalfd4(r0, &(0x7f0000000080)={[0x7]}, 0x8, 0x80000) r1 = epoll_create(0x9) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x442, 0x1) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000140)) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c5, 0x4}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:03:56 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000040)={0x0, 0x5}, 0x8) syz_open_procfs(0x0, 0x0) 03:03:56 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:03:56 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 42) [ 1779.420186] blktrace: Concurrent blktraces are not allowed on sg0 [ 1779.428255] blktrace: Concurrent blktraces are not allowed on sg0 [ 1779.475037] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1779.476258] FAULT_INJECTION: forcing a failure. [ 1779.476258] name failslab, interval 1, probability 0, space 0, times 0 [ 1779.477638] CPU: 0 PID: 9930 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1779.478501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1779.479908] Call Trace: [ 1779.480175] [ 1779.480405] dump_stack_lvl+0x8b/0xb3 [ 1779.480823] should_fail.cold+0x5/0xa [ 1779.481231] should_failslab+0x5/0x10 [ 1779.481638] __kmalloc_track_caller+0x79/0x430 [ 1779.482120] ? kstrdup_const+0x53/0x80 [ 1779.482536] kstrdup+0x36/0x70 [ 1779.482875] kstrdup_const+0x53/0x80 [ 1779.483263] __kernfs_new_node+0x9d/0x8b0 [ 1779.483708] ? kernfs_add_one+0x3c6/0x550 [ 1779.484161] ? kernfs_path_from_node+0x60/0x60 [ 1779.484675] ? lock_is_held_type+0xd7/0x130 [ 1779.485145] ? find_held_lock+0x2c/0x110 [ 1779.485611] ? lock_release+0x3b2/0x750 [ 1779.486057] ? sysfs_do_create_link_sd+0x82/0x140 [ 1779.486599] kernfs_new_node+0x93/0x120 [ 1779.487042] kernfs_create_link+0xcb/0x230 [ 1779.487505] sysfs_do_create_link_sd+0x90/0x140 [ 1779.488022] sysfs_create_link+0x5f/0xc0 [ 1779.488472] device_add+0x660/0x1e60 [ 1779.488896] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1779.489520] ? kfree+0x217/0x410 [ 1779.489907] device_create_groups_vargs+0x203/0x280 [ 1779.490460] device_create+0xdc/0x110 [ 1779.490875] ? device_create_groups_vargs+0x280/0x280 [ 1779.491440] ? queue_work_node+0x350/0x350 [ 1779.491911] ? init_timer_key+0xd1/0x110 [ 1779.492377] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1779.492876] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1779.493419] ? init_timer_key+0x81/0x110 [ 1779.493872] mac80211_hwsim_new_radio+0x382/0x4900 [ 1779.494419] ? lock_is_held_type+0xd7/0x130 [ 1779.494900] ? hwsim_virtio_rx_work+0x360/0x360 [ 1779.495409] ? lock_release+0x3b2/0x750 [ 1779.495848] ? __kmalloc+0x25b/0x440 [ 1779.496271] hwsim_new_radio_nl+0x9ab/0x1050 [ 1779.496753] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1779.497339] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.497950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1779.498685] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1779.499414] genl_family_rcv_msg_doit+0x22d/0x330 [ 1779.499951] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1779.500671] ? mutex_lock_io_nested+0x1310/0x1310 [ 1779.501212] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.501820] ? cap_capable+0x1eb/0x250 [ 1779.502266] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.502872] ? ns_capable+0xd9/0x100 [ 1779.503304] genl_rcv_msg+0x33c/0x5a0 [ 1779.503730] ? genl_get_cmd+0x480/0x480 [ 1779.504166] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1779.504736] ? lock_release+0x750/0x750 [ 1779.505193] netlink_rcv_skb+0x14b/0x430 [ 1779.505659] ? genl_get_cmd+0x480/0x480 [ 1779.506093] ? netlink_ack+0xa80/0xa80 [ 1779.506525] ? netlink_deliver_tap+0x1b2/0xc30 [ 1779.507029] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1779.507587] ? is_vmalloc_addr+0x7b/0xb0 [ 1779.508039] genl_rcv+0x24/0x40 [ 1779.508400] netlink_unicast+0x54a/0x800 [ 1779.508848] ? netlink_attachskb+0x880/0x880 [ 1779.509334] ? is_vmalloc_addr+0x7b/0xb0 [ 1779.509791] netlink_sendmsg+0x904/0xe00 [ 1779.510248] ? netlink_unicast+0x800/0x800 [ 1779.510715] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.511335] ? netlink_unicast+0x800/0x800 [ 1779.511810] sock_sendmsg+0x150/0x190 [ 1779.512244] ____sys_sendmsg+0x703/0x870 [ 1779.512697] ? kernel_sendmsg+0x50/0x50 [ 1779.513143] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1779.513661] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1779.514253] ? lock_release+0x3b2/0x750 [ 1779.514699] ___sys_sendmsg+0xf3/0x170 [ 1779.515134] ? sendmsg_copy_msghdr+0x160/0x160 [ 1779.515636] ? lock_release+0x3b2/0x750 [ 1779.516075] ? lock_downgrade+0x6d0/0x6d0 [ 1779.516529] ? lock_release+0x3b2/0x750 [ 1779.516969] ? ksys_write+0x20c/0x250 [ 1779.517396] ? lock_downgrade+0x6d0/0x6d0 [ 1779.517862] ? __fget_files+0x287/0x470 [ 1779.518314] ? __fget_light+0xea/0x270 [ 1779.518746] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1779.519354] __sys_sendmsg+0xe5/0x1b0 [ 1779.519779] ? __sys_sendmsg_sock+0x30/0x30 [ 1779.520248] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1779.520865] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1779.521454] do_syscall_64+0x3b/0x90 [ 1779.521875] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1779.522434] RIP: 0033:0x7f406f897b19 [ 1779.522843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1779.524838] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1779.525688] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1779.526478] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1779.527246] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1779.528016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1779.528807] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1779.529618] [ 1794.656337] blktrace: Concurrent blktraces are not allowed on sg0 03:04:11 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x1000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:04:11 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x5452, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:04:11 executing program 0: syncfs(0xffffffffffffffff) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$FICLONE(r0, 0x40049409, r2) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r4 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r5 = dup3(r3, r4, 0x80000) perf_event_open$cgroup(&(0x7f0000000140)={0x2, 0x80, 0xb8, 0x1, 0x5, 0x3f, 0x0, 0x20000000002, 0x820, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8f7a, 0x2, @perf_bp={&(0x7f0000000080)}, 0xa70, 0x1ff, 0x5, 0x5, 0x8, 0x40040, 0x6, 0x0, 0xc, 0x0, 0xae}, r5, 0x1, 0xffffffffffffffff, 0x19) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:04:11 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xf000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:11 executing program 4: r0 = openat2(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x121440, 0x2, 0x10}, 0x18) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x10001, 0xa, 0xe, 0x8, "cae21363854bb2854bb8e27fd1f82c3daf76b024b05bfd4c309e47e7fdedd813eb10f041057ae05c922bb675a6967c62bece859dcedb02e8f66c5952100a7160", "8c1d01c7233df229447dce729244eee1ea0a4f11e8efffe5b88adc8a8050781f", [0x0, 0x9]}) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r2 = epoll_create(0x9) r3 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000440)) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'veth1_to_batadv\x00'}) syz_open_procfs(0x0, 0x0) [ 1794.670003] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1794.696151] blktrace: Concurrent blktraces are not allowed on sg0 03:04:11 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:11 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 43) 03:04:11 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:04:11 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:11 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfdef, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1794.774280] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1794.776798] FAULT_INJECTION: forcing a failure. [ 1794.776798] name failslab, interval 1, probability 0, space 0, times 0 [ 1794.779103] CPU: 0 PID: 9955 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1794.780738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1794.782966] Call Trace: [ 1794.783488] [ 1794.783930] dump_stack_lvl+0x8b/0xb3 [ 1794.784702] should_fail.cold+0x5/0xa [ 1794.785488] ? create_object.isra.0+0x3a/0xa20 [ 1794.786398] should_failslab+0x5/0x10 [ 1794.787155] kmem_cache_alloc+0x5b/0x480 [ 1794.787977] create_object.isra.0+0x3a/0xa20 [ 1794.788850] ? kasan_unpoison+0x23/0x50 [ 1794.789673] kmem_cache_alloc+0x239/0x480 [ 1794.790514] __kernfs_new_node+0xd4/0x8b0 [ 1794.791347] ? kernfs_add_one+0x3c6/0x550 [ 1794.792189] ? kernfs_path_from_node+0x60/0x60 [ 1794.793111] ? lock_is_held_type+0xd7/0x130 [ 1794.793979] ? find_held_lock+0x2c/0x110 [ 1794.794795] ? lock_release+0x3b2/0x750 [ 1794.795652] ? sysfs_do_create_link_sd+0x82/0x140 [ 1794.796642] kernfs_new_node+0x93/0x120 [ 1794.797468] kernfs_create_link+0xcb/0x230 [ 1794.798312] sysfs_do_create_link_sd+0x90/0x140 [ 1794.799238] sysfs_create_link+0x5f/0xc0 [ 1794.800049] device_add+0x660/0x1e60 [ 1794.800799] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1794.801895] ? kfree+0x217/0x410 [ 1794.802601] device_create_groups_vargs+0x203/0x280 [ 1794.803593] device_create+0xdc/0x110 [ 1794.804350] ? device_create_groups_vargs+0x280/0x280 [ 1794.805366] ? queue_work_node+0x350/0x350 [ 1794.806225] ? init_timer_key+0xd1/0x110 [ 1794.807042] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1794.807947] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1794.808930] ? init_timer_key+0x81/0x110 [ 1794.809764] mac80211_hwsim_new_radio+0x382/0x4900 [ 1794.810741] ? lock_is_held_type+0xd7/0x130 [ 1794.811608] ? hwsim_virtio_rx_work+0x360/0x360 [ 1794.812528] ? lock_release+0x3b2/0x750 [ 1794.813317] ? __kmalloc+0x25b/0x440 [ 1794.814083] hwsim_new_radio_nl+0x9ab/0x1050 [ 1794.815102] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1794.816410] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1794.817849] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1794.819231] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1794.820582] genl_family_rcv_msg_doit+0x22d/0x330 [ 1794.821587] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1794.822930] ? mutex_lock_io_nested+0x1310/0x1310 [ 1794.823893] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1794.824985] ? cap_capable+0x1eb/0x250 [ 1794.825793] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1794.826887] ? ns_capable+0xd9/0x100 [ 1794.827643] genl_rcv_msg+0x33c/0x5a0 [ 1794.828403] ? genl_get_cmd+0x480/0x480 [ 1794.829192] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1794.830243] ? lock_release+0x750/0x750 [ 1794.831047] netlink_rcv_skb+0x14b/0x430 [ 1794.831854] ? genl_get_cmd+0x480/0x480 [ 1794.832648] ? netlink_ack+0xa80/0xa80 [ 1794.833442] ? netlink_deliver_tap+0x1b2/0xc30 [ 1794.834360] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1794.835368] ? is_vmalloc_addr+0x7b/0xb0 [ 1794.836185] genl_rcv+0x24/0x40 [ 1794.836839] netlink_unicast+0x54a/0x800 [ 1794.837708] ? netlink_attachskb+0x880/0x880 [ 1794.838608] ? is_vmalloc_addr+0x7b/0xb0 [ 1794.839455] netlink_sendmsg+0x904/0xe00 [ 1794.840300] ? netlink_unicast+0x800/0x800 [ 1794.841208] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1794.842396] ? netlink_unicast+0x800/0x800 [ 1794.843283] sock_sendmsg+0x150/0x190 [ 1794.844086] ____sys_sendmsg+0x703/0x870 [ 1794.844931] ? kernel_sendmsg+0x50/0x50 [ 1794.845788] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1794.846703] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1794.847764] ? lock_release+0x3b2/0x750 [ 1794.848578] ___sys_sendmsg+0xf3/0x170 [ 1794.849351] ? sendmsg_copy_msghdr+0x160/0x160 [ 1794.850265] ? lock_release+0x3b2/0x750 [ 1794.851060] ? lock_downgrade+0x6d0/0x6d0 [ 1794.851888] ? lock_release+0x3b2/0x750 [ 1794.852677] ? ksys_write+0x20c/0x250 [ 1794.853456] ? lock_downgrade+0x6d0/0x6d0 [ 1794.854292] ? __fget_files+0x287/0x470 [ 1794.855105] ? __fget_light+0xea/0x270 [ 1794.855887] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1794.856998] __sys_sendmsg+0xe5/0x1b0 [ 1794.857760] ? __sys_sendmsg_sock+0x30/0x30 [ 1794.858608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1794.859908] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1794.860947] do_syscall_64+0x3b/0x90 [ 1794.861722] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1794.862747] RIP: 0033:0x7f406f897b19 [ 1794.863480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1794.867105] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1794.868602] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1794.870013] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1794.871414] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1794.872815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1794.874228] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1794.875671] 03:04:12 executing program 7: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:04:12 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfeff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:12 executing program 0: syncfs(0xffffffffffffffff) r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000980)='./file1\x00', 0x40040, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000440)) r4 = fcntl$dupfd(r0, 0x406, r2) r5 = epoll_create(0x9) r6 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r6, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000440)) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000800)={r0, 0x7, 0x8, 0x8}) r9 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r9) io_submit(0x0, 0x7, &(0x7f0000000900)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000140)="a28c03d6f6f8380a7f746464cf45e9ca96fe6b2ccefe2b1fb64d462c219b9b304f2ae0006e2cffbf3ac8b9afbb86ece32a2e60ca21b3a59e4495015e52b44dc0c58538257fc59c04d9a422e18e706d7a8f5bb27cd27a5ddace3f57019f534ee71c0079dac3f3d6c61f13bce332796dfce6ad7bf59981dff5428ff005edf416e95dc95b165b44767027489000123e02facd99f4408bd038fd33bc1735640d282385a499bf39359613ca46d000d4df3d6e2251a704eb358aa60e1cde5a349c60d5049c", 0xc2, 0xfff, 0x0, 0x1}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, 0xffffffffffffffff, &(0x7f00000009c0)="d95939995d8fbc69fb365255131e58281b38d12c712fdcf15b3261257a753b9f22df92e0868bc38b6dde80717879422c18c15859edd769ba8cde2cefef32e8c73354c992563e4224365453d84467593184ba9e4a3ffee5bd78b9dbc092ae3f8d13f18e38af6ec2aef5bccdaa05723ef0d3707365f42309f9d3f803b95a9996c72684edf612037650b76848e852a4990e96659a439d1b3c8151ff4eb5056f3cdc1cc40297d7fc2f62d0da74f26bfa87e3a056e028053bc31294e69727922a76349782eb5f8bb2330cea18344a79eb28a13bfc", 0xd2, 0x9, 0x0, 0x3}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x1f, r0, &(0x7f0000000340)="8c61f991963cec97b24780df8831642ead301bea0b732b32336a29ae9c60a944dca4adaf1192ab22634f202e233952f8a6a3052a4046b01a30b89a5b68ffbfd58579e76e079e2fbe07949b2e3c51df91601556e8d89756f59ccab57060d0782e387c9296bee414cc48c09adb40f1abb9d2f044dd8dab48f23c3e81e61e1bc1886aad43fda42195765cd0cd9ae688461b8bb60db74f63a32f041df48d521cd47e9098c47c08929b971ce8295b10958da81767ace9ae73eeca588d4a76", 0xbc, 0x4, 0x0, 0x5, r4}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f00000006c0)="5342ed063d0f16b3b014c8cd5892ce2e8e6316ea3b3f09b93bba47551013a83e6e6245b2f0f5a6079fa0a8cb1bb0e98b246a3ba45bff2aa0114f7d1cb25753027781fe1462b94ad48d7eebb442644d3ae146552b6c9223cd6302e11978ea6475ced366eea183e82f421131b4855833b0a6b3258c4d90a4adcf901085fb24b2f60da217262e0e8f67bc208bcf7e00c9efc49f8c3a01acda5bbffc7b824dc68b59781277354d737e", 0xa7, 0x2a, 0x0, 0x2, r2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x7, 0x4, r6, &(0x7f0000000780)="3e8ade5c6f72cf995f72f25ff03850bcb591c62c06e1a9c249ac8b60123a8b484bb70ff6f4ebc0d4c234fd70b34900645a104c4f7bff0f8a7d3d9a3094628cb7e7ff31bf9a2abdf7788bdd0b39d6bcc442b5e72b5fc42d99ae", 0x59, 0x8, 0x0, 0x2, r2}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x7, 0x3, r7, &(0x7f0000001040)="f29d12a282258c2c141b2da78d5bd3c8f4a77cfc0c1d1d7541d52c0e316d257907456aa6fcb61b9544db353bc005e65cd4ae5ca891a0c770428e411f7896cc093b938dde9b72a969773d26de27ffec72ba7dbd4bf1fff1a6e84e0e5bff37574afe994580b7d279a4e1b3001f05cecde5189a3ca7f14d57a1d500a6874b864ca441da36c0cc7f14d0785a8db5a8e7c2e55b55760d7a3b148c198566beffb165bbcccc386482c4ddd723e48376ac0a061af50f334b5d2b43dde74b33d1f80ced188ba4a767b2c36760692d09fa544d49eac5631136f52dc38ee1f17614905beb36268cf0da99a8c11890461f701bb342e5ca74a58d69b0a2a6df01b2109a5ea0c193d4c6e8b0a0309dbc1fb8c4ed0fccbc3d0f0b1dcb28f635d50508e84b3fd38a3d2fcd2a70da1c28499d52157b62b2ded130fce362c6c8d91e37b87829250dcc5d8a67c6bcb59951394d29540be766083c7629469ee758b22ac2aac258df1e02a891f787b954e0c6db5cbd1861ffcbbefd37d2bbbf1cd5c594c8f229bcc1fc7e223e9440c39e19a425344b77c2535115ab01d9be461af92c8daf4cf9ab39da93c3d6cf4731fc9b756327923c6be13b492e03538209ae824a619fbe03b33484ab46cb5162e55afa0a5a531da4131dfdf839c7299639f86cc1a55586488433a9b85c95fc71a8e88cb4c632ae2ba65787f217cf4f3a872409d4531b8f6a272aaa37d18b4968c2672156efe0650d21e7ad1bc0a25e43264ad1c50048d79fc31ecf66e7fa0784a8a8342f0b92ca4b9d336b334f6bc87c115dffc9d42bcca365248efc0ed90a250b838ad0a7a53cb974c8be31661e714adddb164c4743866260433659a54f18ac6c2a146dce586a371d2ba812a9248d04a4d7ca229c086aef868679d20368dece72dbb119a0ca04b32fa21dd02d7fe726e08a0e5c326754c30e8f5d8ca839df7530ef847069b38d74f898ab94108021c14622a283c371839273c22c39e274840a54825263fd61bec3d280199d45827342b03cfbcf0a00db682a60c13ed26f88f5164dc9e51c320b2f304618050ed3a377acbc74a53a2df0addd0b1253bf4f34d1fe64fb2cb8d6913b752d449f4605d6a694064408a123b15d190e0039c0670a11078daa3af209422bed0c0995c9f831fdb16c36152182a65aa6896991c040456124d3768f10f49be856a8095971b46774d5ae2a6ad159b6d617148951052c0721ea0e79d26c000773722c007469b16ce3d46260ea72d740b677f1b6e641764efedfc1ff13bfef1de55139654a03004b41953ab4cf5059422dd83c6e7b5b9446a4db79db48aa5cbb5fab75989903d27f7d5c88a2ae331475e553179a54260808db1627e97edf818ae4923f802a71b52f43272947e72cf08b7b85ceff3cdcd9c236e0cae1210456789ebc7c756d3fac2dcf100f795794682bb6690adadcdbde1ad4734831d7cdcc695b8f1855415712d13d8080af5dcc76d9446ffad88a6b9768bb018e109e5cbfc7c57b16073901e9fe440a744e50907952c75e97c5652bc669dae53d21fd47cfad4cb12d7b80610f7acd862da7c9ab9f5ec21201dfdae4ba1c2adbf6041a4a3666d8bec53049f464702d6bbcd3791b43a0cb914192e76f7036158c09926c7c3d22deeae32406510af3605cde8bd33e8c928309e03673240e2557c51f0b5c758c12b6f5966dd59accde2380f1c6238b30be1ba3e1cf3ee91b7feba871f570079e4c9311fc294478b30cacb2e04986864a70116b0b1284925083a21ed842e8b130a3bb1da39f2cbbc300a3c0ef261488581a862d19081ea61f215dbf9480e30b21dc244e159feb5dfca061f716cbf549505fdd1dbc5238b5db1d25c0d2e4adbf8b3aabc589971e0ddeda18f8fc5e1a9f3728f2253d55d9a88adf1591d3596b829ca9820e779cd339cf3d16965ae35b2a377d8a58c4813bd095e07831815a609f3cdad4f057a026e0bb61b1301fffa63dfc9480e7befff0b1fe7578ba16f6c6835e6f8dd79ad75ce0a06de782c31fb3ee2397c8675474e446976c1733d26e9bc7d974e92b1339a7288b82fb05ef89dcb62c6229ca7fe87301a1edc931fac4332393a43147a35638f055ff534d095b68484854c484c8e26bbbc7b2eb6eb2f40975a330c24ad0561584de9118dcd3a89241f35e7bf78c1efac10168db1d9c37d07043b8c5fbc6b30cf1269d7ee66143b3f78007303ce969c5f365d8b689e095aa76d435f11c9ee6c3ede51e444f08b9109d4b06bf7ac4c673f8d015bae2da1e627117d5e46e9aaa9585d659ef250b2aedd3ae52128de85477b154a3b15ec831b02893920da3ae05d84da2d260f9e0df27d779814acec8e20bbd4877623f40be5b6504c20f97eef701dab0427fec09668740d625ce259c0002234a7a5325a4c167839b7049f5e3d5d5f3c164f245db9b193a269c86ea0aee1e6244b55df20a09d4131c0521effac9dcd772cf59850574df77c45e3572da8bc5a9266a8c5de075d8a56a263ea7a8ce3476ae270ecaf986329508273aa281447a23aa355637e82f1e1f53a954126561b9c79f25e9cde4bfc3012f5f5ba7ca049c27701146efdcd24a514314182d652de179ff128b97d2661bf5e7e6a0fd2e22781370873d1d91f06a414006246319f18237f873d6aa09eea6bb8b9d03fe77b951b4a7341884a5ee350fb0d3a1272dd3b17451b59bc82abe7b018871b0c9f5e6bbb36bc89333dd8d9eb2122447d465e7efea98616f5f9e5b5d938ef7e74decc89f8bb9c6d4534674e923e9593346c1703ad1616111ad09ffeb9e0126c90d771ea56bd43996749f3b3b5615fb8cde8a31ced9c3f5e57df1b046d0a89decdfefeb7adb4cea896f7ccbf73de65136d04a366b66170eed4f7c9463fc3d328e931c8c15cbe2c55ae038954e0c09f1524ddc286c05a6a53b45c1c4e54b827d73d3fbd8635ab56957e39117e356a560a7fffd03f4f227c35f4f4b441a92a60798e10fd1e9a92beb813e8bdbdcbf25aa31715344a657a4896411c524325d9fbcfeb08114b2849fd39172e2da5fea735099c9b283aa7752251a7ac759e5b616e10f8b91f2c7174d083e7b5dd5354f377a8d4fafb8d4a0d2af179becee2be9b9d29e0b9ad9dfc0ff52444a7d00cc7468726582f8814e76e4a9ebdf7e33489876fce61b9a39218e7512bfdadfba287f310ec977134f6c473e35337754c612b4d75fca55c096ef17502535263b4d164b92b834dbd6f0c52b1eccd693d6030ccd63b577d3d14c59b6e06a339110e318fe6c86287268f180d630d50a357c51d075a890dc5d3cfa8ab1ba0398454f95d80250a36d6e9cd7afd5290eee5c57718fa7b4dbd3818bc2ad1b5db3213fc423ea85b9e5ae40af434797d03ab67bc4be70e4e65f4cb2b6cd68518cfbc04c41e4448606f4cf63113adb52a989a17532a5db8f4acff764cd4eab1a899815f64c12aa28ca2f0f75b9726cc629d89f11e279ca1c36d877bc7128cc452710cca98c572f6bf0dd35b8fd1d10d733d5fd4d3824bc57126c71dd3b4936f5aafc2d91ceb443f96b172414ef4bae734310dbea995abbb0f0e2d8bf5ece03d710d1681104f27925d91f342f3cb0808778c085d38198e1a4427a0520a3767b7ff1f3201c08bf27f52796fb38430b1eba17f2173d91fc82192536939f900d5d5410c74aaa71b8a7e570346e678e0ad44ea7a0818af69566809f3c825c5917b3fcbfb37e6a284faf75f9ebac1db8f729c4294a029dd4272027b74778caccc50f2a5d2b1bee1013ca7ad539ad29da23d30ef7c8408211272fc6037ac8ca3b749591bb016c338d16fb81eff1cff568c241d2dee8e8603b67a5513063101e47a21b98b2aa162aedbe38f0c66749ca00187f71ce8c2292cebeb5cf28ee8db7cdafa1afabc548df27980e2fa7ab352360e5c1881bc476f5eab46b5adb7ba2b507b662fb7b828c38bfceaaf32a7e318877326ed687276c55ff30dc33f7782bcf081b707fd9bd0a02d44d0c4917a8fdfda2f1ec6028ddd39e5051589df20eb29572659994cdd7cdf6f7b97cb428eeada7effd559b89433e9e70846d7f453a892ffd7d222474ddc6bcd80ce1f938d417584c1e43d2c99547546d351d122a70be7d6a12ad0a2f5ddb1381ec268cade0b9e0bc4d9b40ff68619840e088720ab196e92465d48e128f0d9017e92a7f6971e864a1eb49bf9fa95dc4a41dbeb05cc3735ab815dd9e85ff28ad8426ec5f36dfa3c0628e39ecd26825dbe85ea21f4f1319009868690c6c8fd863761245bcc4f7519ff1a9024b394c3b7b85032758ff9f1003720cff4a2130bbc30795dd3689eaf15b28737d8cd31a946fb28aeae0cba13aa2b1447796e753d1f9ad2e9ccc102c3128ec19f2a455d70a432690a51eb688853847d8e7965c566fa153934ac3b51622a1e120d9dda5a9c16651b36a6c9600ad0b75f2d4656cf1544291eaa9479e7a6ac5df7d049ae4f9b14854b9b024743ef4bbcfc89d34c5e9b24f14952a44a926a9028989cdc4fc469a6c0f03064bc3417f4aed19a1ab074a12d250e8c6f9a7781925f4f8b47c2e931904267e69cabcebcd417c55e709721d1486145492b89b08e12b52e1d907e8889dfcd5a44da4a7aea9708572b89617ed5736eeb2d87858fc3cf4236b7760d5ad11e98aa6d849368cc18d14873abd4ca57fc9918184174ace9478c6b3dedd330991f72bade60d999a0938fe440b2f37ea45812dea7ab147156c3abb30b5452209e6a0b762fec4bb9ee3fed88ec89e699db632db35c04dcaecabe61e0860025bd34b5a55beee263f58cb2958441b556031e28134fba694ebc889253ee4c95c8dd94753736e1da0bfc94973e14ffdde57effb85966103c7cd713b96acbb28c612988803a06d321d525bbb1b68231d9b9bca3d91268bb82e3a70e86e4743b52aef45e88357be670c3431a716a2161d2859f550f1100778a29ed4441960bf27b19fba7282bb3166bd285a864c3dffeb0864c49c1ee8fb31fb84618f66bd21b2b8ff798697177725e32aefe6605af8f989efe33d29d3b42642ba1ff063795e46d967aa6a24e65031e1dbbd294d8da45164dd5bb6161d170c1dec3c5b6bc63730de985cc52ddfd00ac9c5611505a3243d21d5fb6c5db2fc1ec2bb0c3ed5a7dad901eaa4193b36038dbfecdbef1df21e538132169753f032f4781130b4f39cd5d0ef6ff4a1940b1fdc7136256a3a6ab57bb0af5fd2f4820f3b2ecdf0f2368cd4f453b5623222163b80b94f52a9826f9352851c823adb97eb30e73374fd9c3c4101c3445d318f4490f84e2fe87c5e611ca9211c44887a6e000506869ff78794a7b102210b3da4aac12cece0938f14e1fef4ed9a51098717e6750fe3d25c0fd50ac4e84fff31ab22ee47f43d03ab7d805ecdba02124cd67fdd71cd5b4314da590e74281d09e763a73c7ee22e87606db86067b9f77b317e787908cde9bce87b2e67ab3aed7a588bbb6bbcb3cc96ade1dd7fce48ccef92b4e0b84962c6015638701a8512cfe6e4f7038b45554e7d9a525de19826a76a6daabcba1bd88d8153b5d1d1fb868bc40ec200d6408e121a68b237a80507d9b576cf7f85d12486a360266b1ffb9db996ff8a5681d3f6ccb1efcac455725df16c950e57d6884ba5fb39c88bd095ad5967dc909a8511703ffe9e55e1579661f426de668aeb25e416b80eba422b7837fb6397fbe88ba1c4d0d013d8d7928509f11c91d406ad89f95d1c2a3bd00ac406862355a9f44903c86b9feec432f3a560b28d915737da1d82652672f3c03589bcffeb95a394e7eaa5ff035ab6f07636", 0x1000, 0x7fff, 0x0, 0x1, r8}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x7, r0, &(0x7f0000000880)="cd00743fe013b0a4bbffd0128e54fbee9bf695b7cee05a2335d8e242da2cda0df42cca6e852fe968869e", 0x2a, 0x2, 0x0, 0x2, r9}]) 03:04:12 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x5460, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1795.002895] blktrace: Concurrent blktraces are not allowed on sg0 03:04:12 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000040)={'veth0_to_hsr\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x12) ptrace$setopts(0x4206, r2, 0x100000000001, 0x44) ptrace(0x4208, r2) ptrace(0x10, r2) syz_open_procfs(r1, 0x0) 03:04:12 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfffe, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1795.258849] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:04:12 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x2000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:04:12 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:12 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'syz_tun\x00'}) r1 = accept$inet(r0, &(0x7f0000000140)={0x2, 0x0, @empty}, &(0x7f0000000180)=0x10) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f00000001c0)={0x0, 'wlan0\x00', {0x1}}) syz_open_procfs(0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r2) r3 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000200)={'veth0_to_bond\x00'}) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f00000002c0), &(0x7f0000000300)=0x30) getsockopt$inet_udp_int(r2, 0x11, 0x67, &(0x7f0000000040), &(0x7f0000000080)=0x4) 03:04:12 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:12 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x40049409, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:04:30 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:30 executing program 0: syncfs(0xffffffffffffffff) r0 = epoll_create(0x9) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f00000006c0), 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000740)=""/194, 0xc2}, {&(0x7f0000000840)=""/147, 0x93}, {&(0x7f0000000900)=""/220, 0xdc}], 0x3, &(0x7f0000000a40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}, 0x2001) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000d00), 0x40, 0x0) r4 = epoll_create(0x9) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000440)) lstat(&(0x7f0000000d40)='./file1\x00', &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$netlink(r1, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000001040)={0x1100, 0x38, 0x200, 0x70bd26, 0x25dfdbfe, "", [@generic="c904d7463976095bd6fd04d000fb23036c74347a81ee31b0e3cbb280b73e5c71673814fe5edda36fce36b59d9398ab9d721be93305e7c296ed2e5bfb52aaf26d2bd6cb464a55e41b908141d76cbcdf7c01dd06a56ffc409ec954c49b15b96f61fe15d417408aec2e740ee86e2929c73130f0442fdecc85402ef00d9860c03d2ca3468cee42acc44595d38706a54c802e624439da9301c0b950c0cced300bfc988f5df3eb7d7e4fce3142c614095e5733931621095948eff1e445aa035c65f976d876cecf72318deaec47720cb925bc5f00bec4ed975b52028a780dfa4933bb5b2ee919c5858654b61dfbab48e4d7a48a", @generic="746743672fd1b59a1a8a753be8c240fd27b52c466f16adb15c30c97139f0f8508274a4e3122cc714871a23626e349adfa2b14d756a3850cd8841a6fd264ea39235c1d72b207fc910f0b57046ec3e07dd8bd201d0691ab38f34514b8f75403ed0ef60763cd9e50dcab12666736b89d35ed23bbae4a6cba0d87ecea5e2654b030df09f855bdd9622d4c0e41f22661ed182b051780515c9343552321ecdbb87ca6e4acddcf988bfec2a9bd3ff94bf51fca26d487ecb3eb72842b37fd86e2617e7a2394d6a79077a28276f2cac1af73522f805065fee367147aa91caec05feac9eb01b6c711785c6774165811aa3f8031a1c379825542850b7fdb37f1dd06633aef9da59ea04d59c7dfa9d73a267da7c2c1a4618b3d2ddfa8dfc346df11d68357377fa0c8c708bfb6e48f4b61fb3609d08d45e63f6244d99691b5c7d8f2f6af1d2752b547b15f716e805597639ef5bc2f9a076b9f4c117c52fecfca69b4a90386a0a98fc56a9cdd7bc53f600c53b59791785096669d212d6e9decbad4a6adfdfbd4ee0c16c6ac7717d208fbd2a16499d5f016bcd43f52a144bbf67598fbd958207048898140ef243243087fd248bf9915311b89fb2f8890a01c49658b37c969d57a2116a881d95927cc3586def396d3cebfee3c43a98ed1662965199f4de4be87951d6d28b9f1c277edf0b510718a944398cf2c730b6ac594e7ee6b10249063c3cf5af3858dfa5e91da52dbe7cb65fc4269a7658a9b93618629204fbcad6faf09e36748f07a5b722a49058996768f5de0343e92b9a765cd26d7a011a737fb31e62f56cbab5f8aec6a763658f39eb5d530b97fbb1a93132f2c230e9301bc4c62f216d08b9202493cd5f4a7772e1840dd03692bfc543c5bf7a881983c071fe2c51ca99faae497cffdaeb71f9ee10b89e7abf60ff2d37d7a3183e056135bb5164ec3095c343f96374f3243c75d8a07cfb9c5f92d789697d29a6d25881d38c9acb386243712fdc8bde97d4b3eafccb1f056afc2addcc4e2ee8356afa92fe4f54857149dc9e6820182e0fea227b71bc5afc1c6a2aa34ed7a069515dd112291fc2a074b2835acfc0b9769983ea52e646c29a02dfa93d2d039796cd2cd025062da2cd476760e8e0d2b0335f40d2beb015c10c1ce8a33cd37d3e16fecd365a449f6514948e1faf5a431f3dd414d3fc1cbe6b82cd3a998e910fde4966c35be38260a01e0c4ce5f1e5b67fceb0ed5fa48c97f541f34a6785bc8cfe1e20c993b8688f4ab98148319e4c35cec02dc27dcfa273d19c352528fdf0d3971568f647ef881e7aa970f0eab57a422eed8c1d987c9a2516135e8da64eb8041128a4df21e2102330b466a7f88e2d323654e6f9c959470fe513e3be6ba9db01ee62c876a0613466abfec3b8dceb4a3616a06555fab8bc1598f2e573b5aae15e4a2c7acf527c0b2e51dc0320f3c2b75dcae48d81e5ce37b41954f4856b230cc84ac4775e1a420662dc5ff1a5f114c64a98291291853d15409bdeb9464a242278c0c695f6916bb38e61aa856dbe76c8739a6594ddd887615d49aa4e2181e7e011f0788c53fa85fe66c4a8bec3ead1e770b4c7660cf1196038c06444a6c33e9a9fed973043f15a6e6292e6df2abef68c614320c3b0222d1fd08529bdc4325c38c292a12ea8c397432227f0fe2b92e3b3e9825ebdcc5bd729737ccdb408eb9c5fac7521b0bd06c9985fec4534cb95606fdc98de87ee5693c4953001ebf866bdd2f3f2b0ddff7c89ca463b36de7cb819f35700c84d396f8e71ed0525bd24b70a2222da2fdf6bb62f730d7a85227a36f8a344d23d51b6442a1c872aee3c96f87c2b358671b6e603b85ad18051b637f79a0098a6e2992a48160d2568465b1c82bd63f533cd940d23838d69c50c2895e4b3453aa7cfb1b87103270d8a7d15af110d4e68dcebc365ef01a724febd5cd27c50a8998789fc76a6e1cbc100c787680017d57e0781f33731f747030607cba58ea3114ad24dd70202a270306eaecf83669174ca7741eef90b67cc84e51ab7dd738d9f580067b501a4e055aea4f52b97b923f29132e82218afde37c991881a9af9d153de7a260f0f6193608ea0df8f9c5152ec6dfbb8a81ba7bf230e4eb1491c96b2f2a0b420725ace1ffd9ce2715c067aa8ec8b6d68be9529f7aceb977515a7da324d5110664c77e851558a20d813c9c9effdb46d761d7399554d4d3c9095342525ae618a6c6a803f4ac73fe5631021e0d29ceefb6e58398c7d7db9232cff3807cdf4799699238fc6df99265cab7fdd3fc6118f67229f03357c3179ea8e9e0872c86a194c6a6ca83426b6c078f243c8f68818f25dfee716b9ac43a820f26c797cc7626da81a1279754638e2e1bf4d16cab11cd1116843696eb530d1daf41c8efa2f050e300c1fc6816cc5152f333b39c4549e8fd18cbbb086a346195762b81569a094a75999f414311017f72ed62fddd993704176ab6a006acff5f374800a4e93deb3308ebf68cb48c690a9370c767c79cf758542e2c836f11241248ce19ceeea2e916fe92a341a6c526a28b94c7e014439dec372c023534080b141cf55a4a92939cb9593f46574075deb7e4e2888fcf2f718a112676be7090a910376c3e0c93bd32a9cb749a8c7c7fd6a82dee150b7422aefcea97504d9bf3aec13ab7f26b6d5e20be4cdb8d9e32e51045c68262496849dfef18a03516f608ef736122e293a63f621bfd5f729302dc7d1acef7c0eef36dfbc953b3c2736fc02b0feef0a5532ca0febc3a1c321b56c96c2bb4fefa42d9b4897e1f9f3720fc82990c3d38b05b7896cee2619cd036191526447e0dfcbb92d3e1f9c284dd0260b79131efffa7bbe81eade438e4dad6ca3db0064a2430371e007a92a727cb97332154b75c4efe9e909192875ecf7e46c1747c0e51ab8785612ddbfc4570c42e4f9a41cfcb1d4e678d2971859e981d085e6a10e51215ff1f5fb16a6c74d3c0f0c332b6c392f98441faee598ccc185c23a0707a67474d3ca5b71285e970576ded2be74e902f8f4892ae98f7bff34f5eded2b14c40decbe48efa5d297785bea2b72397c9e40ecfe5b49bb33ff885ef58490ba28cedd9a22500a0dffe41c2e2d30b6adaa80f5d8eeb415bc2a59532e5fccee1596280ca96fe794f8db9e53e540c756319e10ad4aedf716f60661e44b659ca6357ee909b61654fb40a25f4c2501e3bc0dd5fa85394d58478090abc7b63bc6466c435bf5dd4d10456f9dbcf0acd1b61c21d3adda58bfd2fda0e515d93791433ae0f72a7aa90028ad3ea8a8f902a7a76b0f5e611748d2cee1f7a784195d4c2074f5109c4ad2e0b2c00b42d88e0454823b55dc9583d22bad84d3ae473586b60757d3c4d5a446a514beee246adaaf8abbb44c482c335511c1b489039748c23a914b24299da34e77f5cd64c852edc058482e6ddc5593629067722971672b6cc15f33d024faed6874fa4e41d4d411f0c9dd8e9b4b2b45a07aeb8bdd379c9c65d7f4f8b3182d5fd629a5f740acf802c833388b2802a9d48ccf25bc7704c06c0bbf24f5a836fa78d36f837cb3f4f7ece89cd5fd352db5fc37df51b7f2616234434f321083df81e901473c8e273d26e704de71c3481d414aff327fda545b615db3cd8622b2e48ffccafced6d4638c60ecda9a00b6371bbfe06afb8b21a2ccec2c6060839bd74a541f7148bfb1f1643ac672e732ced082e9b444e9e33abea8666dbb2c02516554037c7d59c8d8b7cd9b9b13f2a396c1e3a99932f8f1ed7179a56d193f6d3fb0d2e46ecce67d49149c7ef54051e8aef40254e7734efc7647c213c6f90de2fd07c2e76f353866289d038b5677cce925e3c5e2a85ad94a933d9a09697b204e49542bfa0186ad55db43ccfa11344a9b36c9d1a265360538e86bbab2df8b520649fec109692d4bfcb8f0f7c1b5637315d714677e6772fb83fb0b37d55e16c2d8f25040a4f1e88ea5eb6d77e90617305dfbb03d55ad8b65df8b980905546d0cc8759712aebb9e6c778b6f3ae479e7a24b8c0c291d9e9c213e374a81c1274694fd68a4d7a71155aabf8557978f4c4a9c2160eb8f9de8e4f5c0b8bcbddf9e82d74df7049fe0ce955940dd167da323892cee2f9c33099f699d33d73a056104bf47a0b319799e399bcddcdc780109dfe79fe06315c257718baaf5e7b1562253c7579149b8b8bf82f29f5fb0a3c0a2590f1cb330b65ff00a2a1d75a10d005bf6b6fd3a15733e0a4d09a6b83ce9db350205266512dc17615b1da1e5e604b8491dba48fcddc0940689d492db857d9a96b8640e48e40f5807227fa47e83df73ae8ddb66a01826c34e05b727df91384c56d1fbffac9db5149abca0a13c7965273e467566bb9f8e863ab837eae9ea5b28359887f5bf5890345b6bbdfa33f7c775fba06c270ccefba3b65486d3fc6d86b9405af496685044049b25066119d5ab7aebb43f6ba46f690a2fb26cbde8349b1b3e1d859f1bdfdb294fd3f6830e86932c58effbeb480c788c0fb96e30619753aaf24b9ec00de7cec969f93526ef8f99542d6a306b2bc7ad69e1c8ca4b5cf74bec2c954afa1671cca27cf46cd5da0e590a3e6d75116e2884c9cc7d63e2e63d6ea8ab6fe95a840c091cc74d460b9429a68f484e31726615f5c0762e318aeb0a7283bd996fa2f7f0e0258b79d8d119234781618fc6470b40b6e6b73c6ad5cd0b876aca264ab49c83ee197ba8eef1cb1d3b41b5c1f24a3900b9af16215a068c80466f487281009d756130fb60cd70d355950e07b0ea9e3fbe1999ad88b7aab334ef892b6f13720e21366a1b29501acef7a55c17672ddd98c890f90683a3ac5c874d947102e48d67549cbea7ab284c49704d906f9b2a5e04b2f279d4de407e1e6dc17796308237775435862aabda9c77bc2924c238d09c38b2bf65dabfa3f4bc37172890780661dc17473b52d6ce8b0419b52b8aaf7c88f12b11bd61025dadb2e08c0c2db79a53310a6b8e69260a97ba1032dfad5ab78a0dad859746630b22d80c2aa05f2fde21d57be84d4201c937729c50a4e774f100eca0b99fa87e193881bcf3f9da709c7977b190b6f0d149e076da1be351711384ca0fc1e866754f973ea4e86043caf8576d15181b0a33c34ffc81489f7cf2bb8dee6e1967cad00398f640e03bc66bcf33823f0620cc1d2d263e82a89e16f6c5c39a34e4746fd2512fbc0743fc2e1356da7b4ddd3ba5a734e025c1be8bdaf669902cf5eac766df86022694987328f790d9a6a4f74de582d88465d5d3cd1802679f066307ebeab17fc709fe75697fc6df48ec7cb75a9ae110cdca57b202dcdfd3bac1351166fdcf84a6bf9f34e349003e8868cc44518167955c34460ce4ec29a2e26fa9966b37c7667c3f1dcb251b4c1ac561dc66ef908b89faa27160581a9f9b09e982e5ca160c4d162ece887d4a226f0782b94326941553e346eac722675f820a920c8b5d2454c4301de572b7433adba790d31c9935ac70e3c0d53430ae753d5e7d52d59e493bcebe4a6f14f638eca5b37ece83a4e1a3a11ccc3dc251bb8cb2ca743925bd6d26e2fa31c5ed72b461bb5257784e501d4ed41c3ce748f9be206d9fdb24fcf35d0fadb1607c20f6fe6c0707158e26e63834405957cb9290341395c087c04e94d69d3d8bb9456f0f3c3b7465b03cdd23153adc4eceaf5a8cd0ada468018d75bdde3e9d7d4517fc3305b15d3b1f6de3c912160bce16fd2fa48e636e434b5b46292fd1d5a3ca05cda3157e611a36953fb1071263de2858328d6dfbd843782142419f44703631c99a00c010f1672120be38a0d487413fe3e"]}, 0x1100}, {&(0x7f00000001c0)={0x1a4, 0x1c, 0x100, 0x70bd2d, 0x25dfdbfd, "", [@typed={0x4, 0x66}, @generic="ffb7583608c9712ca55a017900263314aab13fc6b29ed9254385e2c22fadc22d9b037acd258063a8c04e0169eb70759d45da94ef3d7f675621960a4d56ce602b125478cc4a687caa4f34ff737204f9a32a90badf9b9f9e5653ef5f1b63bcd369a47f7690bf347180f9de10aa203c36c1e61d38605f1ff1e9aa4b13cf5666a984602ab78a027881fb5eeb92b55031", @typed={0xc, 0x47, 0x0, 0x0, @u64=0xe531d46}, @generic="d14e832a92bbc08663b89adc2d5a57d0d678d4e812a7286e97dcc9dc1b2543d44c4c02f7bdd22b0024a9de3cc76d0a3cbb2ac3287bc08258b36d064c723135b4f142c76e6081bde4df75cd0a7c31e8cd4127cab68c2bbe9ab3b9c1b75e06c2cd026c5bc060aee862b71da40538022fb967095a02fb613ed28920fd3285e1eda31705ba76ef24176de130d90d29efc546298370762146b62e7154f5704fc79cf8f87587ea296514650b6d7e565f6020204f51d7a918922f5de9a09579f448a9f6d78a3e8e3d795575899746c99b2f5cecdbb51254b5e21950df5320bd497e7b1544696e8f4de8bd972a77f8f0c59a90dc75344a2d"]}, 0x1a4}, {&(0x7f0000000380)={0x124, 0x42, 0x4, 0x70bd2a, 0x25dfdbfc, "", [@generic="9842f80f8bcff0129e2bda45a6196554ed5a82d172a925ff8a5565245dd5a0bb03d57628a16d2283ddedb20800ba9c203f3a23400095596719e8a6f629015d9e18217fd1a73cd417f971aa7ac6c7fe52fb7d383cea8e3dc3470484807fda54f5ecc5d4b744123a11462b7a153e8c09a9b2e5875e9d63514ca2a6404c25b97d4048da1e5f485bc90af277795c1fbe", @typed={0x77, 0x57, 0x0, 0x0, @binary="eb8c4adc2d1aed720af30a25d78c6829914cf5acd92219b863729352d540a6e7831c1a1021506c2718a2249bc097c0afbf949c0314bea0538eed242db4ac87fde36c65ff78dda4b71dc33ccc71bc10020c86c56849a09367aacf7184b0dd45c3d05dba5fe4996a95c1fabb7f56e6ba7c359ef6"}, @typed={0x8, 0x4e, 0x0, 0x0, @fd}, @typed={0x4, 0x7}]}, 0x124}, {&(0x7f0000000080)={0x44, 0x36, 0x100, 0x70bd27, 0x25dfdbfe, "", [@typed={0x8, 0x36, 0x0, 0x0, @pid}, @typed={0x8, 0x39, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x31}}, @nested={0x4, 0x75}, @generic="ebd4d1ce99063de56dafaca677621fbda729dc7943974b19422fe94a7ceee938"]}, 0x44}, {&(0x7f0000000b00)={0x5c, 0x36, 0x100, 0x70bd2c, 0x25dfdbfc, "", [@typed={0x8, 0x50, 0x0, 0x0, @uid}, @typed={0x8, 0x7f, 0x0, 0x0, @uid=r2}, @typed={0x8, 0x82, 0x0, 0x0, @ipv4=@multicast2}, @typed={0xc, 0x21, 0x0, 0x0, @u64=0x401}, @typed={0x27, 0x53, 0x0, 0x0, @binary="8c8813b5cfe17218c452189b2cc35a8a460b7f0b057c5c3698d434a445bb158d4e754b"}]}, 0x5c}, {&(0x7f0000000b80)={0x158, 0x35, 0x100, 0x70bd2b, 0x25dfdbfd, "", [@nested={0x146, 0x8f, 0x0, 0x1, [@typed={0xf3, 0x1a, 0x0, 0x0, @binary="5d2c1f4e9b8161ec692a36b3eee4db97b00a458f839f8f4e66b0903d08f69408f7e89c786b2275c1bcfc117c41fad867e491d2f015fedfdd2299eb034d0cb0e584b1e414d0c9e20c292903d0ef3fd5fc4a7d86b1b428a8c48d8eba4f7f52a024d07890f4e33b432907ecef350c4034216b164ffcfdcdb1192095fb6e7d470a37919a953463e39d3a2b1edf0a59b56cbe990a85078342f4001cdb34023af4edc50a8199bed53d462f93e7c34cb1ba6c6e4218f951cb3242dc688326990fd81d1982057f6e228a20dda1a04d17693a6bea16c6cc59ceef239ba2cf09831341b21defe0be39b44e1027345bff17bba5ef"}, @generic="831833b56b1a90e21ac66e7878afb53fef40255982b9d07a63d4d899a14ac3b3019ca877c0786f1b5ab4657c71ee476040fb8e50fa547faf4e892176e6558650b237ccd18d0e2110487615b9eae6"]}]}, 0x158}, {&(0x7f0000002140)={0x1498, 0x1c, 0x1, 0x70bd2c, 0x25dfdbff, "", [@typed={0x8, 0x8, 0x0, 0x0, @fd=r3}, @nested={0xc, 0x30, 0x0, 0x1, [@typed={0x8, 0x77, 0x0, 0x0, @pid}]}, @nested={0x271, 0x53, 0x0, 0x1, [@typed={0x8, 0x67, 0x0, 0x0, @fd=r5}, @generic="87bd843db1f25a1f8bec6c20f4b91d2ee9bed2a7a6920ed171073e9c42ce4cf14da4d8def49235f22cff1843d0ee263fbbdf9bd61e39231a4f2985bc93961a8b8c79f7cc817103ffc55f14d5542f43b8dffd5a710e44862cdc7e586020aeef709fecdc3f734f563494db461857e075caf4d158c7d4b75e692f5130a1c66a0ba66a5a08096a7539d33e9930e0fd663efbdc67ba1f0f378567f49795fccb991218e7b808209007fadec413d27c5abf4145fcbcb6cd61a435f1d6eba5163876597b35973e2e2154", @typed={0x8, 0x12, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="a37546a74ad0ba48ac6d3aa8c9ba5cd13a5b07b30e23d8f242e8e32bb89fbf69f4ddace009a898ffa8bd9b98e59198e010ef4328d5e79f98bcedd3f152efffac53786f9b11474ffd6791d54af6faff6b6bd1a7ac29e68106c9509acba5048583d55cd7306be88427373bf77fe3f3ffc5b735f7f5696818506eba9edce9c3768d230099a7c26af2704ab06552fd19c43883ec289ecbed97ab933429577546c4f25300859269d8b114bb6b959f12f246f322804011c7af417199c8efe6775aa2d4811f16498752c5683031780efc9d7c0f7577961550907193", @generic="bcc3371c3ac3b01c9967c4bb0dd6774dbec1b1726b5ff2604c0eb7ddd931f5990505d6a9d824e34d4e037471219e8a0136bf9a813bf2e3a79945014b04277a27a7f08b6f8dbe4995b9d20c7c1ffe1f1d0a0b79ae54904065309d1a349a46c4aa7d62b86e5f056249290d5a4b5e2a5b04078345be39b338b3f886701889802e2781d38fa00e96456e2eb49e3a36373b1577b095bbab481b671b71cbf513a5d5f859addd2cdf05b30a9ea630efd6d4ab6b9036094e62f943f552c4f054b042f1"]}, @nested={0x6f, 0x48, 0x0, 0x1, [@generic="837228bb8c6772c30a96d073b8a89390af918acec22d416f78df13d72b523cbb69654960ea772001e95773458c3f31c3c2a23fbd95287afb68d69844", @generic="5d70c8080e13f7ccf881db08fd0f31b88d659e4b051c2ae0c39c00b8ca58b42138e13a5f0f3ed815430905e0b38cff"]}, @nested={0x1182, 0x6, 0x0, 0x1, [@typed={0xd, 0x56, 0x0, 0x0, @str='/dev/sg#\x00'}, @typed={0x8, 0x47, 0x0, 0x0, @fd}, @typed={0x8, 0x16, 0x0, 0x0, @u32=0x9}, @generic="20f936e5a526701c72911d61aef9dffdc840b9c5f7bbd7f03c2f61da6a9df87c518d907d1e1a67ce1670ffb089f5fb71c309cb9ed0406eddeb45be3dcf49dce08546c8acc4a79dbe7f36b5a2db69df069913eebc42183c4ef3603af69d1dcc58dd6cc2048c1e3dcdbf11ea481fe1c73b5b3cd0cbcba6106dc2c2f2f9a570", @generic="44a2aa75074232246004430282fe35b07fb07b7328f43dd75a61fde8917463329c6cc292991f7d55d7ea1ff8066d71d5c04673f9fa3e5ef7621d0244dc127f", @typed={0x8, 0x18, 0x0, 0x0, @uid=r6}, @generic="d7393604906604ffd11cf17199cb04cd67be0913347cd50a1ab625dfb1238a4273b368ae8b5af3879368f281c1737aebd53aaf0c0a2e96ddf3921bd56fa75c30b6f3cc0f45569225ff1444e13f1f62c77cacbc20240056cb89cead8f9d3c257247c4c48ff0ee26998cf8a412637abdd19559a5c3a01973e93bd1a4f308c8af20033e6f68db8f616577b29d6eea699a0fdd936fd03c", @typed={0x1004, 0x12, 0x0, 0x0, @binary="ee637bbd336387fd3806504f75a1c400be4befa2f8acb00e7bad2f1b7655e098783b72c3fe87f7d5c326052ff36dca20550c6226d71d17885e1f6cd8f035bb54ace4c79af4b5c879261a6951f60583c8018b39d296e158b33ed2b6558f2049320a4e8ae297eed664dba737142a24491263be51349eda28ab08c0017a6139a1da17c533b68aee3c7ae43cd3448b7efc28a76c537704af44244c3cb5a0d4bb2182b8c4ea7db811eae222dd456bf79308e01957450c9cfef4973e82e8185129494e0496cc2f1c5cc85650e39207835c1efe666f975ebe366acab0b3dcc57d8749794ea77e80850c7a9893e371b64a1979e521b1209f1e62bb8d2aa631779429c15ad73f3f6eda6d35889e0f8896c214a670ac5e632b46295ff8c141d2ef20b50fa1ec03092c7241889193c176dbdf1ef29f18aff1159e6766fe6fd715c1710baa1813b64658c3f5ea7066cbe170640f728914becf0fbad67c04d463eb351d9d16f18bc37e337806b6d5f2837460ca96637c566b53cde41aed0c155a57b388521987e9bd1f4f1c2f4f8bdda42cc40cfa581f2feeaf52af905cae4fa583473d85bc5b20098a56bbe0c2c49ee76270a0a6dcf9ec997181e0d86051e87445c7754c619eb8528d499c0302f3685a735ab21c2d17b6c39fdf639931d370070972b8a7e6617119d746ea1929f25d19a65d87f102344e88568a8ab3a2588b25fe4725f176a99c157d30e474f5e08d3eea12b7b38c89d783fc5f92dac301116cbc1834fe3919b87023f21c3550f984b9e6e4529a73e03745a8cdcc8cb472cc646669e4a8ce12a2561e5af02ec9cc75217484abdba6baf6a7251695ce426b677e6edbb007a560ed907b037341d3b40b24b260d6e19ed43c7a6676df28143282229eebb6ab2fdbb8c92e5154dcefb0331a8a4a2052726f934be4f76c34b8aeaa4a7c1df9c84e0403f788a407770a82c9b9f7794cc14ebde75adc203813940096553cf291ead8e747767b096fb63d3cf91f896fecbf5ec45d0a872c23c5ae0bb369d5d49353f745dce97a2acea0131610434b94f0b5d08ecec590dcf62e3e762e12b97a19a873bbf838060e9c7496c535d191f6da2ed28f00e1211a2fd90c336376573b3b0002911fa3b218bb5a3014e4a374407453fca08850cee129870001ac617e636b9b13c188b5c62ed9462448553d1bb0835d8defc4c3f53cbcacbbf372a79909ad6d367df93515ff83ca57e07bf01530ef577851bf50bcc22cd33a94f6dd14d316e5838ad746a6d8b768b9a8f3f9fd7e09a94a478baadecdb9bada5e8748dbfc56cb6b8625d9a4a7ed56a41e798cbae12c6b5163c2d306427a847bdee5b4ee141762b3d981658d5426efe886830bb60789f4672e539b4360235cc3529651d211c2054648827d59a45c72508bafe02de1cfeb7327338c3c29ba2b4f63bb938b891aad11f097581c4bbcb8f3dd5d91835921f6a25f546ab9e7e7fdc67e397b9806433ccc8ae28e2abe1d31cd748ed6d009586918b854be8316b1ec2ea11cee152ce75bb46eb96097b8fb52795e1a52bf05546dd0614ade4051e27b9eb06e548441a1fa06290541f4dab0b18c48315db950bc3af60d00f595a7da47cb684d3708492f297031c1e242d8f87dccbf4edcc1666e8ac6bbd0801372646cdb850d5a63e126d7bcec9da904cffb82875080fccc87d7fc85612d4aef397630c20c9de7686be9d1cc3ef33ed67a844e3986039815c4f5b537f054e7db6d7c3b216ba821f66cb2b8d01ff782ec973d130cf66c219bf3643574d9936675c6d81420fbd62cfd26aa1ef0761ebc3043a0c4ae191cb20dd74b696af84a7379545e50b8893299831444f9deead5d073289d2439c09dc2eb84c5a2002a9469ba4d83cb3d80de63ab635d50aef5a2cee851b7c5033ee4678306e2b7e98234493c8de739c8a871d3cdd9aec828c99a51edddc67840d481ff4b5f6f7489070a275b23b3bce5efbe8998f551bfcb16b0b30d50020a5bb00bc1787c9c2bc9f9818fc46b60f97e7820cd402d01814c4e7196aeecb989b530c3280ae63fb3c780b092e5c07bb775f9f819057af50e797e97424a7304cd103dfcb21858c261228c8faf01034dbee22f64176c2caa793f0f36fac093d536e41564a6a00016fdff5bc9d64fa6521772943f481df2becfbb9ab3380e631d7d329a88910e2a92fc81b34a25ffaac81ca394ce0bc7243aff43ec5dd7c8a04446d73b94e8a10c09ab283185193096856176d01170d4ad8a0cea83a7ee0d16c0d457ec610c457b4fd077e181def8a37d0728bfd16ff19eb3f3a881da5094f945da162639f42ceed051287d335338d4da8df67a4f1a068e9c3cfe6c9534e57955803173c68f93f15e69781fd534cabf3d30ab779f21ee60d7509a83591848bfbeda5798cbdfd3959bd1e3972db1e89068583a24854869ace045ddcdc2a46d96720800a756b16ac2b4ec1b79732cea24bacf365e7504fb47823392e46ed188f980197d310c257ddab771340f8f4a6d2400b1bcf16fc888c6d8d2ea9d04cda54b28da68f2910ccff5ee4431e9e4a3718593df8ad081f0fcf7fc5f3a75f1209f83f901a3a62ce4d0bdda71f097d3394444db65b2805d8b5554c4d9ca20b372b16eaa9257e3f1ad6338e3ffe67ee91cb4e62ae1cf2d195f33ef994047969eb12299682b204571df473d071eecf3f554a5f349fe6448bfbd0971e7ae3bfe4da77cd6f9144d943c3b9fcc309c6693d550826945920110d672f2f0410c5e1aeebe868185406f90df2227d017c1d3cecc96a62ff98782c86b99b9825dc49b7ee81b8fae08a92dbb24d0a8d8216a4ce7f41ec7215357f8be30efa7bb828002cc2d817ded2f1680421fed8197734c2c1474333de8f3fe929eff4c527f5c03c0a5a63d3727aeb6e1801a79aec77aa0539a30ea8e21039ed4600c9686c50367c2c92c2f167553a41d86829a49bf591eebca24f324ed42dc3007be99107a361a80269193cd1a7bbf7a1626fe8b6b51c43594f6031804851c26972b0e9f22089e9999b6f77fd1645d7b58be278ac5eb1bf392bb9d5ceab50bbfee513904823c4b0a4acabdf4e9392139f93161c9131c10dfc0177e3e01376fe45f0411e829d81a1f0d81e366433d9d7f631c1bed42c1b9eee0f9e7610389aeff4000d1c0dac4c042ad1f618feb0a0fadbcbd988789d38541ced121ef6a3bfe237dd62a5e44151fd7e21cd9971da185cabe4ec3e00525faa0d700f741ba1edb8d1f630d4d58e80dcf862cbcf2fcc34a975e7dd2e1ed513f9aed578ecd9f7fe8da67c883268f0d576d153f9d81002903462a1276593bb11fe136f51754d1458902928b7de2cbf2ec03599badeda507bf0d3d2d3c73c8ec6b2a1071ffb8cdcc37b1e9deafc4643d3b613a629c4f41deee0eb7a3fb038d663a887e3d287d13b1ee2dfd49bb1f86252690e5b35b2155ec58b2ecd321f6def32ce2de830f02cf4eeca1978486b58eece6309332c8ece8938f53d50c684acb28bf99092a36ca91240dca98c24f0b8782094f8c911b80ca2fa9f47120480ec8f8b0b33702c554d9e96e586d79c7096f370e838e764ef8e87e899360b875f68ee17bb3ac339e43dcafa395a13140b4221284158f958779c7fb8d6b6d428ade651abbdc9b1dd3ecec84451303f737553fb1ecbe8308e73dd549ada4fe37715c47fa5a3f613306bed45822c2761aba32dbbbb3eb0fb8730483e7c6cb21800c1555171f00778dd996e0a49a5d0c897fbbcfcbac11d04da8266784aeb7cb638d763f0490d69124f0be52e0b24f1b4e2ac007f52903b4ad539ed0b7ce74b097927a79a510f0b5d8d74963311d607085e49c2cf874537472512a7d8fc902c89510f10652227b26974bcd7204ba277fe4ab8b526ac1594f01a9072eef9f6589c04c15f7a2769b0b2aee0635d6ef9845ab24ca4b1303fa7ef4f6ae8efb23688ace43da257f17cf9b0db44f305863e89771a19fcfa9018835909ae280792e07b1bd1e8376dc00640e76f78a0275fbce6c3e0265a2265c69fcfdadbef6fc3201d19c7fc028c4f3bb8fa5f85179d46c2a7a2996b67167d13c5b3bcb23605922e1103afbc058d65b8bec06fa2d225e75e52e2fce65fd63e6a62d3380d6592b3bf9dbdf6b6d0d0f659a685f1a48a64f5e15804f8a1d839771a6152fa5f1e75626dd6291a7657226d760f9cc0124e359b961ff2d795d6d65a86a8c63c67c50233f5a8dacf9ac88982284c4732a1ef6b541b2e1775a752f42b45cdec3e68cab611371ca7ae839f28df33f96787ebdb81c1d9dae45e0d33a1d335b4e664c44f28e89dc6b66a102be78f5e17e8ef6c5fd7a9dbbed1083d1c70cafab0264f99ce3c0ac39f500bb6dc78e430bb26b5a2b068d44c7c901c8a606802b8df62af6c2baac696deeb44ccb5d52d9946bc15187a865549f7b98a5eef837488231dd9de1d00367cde3ef1f2598ed1b7e6ffa7ea8d304efc31251ef1dd2dcebea217380c129b0cae227b90d337fb84082c300206c5b9f3e3ff01234aa1ffacde9a3509df09153f35d4cf2acd118ddd6d3da1ced7a490a189df71cc483212512e6186cd0850caa24dbe10c43cf748c661ff766f9a621eb814ce30d68c87734a9f3d26d9a91a3a46d0c156fee9a79c0194681cf81396d5eb02ec0f53bef2f1c90a8ede9164e748791cd3440c059784a0ee93426afaf760feff9614f02cefb32cb6a53cfb97455c67d6551fd028a24ea88d6424d316ca19de72b1da08c0ed889e7930c5c73881ba6f3ce871617bf497c1b36b8e4302c98a944ae18127f98de614d57886170e082cccddf6ebe73cb6e0f06e38fe62dcd3a33ebff3f848eefce9975500e09dcff22020ba08131d465fad341f96118fe8236257e37202a1eb05adc213c7f70bf16688da110db6fd35c6f12b65c8e9ca116c4fe7e6d86e2a81e39ea1a320fa6404ed36ceb29d7f3dc1c597db1feec129af3e3818f530aaf7140325b329353773d52d15ce45c2b4f7a76d7ddcf1253ecb641e101baed5ca08d7131eb672f7526c0698f933b12bf685bad16067c8a74ee0efaa82ee891fbae9e2dbf20b59b4cfaa300d3b56a7ca65bfb8b661eb790dd7eeeb02a96795fddab7231cdd946669929daddcdb40fb2a506da7e9bcbc97d0b8b192ba53943a21467e951dd7cd86a9d042923bb2185b015ba153d10d442cbe67f276d5a1f87baeff1903bd81dbb09478983108de66ce000fbf2567e11a528bb6935e38d67c9d5a249d7dbe52561372357dbb82f9f926dec6df57c0333708cfed0f8677cbd2c1ca8815ecb94b895e73a2b7d71192ccc615da607400b54688a2d8e4e1352c230fd7ac611aef94468d2726dd3c4a4ae63b70d18e3f0f973ddf69473e398f10f9bd46f5ff99a71a4c67262f0dd4795d45e06e00872a54f08bf414b62a00a73a830332f84eb7cd328ec94f644731aa4cc09c99d3f7d13ba2540ac0245a1c4eb54024d890f2373bf0f1189fe7810915497a38fcecb46ecf1e61fc7351a63473b7de2cfa7e1f5099a2c73b66721d98eb3360777e3d4c1619cec650d904cb49f33aa1be7ff17881170db3e959b9ff47c34d885d8b8f17cb52561f3fe5679f524ad751289818c0acae066a4b2852ff25189803650ebb9092057015c191c54847362734eab7f6b05d4dd508bf9ed6eb17a334a9c9adb1c4dccdb9b9b24ce68f9b8a4052c0be6ec95d6da80a57793098d71165e63b12e4f2c0b823a3ec9eb71f00ae922e584e22bc83dcd1aaf5c67538a4b25921f774443bc69ac2701550e0306a2461342e5e98826ab90693bcee7"}]}, @generic="a145fa8427d9a79038579b"]}, 0x1498}], 0x7, 0x0, 0x0, 0x20000010}, 0x9) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r7 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="37000000c4986475ff070000c1f2b2855a96a6295b6c0d8d0d60379f0ccc07d65d15dabae7ffab627bb8e5cd2662030000000000000075bd78bb193264ae6086d16c6fe642d9886e4af2c60dfaf9e640710e888680840e63888b06af039b6cfd81c61ece"]) ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:04:30 executing program 7: clock_gettime(0x0, &(0x7f0000004b40)) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:04:30 executing program 4: r0 = epoll_create(0x9) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_P2P_DEVICE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4004000) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:04:30 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x80000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:30 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x3000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:04:30 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x40086602, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:04:30 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 44) [ 1813.192735] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10032 comm=syz-executor.4 [ 1813.207418] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1813.219595] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10032 comm=syz-executor.4 03:04:30 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1813.280205] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1813.282433] blktrace: Concurrent blktraces are not allowed on sg0 03:04:30 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x200000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1813.376005] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1813.377695] blktrace: Concurrent blktraces are not allowed on sg0 03:04:30 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'veth0_to_bridge\x00'}) [ 1813.404047] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1813.406138] FAULT_INJECTION: forcing a failure. [ 1813.406138] name failslab, interval 1, probability 0, space 0, times 0 [ 1813.408389] CPU: 0 PID: 10040 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1813.409848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1813.411824] Call Trace: [ 1813.412281] [ 1813.412668] dump_stack_lvl+0x8b/0xb3 [ 1813.413355] should_fail.cold+0x5/0xa [ 1813.414057] ? __kernfs_new_node+0xd4/0x8b0 [ 1813.414819] should_failslab+0x5/0x10 [ 1813.415507] kmem_cache_alloc+0x5b/0x480 [ 1813.416252] __kernfs_new_node+0xd4/0x8b0 [ 1813.417001] ? kernfs_path_from_node+0x60/0x60 [ 1813.417820] ? lock_is_held_type+0xd7/0x130 [ 1813.418590] ? lock_release+0x3b2/0x750 [ 1813.419305] ? kernfs_add_one+0x3c6/0x550 [ 1813.420052] ? lock_downgrade+0x6d0/0x6d0 [ 1813.420789] kernfs_create_dir_ns+0x9c/0x220 [ 1813.421583] internal_create_group+0x782/0xb20 [ 1813.422421] ? kernfs_add_one+0x178/0x550 [ 1813.423171] ? sysfs_remove_group+0x170/0x170 [ 1813.423958] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1813.424922] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1813.425894] ? kernfs_put+0x31/0x50 [ 1813.426548] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1813.427532] dpm_sysfs_add+0x7e/0x290 [ 1813.428224] device_add+0x9a9/0x1e60 [ 1813.428906] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1813.429894] ? kfree+0x217/0x410 [ 1813.430528] device_create_groups_vargs+0x203/0x280 [ 1813.431439] device_create+0xdc/0x110 [ 1813.432129] ? device_create_groups_vargs+0x280/0x280 [ 1813.433051] ? queue_work_node+0x350/0x350 [ 1813.433817] ? init_timer_key+0xd1/0x110 [ 1813.434571] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1813.435395] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1813.436247] ? init_timer_key+0x81/0x110 [ 1813.436985] mac80211_hwsim_new_radio+0x382/0x4900 [ 1813.437863] ? lock_is_held_type+0xd7/0x130 [ 1813.438640] ? hwsim_virtio_rx_work+0x360/0x360 [ 1813.439479] ? lock_release+0x3b2/0x750 [ 1813.440191] ? __kmalloc+0x25b/0x440 [ 1813.440853] hwsim_new_radio_nl+0x9ab/0x1050 [ 1813.441638] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1813.442562] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1813.443529] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1813.444671] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1813.445809] genl_family_rcv_msg_doit+0x22d/0x330 [ 1813.446660] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1813.447808] ? mutex_lock_io_nested+0x1310/0x1310 [ 1813.448657] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1813.449620] ? cap_capable+0x1eb/0x250 [ 1813.450343] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1813.451322] ? ns_capable+0xd9/0x100 [ 1813.451995] genl_rcv_msg+0x33c/0x5a0 [ 1813.452660] ? genl_get_cmd+0x480/0x480 [ 1813.453355] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1813.454271] ? lock_release+0x750/0x750 [ 1813.454989] netlink_rcv_skb+0x14b/0x430 [ 1813.455685] ? genl_get_cmd+0x480/0x480 [ 1813.456390] ? netlink_ack+0xa80/0xa80 [ 1813.457083] ? netlink_deliver_tap+0x1b2/0xc30 [ 1813.457895] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1813.458771] ? is_vmalloc_addr+0x7b/0xb0 [ 1813.459502] genl_rcv+0x24/0x40 [ 1813.460079] netlink_unicast+0x54a/0x800 [ 1813.460789] ? netlink_attachskb+0x880/0x880 [ 1813.461540] ? is_vmalloc_addr+0x7b/0xb0 [ 1813.462280] netlink_sendmsg+0x904/0xe00 [ 1813.462998] ? netlink_unicast+0x800/0x800 [ 1813.463725] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1813.464669] ? netlink_unicast+0x800/0x800 [ 1813.465396] sock_sendmsg+0x150/0x190 [ 1813.466067] ____sys_sendmsg+0x703/0x870 [ 1813.466775] ? kernel_sendmsg+0x50/0x50 [ 1813.467455] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1813.468224] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1813.469109] ? lock_release+0x3b2/0x750 [ 1813.469806] ___sys_sendmsg+0xf3/0x170 [ 1813.470479] ? sendmsg_copy_msghdr+0x160/0x160 [ 1813.471275] ? lock_release+0x3b2/0x750 [ 1813.471974] ? lock_downgrade+0x6d0/0x6d0 [ 1813.472688] ? lock_release+0x3b2/0x750 [ 1813.473380] ? ksys_write+0x20c/0x250 [ 1813.474054] ? lock_downgrade+0x6d0/0x6d0 [ 1813.474775] ? __fget_files+0x287/0x470 [ 1813.475542] ? __fget_light+0xea/0x270 [ 1813.476423] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1813.477658] __sys_sendmsg+0xe5/0x1b0 [ 1813.478524] ? __sys_sendmsg_sock+0x30/0x30 [ 1813.479472] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1813.480709] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1813.481610] do_syscall_64+0x3b/0x90 [ 1813.482286] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1813.483178] RIP: 0033:0x7f406f897b19 [ 1813.483809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1813.487228] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1813.488529] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1813.489739] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1813.490949] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1813.492161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1813.493363] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1813.494611] 03:04:30 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:30 executing program 0: write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000480)={0x27, 0x37, 0x1, {0x2, 0x0, 0x1, 0x0, 0x9, '/dev/sg#\x00'}}, 0x27) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000740)={0x0, 0x2, 0xffffffff80000001, 0x400}) syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.pending_reads\x00', 0x101102, 0x80) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000004c0)) stat(&(0x7f0000000440)='./file1/file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000100)='./file0\x00', r2, r1) syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x7fff, 0x4, &(0x7f0000000300)=[{&(0x7f0000000180)="498e6bc78d273156c3d9bc28b78f5c0ba596a9e4b03d9e5a978acc234ab8d50be79d30", 0x23, 0x7}, {&(0x7f00000001c0)="e724636595a816a8201c717814db0b9abb058c8c6c5725e997a4e3ae5178879f11e52d07d84314e87fa961e1c9ed1bd8df3306fb062a1230e3716221c62a1faa7c90d1f1d7a8cb713da7ad2d5fba060952afc8f8a20f5121410f3c818c7520ce1375a08bf1c83100f9f4685d36a00337a75b4ccf37ba9a8a62579a467b54dc06ffeb2d2d5dff79234ce44d0607d78a82bca4208d97", 0x95, 0xffffffff}, {&(0x7f0000001040)="4ec6f1166507a1028c80969a61f68e00f79b0cabbf27237f6234fcabad2d1990c04ec6656542a494bca5c2fe8af7a8f739dc58ebb0d1666e62fe41b16a94241aa4b5b63c062ecb181430ad33fca88a799240bb8ccf998565a5d20a604bd2172d0ecd9244061e7937a7d4023dfc46d3e5abe9b0cf247beda618f2e6b5b7106d910fe31f93bd7d09217d86dd95fb5ca47625fdb19a67b911a3237a8d322e90d31b769c0e2f1fbf042681148cfc8eb7a53a8c93f827103cf7ab851cfc36951bdedaee50a5ed8be5456eeaecbd66dda47a441925fb1e5b8d21c8a3b2a5708872eba7b6629b588a9bfb433dd4c82c420b37853effeb83cd59f59bcc94d3a84ba09053fd1da234e9634a004b1ea26c10875bf5426208d7ffed2e4c92f6bb6582eda80377556d14d2cbc8687ae75bd6533e65712cf46fdadf74c25403aa5f5522c9901b18088d8588b45761bff220a6271f4e15adb33bb66b626b43ef6d464121f32c7e5409d15ec4d2289175bc89f205c1ee99e9aa95956b8720f9baf95cb44530935a3b480f73111f1eddd5405e02c9405f8ba4bd1b8218e9a053b0e84e6bbc2cb3674fe225692ac3c4b739cc5e3d6fcdeb6aa543bf58e7f5caecc3b280861bd32fe4cf74b75c8ca5e50d54a5386eafaaf7ea74a9553179f73d6b588190a0152e1d02e42a0b282634d035b1235c0651515f06809595a15390c50d7320462b4e0935562fba8fbd75a501c10c0a3b80d6aa5b975c4fcc6b2c8b729b218d2ddeed9dfc7bc456d7a962f1b6604c8bea24c2b98eac3b1eb1b9e30a8662f3dd3ef51dce9342772ce09c073c733b774f8eac5c29a11a9dd5adad131f534f01d6f4a4fb7b1b9cdb9fc9a0be0c65f8c38608a838b0f3231960b49185e7528ac67268361f1f52aee8af0ffad70f1cdd9f7cf8e6aced28cc379333c044788e81db16f1c997ee5b03415bf921b0e301b5835d1c4b1347a645a70a6ef502b0296a8a432da90f87faf9383888c577612c72c0c6ef7dcceeb9dacd8043dbd77a4bfdff3a5bef7f1c3c07ce943d13af8318baf236178bfdb9a442ff95c572e237d7f3af3f558a96246cd6a28fc5b46058b74722001dd4e2f343c2e927e19ffa6d5187dd0940d19cb5844ae8023c575071fa5d87def40a8368e216a1c075333683ba5a13f2fc7296ad60440ed6763b54de4dc337bb0981015454d14263afaef6fdd740cf4af8d94ded7d9e373f0996115e1f9e6da343052c56715effe476c98eec59f7ef7fec8a96e0b36a788775875c4d50cd722248bc7584907fa3578aef6f9a632087fed21aaf3c0941d5c419bc749cd94e73fcbd19e9e50308b77c1165841c26f123ca9f3d3e3fc5fa4f796832c72a429e271335336bfe20e4a3cecdf34d975be66b1c7b34ad6049f523ddf355fbf557213e5e3c2530dea8e1c4e91755fd50d6c8a340a1d4b8b120f32524fef036a7ef10c00e7cc458818f121962e7ada92b447bf9a28638a811d71336a1846e45df7ba52d1578ef7b93a0f9f33e34b64f8edc53df187f0939a06bc641ace89b6706b96b7d6ff84ec4f6b4e1d9a377cacc1aecc0e37ee6588a37aa838cd2202554f7bee44a0bcbce84a884daed03ab362284fa412b9b8231a229d235b4d68dd8bb454da683d9a4af43248cee892a405891e3b043aab018658b08c707ab84f4922be2d5db6f15ab2f445056a61782722ddbc8ebdb2567a1b8950481dfa8801dcf72e915ea782c73d7ed3262df5b040aee1a1ab50810904a5452beac0893b3c9a5026a74fa6364032822d62d8088579d38cd8a7733382f28d3138be2e93cbe0bc838ff065a26bf8cb51c5ef6c8fe941900a15f117954edb88c4c527ac74aa2285f0ed69d0542e91f532662eca593797d5be991dd7ae08905f70cb79b6e8e3152e3396748cf8af6a37dc2dde36a5b071fcbd33ffa69aad2fa8e7331cc56709e58d82384620ec10152c84bcef994ab6e721b92a57f9cee8bdc678409f36ddd295bfca71ce281201fa6069a843f73f52909c45c759f60987f4c3a5ca4689ac500669537dea6e8ffb43219b9dfda096a5a32ea900323a52667eef81cc1ef8ee62119838bfb66597f686ccd0f066380c31e49abbccce0046a65b609b8a19cdb67d18b673b6be7272a584cbfd9e33d50601ea2383f668afcf9357eb2652b180244a21312d5a7d8ea30f54911b9179499664e248fe45ff12924c5fdcaf4e159464167c6e12ae3fe398c8920238b6c361d96189576f669bd0922be1ecdb370570f8387cf785141b21bd91daf36d6b4986058a5864f340f30ec0f2bcb5b2fe3d1088f59f85672c24fba77279752100244e5b9584b020468005cb14839fbda23e12f362fdcb7fb0d4bacb2667b58fb2402e6ab11e0aa8a8470c29aa028dfa6054b8120dec571ca16e11ccf91cd11301086423e3cca32b0239f8a66e60cbd50646366dc8b7f87e14ee86eb1f13673a1a19cdc9291573b08853c91f5019a0ff7e13c185751f704f0097264de0e14fa2e45902605a7291c4aecaf92d842bed7c8a1ebe8d454b1cd1b1541fa11a565c203bcd22f85b6cfeedac182fd52d2adde163bf63d1a831e9678f9496955989debfc57c1b54a4b55e1fcdfeb0ec9d7de73e23775cad15fbd98e06b64216d25e640a3e0f0e06621bf9c02c875eb4b01f1c2c2b89ed51e636dbf4f3a6a57ac9be1e7b925abcf9ca95999b5843ba4a82fb4e3a48aca8f87e1b75ad9a16d4245d09b605dc6c975a9b38bc648d8882b36b75d871097939017fdf51912d353fab93d1debbd8a70a6893fa998b0c57f8befc9204142fc67f6e19715eeb71232608bb9af578b49f80ed44ea6122d61ebd7f98d59bb7c940e7906ed8dff58eb075db19b083494375532416115547a8f690be32b48709f97e055266b3d60fbf1d4ae460a5b77b6a2aa5643073f41d13ebb6862009d8184f24ab9509e3a5bea411a0165bf9fbde579bcba5b632fda6259feb3ce0ca1568d99322886d5b3914ce40715671596b7561f88d6e97397fdfe6b685d57ecd74b6cbce3348279349543dab3a6e19513aada5752052442f2521e40648f1da966d5c9136bec37638b847cb4bdc82dc8533f50dba860a71d57aec396ab9001639e4fd0b4d64cfc782cdd08fbf46148e5ee333ca9f7eb369e4d292943bf632684994cce8e93000081951c5a007ff6b3871c304386e2214e2d991956b76ee4a9c5b4897b6d782f3eb105a21f780d9d3d75e655df7e7bba8ae6981884c8ada1fdda7aaf3adfb8761106d2e06a5bac399db13c798125d91f92f19eee849a7b3a9452c7acdb190987e1c38e2190baad6c5999733e2221cfdc4ba8da43e126d30f0300cf979e2291130b53681fe4d5bddcc1e206cf9c1dbf38d0aff2fd7dfb76df5825ec5f5841085c2a9a41b21340657902bcafdb073feb69eb52680f56c5d806788e7329e5d0946c8942d96a4c68a9b927ba95632c8ac8b6388c44886467c3869f0c3c3577c6a67abf65b6381a27b719b5e8a4422fc1943d6dbc142fa67ee63f6339a7b0ecdb7e164ea45e9c64949a6cff076b53727a5e2faa5a1a4ba095a42725686ac0bb0d166a02058772bbc4fab4b44426115044e222e2ca784e7aa8a443559bfcf6ec720f93b78000abebd8c366df1bc63739ab8541b6bb9f83a5e9e79b03bdf27f76e91bbbb6a7df5600b7fb07f343aa53f5d428ddd588d5bb827b91a7fab354efd3319ad5cad8a7322ee98484ab0b3463cef454d37421a8e3af4de0a1070a53a6677c73e5a30e0fedee51aabceab39da30103974c6469db12f1cea8c87aa03d34ce52f83c0726ae525070c73dc6184c59a2a18af0d0b81d3bc34a1c78c6c91122fc5fb34e8beb1d916c6b7d2a9c35c49255ff9c8fed5763b4a382850f058d3410fe13f617b7a15158095a24c7d477e381073fe1a25940f77cdcc823b81566dd3466de67959336de96ff5d5ed2f078a7bb9c646ebd885ab44b096654fb175293f7c62790df9a0ea780496f0aed2843cf399fe45d463104aa2aeeaa3be9ea796894c6ccab85c34cd7f98325e09a221fee3606580a6ae84fc0350e6f9ba4cda8cd25c06e03678fda2af5348f18ce1ce008336e4eeb25bc62f12bfadb8b815f25ba6f42866a65da4702123e5b877d534383d5cb409b05d742fc94886a8b3f0fb16079bd0a8b790ff28b6ccd9e3b0261eedf60559d2e43e4e1698f792380ca3e95afea7b34b5964339d801108127de5bcd99ad40bc9784fd7ee99b8de24bd55089941dd35d5cc7292e0976f509fc88cbb5683c4fe97ce1691fb0a81ee2609d5648a0c9529bab6ae532aa44e586824a73abc90abf2e959f22d8be43fec2e4fdde2cae1f8142de2d233e93ce72c18009e3bb95c3b85a64fe9baf3d4dff30af6d27d0f4bc141efaabea8fa10ebe89163bf156ccdb0e24fc56dfdd97778f284d05038de0aa441cc30d7070c27cfa082350e9f3ba1e6aa290e6320729a59dd9d36e6a18d7f5a67ee1a3a5bc0edc03be426a9c255df41ac8c8202079caa8fc26f78a3b46c2fabee7fc52adb698fd4b83727f83b905554de6e86001e5ae0de75e4536b6b5ddb292ef73f81c8b149878fda82cd673f87ddfd0072ab7eb1c874ff1222ee8af73002ab3a23b920d6bd8ec389f3589ee2c96206ba9c0310541fa459ed2762908e9368e4825840817720119e52026b5a2a2436add8b7c22026e6e8e01ff481384cdc669737c208b40692aaf7bed8033a3bf031f1dd1cb8586f33650f8d0869617cc93d6ae721ba0ed0747a724f884e50b52fbfbf5c053ece10c7dd6e1412ca1ce8b33b975ba8f8cbe7497d5edfa3e7eaa497c0eb2da4b6824bbcbe24e043ba37cea8045fb822af5d9887215a7c6fcb1395276d904c413a84fe7fd873fa72de304ba24c0c64d8c6df8734dcddcc11aaa297cc853c951e5a16eeca66de6283f2750dfc5c4514e773b2cdae39d002d6217bee94c007d152f5b0db70e74037f085191e23b044a35e271b9fe5be3d66f75726c843e41c6b9797e8fa1f3427877aee7e967eaa1ace4b9b3bc710e9981a1336408693ed4bc8b0a6672a7ec2499b05ebc658d1e771f73cfb5fb047fefb6df5a15ac320e8201f77a9e75dbf70dfa513e09c8c092607be5fbfa8efde8404c819b3bff531b7d5390db3b5095252908c14fcd85d4a597a760a6869725f204582cb5d86bd94b624f15dc674a02725abaead96b2dcacabfede0fd89fbf22e8d6358e8f63840a2dba9f91dda322787a3c415edcda5f66694d4b0aea3495da5879e7b9983b0dfc948bc1c2d69047002761be2c4a88ad4c0e516d7c15664eae7af91371133e16f49685537807f64d278bc706e977aeeb48fcae221baec6ae9baccb66e1b2eaf85fd03cd6b565b3c62fb82da61aabb356643253d186630168ded77b5f7fa68ec3fb4d08a0ce59e62c9586cdfb757e942bafb2e47b5a8957a0a20eacdc687d1b5e26dee7f4a2bbbd282537012e4c80a89ad5dc1253d8a880a4dc72fac30da2c365ee1fd0a3c16003b89438713c3aaa42536e264a2d798f3ae51ae0b4a2f77f16fc83f82232383a9f405b4f403a03f39a63143bedf6fa11dd174b1ee483a1d7c2a30e9e890b965847d3243275de9ee00c2cb17514dc5990be17acfab9b49faf820a1f15c55289c90b0c73486c9cb1c680fe4993f034ca9ecde9c46f07059616ff107e373bf623fe61230cd35b4ccda8e1d62b444ea802c5907d7e720836d20d1cc658e948ef5c90ad36771fa74e45220e8d345c35159d84fce8a2fd743f50bd437feba0d7723bad41dbdfad49ff41f4b47b204061f0147", 0x1000, 0x80000000005}, {&(0x7f0000000280)="ce16d28ebb79437611b54d897e246ad51818b3f0e7b72361bbe5ba2e662adf8757358ec7ee237a9fbb1a2afe9040a75a17c39320008de1c3efd2714923c4294627", 0x41, 0x1}], 0x8, &(0x7f0000000380)={[{@unhide}, {@gid={'gid', 0x3d, r1}}, {@nocompress}, {@dmode={'dmode', 0x3d, 0x9}}, {@mode={'mode', 0x3d, 0x4}}, {@map_off}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@unhide}, {@hide}], [{@dont_measure}, {@appraise_type}]}) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2, 0xcc}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:04:30 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xf0ffff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:30 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x4000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:04:30 executing program 7: clock_gettime(0x0, &(0x7f0000004b40)) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:04:30 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'veth1_to_hsr\x00'}) r1 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x1, &(0x7f00000001c0)=[{&(0x7f00000000c0)="2140506efe72301f5c31018720a8e83358f5d043cd41d718d045d0c3b4c135b5cd2e788e980e67b5e13b696595298216d1d4fffd020c5be7e8f700d29557f551a8e740cbb34d0d9bf7bbbb65df11748f7a5cfaff7d295b7515a66b0272160403b7eabef7daf0d7e6f4b2afe12015adbd03462b705ef94ca0efc654241a32639268c5954cae4a860afad8f9df1ad1c89c96eb5187b951e2c10eed1c8d0ff632dfac546c46651df55c24fe4c491b0090dda49a9096607585396ae5dcc4cb347d3c738f62d858c1c206d9817299786c", 0xce, 0xffffffffffffff29}], 0x80001, &(0x7f0000000200)=ANY=[@ANYBLOB='utf8=1,n=1,uni_xlate=1,smackfsfloor=(},dont_appraise,mask=^MAY_WRITE,\x00'/79]) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000300)={&(0x7f0000000280)=""/80, 0x50, 0x5, 0xfffffffc}) r2 = epoll_create(0x9) r3 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000440)) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1813.646956] blktrace: Concurrent blktraces are not allowed on sg0 [ 1813.672370] blktrace: Concurrent blktraces are not allowed on sg0 [ 1813.721830] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:04:46 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 45) 03:04:46 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:46 executing program 7: clock_gettime(0x0, &(0x7f0000004b40)) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:04:46 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x40087602, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:04:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:46 executing program 0: syncfs(0xffffffffffffffff) r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) write$binfmt_elf32(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x80, 0x5, 0x8, 0x9, 0x3, 0x2, 0x6, 0x8, 0xc8, 0x38, 0x342, 0xffffffff, 0x8001, 0x20, 0x2, 0x0, 0x3, 0x20}, [{0x4, 0x8000, 0x6, 0x1000, 0x8000, 0xf41, 0x590, 0x7}], "4996b999bd6b2c8ba6983f0c"}, 0x64) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1829.233351] blktrace: Concurrent blktraces are not allowed on sg0 [ 1829.237241] blktrace: Concurrent blktraces are not allowed on sg0 [ 1829.241296] netlink: 'syz-executor.7': attribute type 12 has an invalid length. 03:04:46 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:04:46 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000040)=0xf0, 0x4) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r3) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket$nl_audit(0x10, 0x3, 0x9) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, r6, {0x6}}, './file1\x00'}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @remote, @broadcast}}}], 0x20}, 0x0) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000080)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, @remote, @private1, 0x8, 0x679b, 0xf69a, 0x0, 0x3f, 0x60120, r7}) syz_open_procfs(0x0, 0x0) 03:04:46 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = epoll_create(0x9) r1 = socket$netlink(0x10, 0x3, 0x0) ptrace(0x10, 0x0) r2 = fork() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x12) ptrace$setopts(0x4206, r2, 0x100000000001, 0x44) ptrace(0x4208, r2) ptrace(0x10, r2) clone3(&(0x7f0000000640)={0x10020100, &(0x7f00000000c0), &(0x7f0000000340), &(0x7f0000000380), {0x18}, &(0x7f0000000480)=""/254, 0xfe, &(0x7f0000000580)=""/185, &(0x7f00000003c0)=[0x0, 0xffffffffffffffff, 0x0, 0x0, r2, 0x0, 0x0], 0x7}, 0x58) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./File1\x00']) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000140)) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1829.319997] blktrace: Concurrent blktraces are not allowed on sg0 [ 1829.349142] blktrace: Concurrent blktraces are not allowed on sg0 03:04:46 executing program 0: getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000000080)={'ah\x00'}, &(0x7f00000000c0)=0x1e) syncfs(0xffffffffffffffff) r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x1000000000000000, 0xffffffffffffffff, 0x8) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000004c0)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r2) sendmmsg$inet6(r2, &(0x7f0000002e80)=[{{&(0x7f0000000200)={0xa, 0x4e22, 0xe07, @local, 0x9}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000240)}, {&(0x7f0000000280)="d3d359b67681bccf3c089ca04a488f563d7d9856f2f273af23573d93c319ce1e90e35e5dbb1da21de31ee40aa2223ed2b3e63becf6667e7024ed16a13e72608ebba0f2e865c975b3b90bd68f86fb2caecad4a833d443573baf0fa2ed656313dc40dd601ff6529c4f824dd92ca959452d1dc19f45dc611cd0cdacc53a8931aa935854ffff0d40da35d044", 0x8a}, {&(0x7f0000000340)}, {&(0x7f0000000380)="23a578960e147c894398b7", 0xb}, {&(0x7f00000003c0)="695c6fba41b285110b1b1667b94c21cba9f58f691331842bd06711458eed55ad276d3944920b9e416e4426ea85445255ec6abe7769ef84fe0bf688e7c13e0cd9e04dd3632f0424fa1f42a3deb8e5c53f9bbba52bf3a61b33", 0x58}, {&(0x7f00000006c0)="a0fd474cd90ecb333a0b5c95721b04d27c244be250a5042617532fdde79e6e42941e4b9e3ae2bf827a9bad143bdfc513591006748dce10d5c3d6ec406ad9ba52e7623dc0818df5f5b4d07e763f0ec580bef8993a33133aa63c500368252eacb33ad589a3077c0e89d3295680dc922b7430238f0518baba5d88c9be297520485f76307f913b3688c6f8e80ca4922e984c2a7427fdcee88239389614e392e975184f5dd9aab3db7a71f8899952b1d4e91b70e172f7867d8534131cf02c63b53fa01f8eafb5eadd3239de9445cf8f08", 0xce}], 0x6, &(0x7f00000007c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @rthdrdstopts={{0x30, 0x29, 0x37, {0x2c, 0x2, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00'}]}}}], 0x48}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000840)="6ae17a6fb350ad2d0fb299217adbe9e7c853cf", 0x13}, {&(0x7f0000001040)="4616b428d13f6268c982800e5704ea7a3202aa173314729d862abbcea493393dca4800cdb59267228e563af32cfaed3915f9c58322734d09a409e127e4856bdaf2478610c6cd7267465caa21b63c608aafd84d8ced48d70ce47193ed49c7d5e51af5004ebfc57cbc1dbde70dfff3c68524f46ab44fda1fd1335eba8c222a1c49f38bb583b2c4e6a9d4364b9dbbe685dbcb9304664380d2a2cf0de96e02e4df732302528663ccb39a5e5da4232c21fcdd5846a381efdee3d5d762a54f192c5ddcaaed83f9be5d46d50b63bd6295331342c9b3388d794b3808fb18faf3d82371a7eb60d56b52499a1a0bb89e533b5d29aaf13fbf4a63dd2b437a32360f59117dc8cc3771a8697cf9d3444656839582c10f61622c1be21d612d12be11ea228989164b9a14f0a6206920c5f364ff61b0327bab0f6fea53fae4bd0ef914b15c1b7feb450c82ad44607f27e9f2dd4557e8aa65fa35ea64c9ac93b2030102d5155d5794a120a7ee8a3595b11bafa4cef8a65c47011fc77c720ba7cc6121e4ff612ed0ae249237ffd39b795ab4f2e03427cf3e5728b99f0e93b9397477e40c0e73a826efb585e5ebc98041532fc4029d3f805a1e82e982117ffc06e6ad9803e0732f89210c04f9dd567882eb52e5eb797970ac3a6fd561b41c4e635f90c5c0462c545d88631112aebdf9dd733f83dff2dce5c803d584ac00df7a4769028df2d7e95040bc9467580fa83d88de1ef4a42f98f2642f9cb652e18adc738050c97a6a9f86af24c4a0024baa92d34c0a44f8ef7e6858191e0b2822018e818e66c430c11bcbc73d6ab1f3df0e3a950bd178da8f20106c2c1954be1bcfbf3b690eb246ad80553ef17cae5dbca42b145c34830f59da00d88a974c37da03fdd31bdbd67e496232e3279001ed7d0fda2e36239b1510f94e68e6a7ea15597320a41e63961ac5ba92a9319faec966dc06207fd12106c34ad432d5c80312d333a18d25c5c3b14c6414667513833742d6fbb924a395a602d43ab5ad1676b949b8764ab5490c720da395b9a0c62458147803f73796db637c2cb130281b6778552f909bac8128f2e2d6bb59eb06280a10cc9215a5c6a6b11ef8e52d990337e947ee8c125f40c343bd5bf6cf0e1c20b0113fd1b27ee30e2c0f9db2c978d7fc2d7b97e39bcf650438d113ef0f4479f4767b6c9ca88c4705176c1e4576b97d29fc57bd397d0f3e078834a19dd839638bfd2798c99280af6535db2f42649f53a9ca40da0558261a466e32e363172425ab3dddfb6c1d980f3fd6dffa94ad8e36ffeb4077f4983c30374d712c783aadf22a975abaf2488e1041db71ae65f8a366891393126fb92480d3f71c20a269d4f570f19d09c852a8d56a91a9f2c05c6794da00aa4e7dc71a4587940731a4e8da3f4d768de432d1ffa82a4199dce2ede2596533eccdb1786e1ca2ead72453a0e6ae015341d570e3ca7083c5326330d9dbd48839890dd378c23dc987244e81073a9efd153fc0717765452c3dbc2e08303fe37ed5cc5fa2304244a4545864fa3b2c8ae9abeb757457da5344f714b6dbf2e4c926f455f6b305aa1a3add01bc5f010a20d539a49445189c03e236212705cc75efb66d87030b49e34929d0d461df66293f55f575d2ae51636b1236ec9a3b7c352f4dce3e6b7cfb845c4001f2abc2d2184029dff97b0dff69b50bc76d8298a55402b0456619f65c574057ee5cc6ec567552c445b7be27cbeda8902dd11cf92d00212d4af59adce42e7f53b3f4dbd5e7ec6981570f847cb4eab65b988d56998b90c455a7eaae89503495c2effb2c86138c9123cb10f2ed314990236535ac572969e9c1d586e36395a98e21d02a47c9a6ec5f0ccb0f84c6f81c57e4cc5b5e032f1eb15846ceb60b27c171b739e051e8a8f7633b924ed057dac71da821810994235794023eda7b1021d8024527cdcf10c7f90cd336c1e80b58cb51cb58d5e6eaf90442091d2730a7a5596046a09218f713e9969fc8ac59b58a2df175396e872a583e266dd18c586e7db668a3e34adca980f52aa5c93ada1309438a74ad2037217b4f413c809d33f91c3e703e3f680b5bd108dfffd7de2fac760bbc76331e9e2a8ca91e1d0420bc174de63416c21035331e52ac5e0a4662b874f46e5532ae8889641eec54c2cf041db9e42203ccc40590477dba5baf61dcf617617670339d61252a7916a4b6de7fab11b11c873f86d8152b1fd9db5ede4f350b6b131fcbc2eaa3313ac75fb6198d4ce03ea4ecebfd0046de6f6b27e52b00870acfebb25115c33ecb025c97285fff49c5f669087f46d4aa7ad259e744144a5edb915cc8788afea8ec9b81455d439561ce9594d9efa757ee2498025849dd98a80cea859d03cf9a4836f7676c6c274f89f8cfd245cd9d68c257e227d1584601b048d0fb5fb79a25cf8e491c1ffbbfede0be237d67756a7f392b9c257be115e24c952020a75f676ed8d1c1bf4d87dbe9798fbf358d4b94fd0554cbff1392d7ce0e7ab8f96b025d4cb1694d9f7a9c75c25d3cd1346f47dd705ba1a447cc4e3ddc03866eefe9714f5dabe5492d00c2c857384d58b864cdfa89b79a7d3d5c5b74054b99b94249595c8005154c4c24d0f9bb34648abec713a798d2909abc1f6f3b96413697993c7942978bd6a2c4121194b451bc9f92dbae7e9cd6cb5c2528a81a4d31925519cf3d2b9dfd1364932e6e2777e00869b32df2bf54a4944ba84d55e2098d7d267a61354eab870cd6f0482600e8bf6a7ea2bf7d54b843409a33f9ba3d7e29511677f4c7d7328c1aebe566acd35623884b16222c86aaedc89a1d52e0e3cb46ab10efd63d5c55793d6da643a212bd87a5f567c13a775e82c1676187f9e09174a780356efbd2bf56437a39d0a0ea454bc5e25bddb5de06cda794f369b57789cca1c745e28f7ffeebaae3e1c8698236f942f7ac2e527caa2fb3c54905def274cd440aceeb836b251561b89a427c188c5231cecf045a8e909e57c1aa566a32b22f28d2e0f1759c31fcf07def7eee73584f25599b66017fd3de0990fe7374ee8accb23210c5780fa3c64fe101dc0627c65fe2afdd59561540c81ded40f20dbe5d834c1c897fefdd6285df5cab5e66e22eeacb2112665e359589f678fdd6732787f38f5531f3d5409383459d325b59ba86441fbb1ef63a9b81ad5e73d22a7bf73232b5e5138ead2b2e978949e07a96764499db40e9df7d954a7a1140c5f0213bbac9722b926a90d5c0947928d4ceaf496a8a4379c6030c639516396b4b9216a29b8e1bc0421377dbad9416c3b3ee28a35748f01f2fba4c0fb82a88d05ec3de4ccecc19639f0c96c0547bf17312d0e1c76c048d79971980807079e160cc2c1a4a26060b2b39d261a73ffaebf73c47cc2d90ee015d4228cfe6f7d2a138493ebccb77dfbd14430cb55f2ab8283690c13bcb27d7246b97dec002c73e438d3d5d510b725f1924f937b5d61a5614691110ecc9f2c10d0ae49d2688aff3209b7b1a99fd246582645e8ba8f6c16b2bba8b0f6a287844932131df7171175fe06bc5da76a6eb199a398a5c21d7999511f2a24051f3d73b9c6812054d01cfc3e23197365d9f03c2bf56a11f2d291c57500288ecf00afb244814ea10be4818002fad218e0c2e72bba0ba6d8dda3ff0af021ed2f7666dc524d932e36f9922c8762f341694d2f3e90358dff66c16a188f6972e1301d59bd474c18024d984f44316e353fb0cb1733c1384c3e892ec40d7b3f31b306c176095ebe96708eeb16874e78edf60f2bf55fa32b6463fd2a7ced1a2b68300b3c0f3c4b9d66a4395895f8ede7d723c6eb4b0996ce1f2571a49e51828f6ddd0ba75dd5ea42de82953c545747217bfc07c439ef81a94eefc593a5785a0700f1a6a8ef24c49bf1dca5f0b7bd5cafc2a2dfffef5f42b77a4e7a9ef15386740e247cc013c05cec87792e071629fb68251e4b0feaf76235726e802e2b086ae208d8ffe198b8acfe4d1bc0054c2b213d04ed9fc1378fd8a7a7908bf5152cc5d9d61097a4893729277bfb0a8295cec4e23d4494dee999f7a09ecc0909ac8b951c00fafac0a178dc54342be7402611b99365d1e343d9065469f54eab5ae4489bd3eb721aa551cfd7f8d4bc6f5f68256101f3fae460eb2eeb1ac2b7a80ca5ffd8baa41ce8996169eea51e5018be15ff85a731547df008fbfdd1d7577d956dddb805290431e3620b427e5780cd89bba5efa88c30aea049ce36acf66bb8bfb0540606a54068caad48dfa77d716cb40322a26d8ba4dd63505d10a5e02297fbe3534fd018deb69cb26cc18960e82a7acb6537cf47e3f98d8749c1ef2c1ae47b68cb8b4209462d079f171842e3bc30e8b92a3a64a9ba829fb3df10c34425d64f6162edecd5b5d44258cbc90acab597a3068b1acc9633b7f2134ac0ccb011bd27fc2f1fe40c5159a41c6d43ce21cf20e91698c9c8257450c4c0ed94c1be561ec9d1fb86b9cbf4a0e3e39b4ad5b8a64a9fdc745b96a60452ed8c7d79e39fbd9a134e631582ef13714b4d3d6c7e4909a14a292d52cbfc1d5a07d7f1af6c94852172d6a55908886171c7ad403815e414ffbce99f3bed34d9cf492733439eace0bf818726e5215b92f214a9a87cdd2d7556cf36fecce3fcb47c5e2a4064340b7a9bd9911d5e0aad96d0ecafabfa874a297b3df4d14b2703efc9f1a6492ae0bee29cb8dc4df4a5ac539b4753719c9071c15748d2bffd074e011a56f720b05722a95fe66103213b66406361c4787b02afea268dfcbe12b08fb5b5c3919b733349355498f69cff28f10303dbc260275845de28d351f79734f2576144ab8ea2c62ca1fd4be1818ac2a12555f98d7ddbe1ed7e5b6ae4f3288b975bb5d873cc42f276349b5fcca25e31a74db8ec14b594e5eeaa302fd2135552d773f25ad544de0b4a42035dc5ce4953c6e6de0b80a455d3988bc557848048beea7bb54ace01ba3d549f6fe4058563276f5f7f1108ff2c285b1c3017a6f828d91c3003dd3394c34f94c581fcbf1fa97100e54dddc808f582942428b1d916c48f6f1b86e9e8ad8dc1eec7cee91bbcd6642b35d33c0cf8b782718c7c486ecbe680d64af3e5059a2e830c2a71179cd8b69247a6cbc7afc6c83dc88f5d53091370bce043a3b3bed51e5b2547e619e13c9e3b8f364268206324e42b63b0100e2e5c471cea809b25845f43733a5991aedd39908b2f6ef05bb3c196726d9aa6762bf6248d23c509c89e311007b3cdcccdd2d00e417b9e0e944cc70db80dd7a1eae77ee4756f3fcc26e58255079bd22c5ee1f761a431280ec829030fca6b3b29e69f966ec827ab9ee915661439b74597431b4a04b38b6fa8e618e762d3af3f4c58511c192bc23d0b9e82e2cbd5e52f8e7acc7b17fc8d8b411a90031c49361fbb2a01dba58e6afd15cf67758a07b596ff57221f5cf0d0e3342a20b361d6de74a878579a0b3dfa7efa6f40876463211df37f43ed3213c85f9d8d82674c0862f9b80669ccb346b404e61803fad3a85468fe70572e2e43b130436fb96c6874a075eaeb2c53921b5937f8b15b43d3c6b82c8c5df2c3f89aa821e40cb224c104da833c519bd477a1a58656111c1af44fd2440bb997575c64e085898233a0e10a3e31ba7ae0836fb4074f2faa178010430ca6de3eea006fe7794af23c5e3dc833306f2413f626e9b90585d39d7aef3fb1c7b71cab716237942e11390cc507538285123a9a7ba6e1506963d365291b5da77f0efbfea682c356e4be51b13378c1761614f191d02f529beee86085f8ab5d5e5c93e5796365a28c6c667dca254b0e15dd0d2b8f9fe0f9c8a", 0x1000}, {&(0x7f0000000880)="5d45e180146c27a3deb7f095abd0b87f98b68e", 0x13}, {&(0x7f00000008c0)="8c4eb981cf97217a5933250d1fc118a5fa8c7bfeacda89481dcff0d969ef7d106320534d68d39daab18f0ed7b4b2043898197c", 0x33}], 0x4, &(0x7f0000000940)=[@rthdr_2292={{0x28, 0x29, 0x39, {0x89, 0x2, 0x0, 0x6, 0x0, [@ipv4={'\x00', '\xff\xff', @local}]}}}, @rthdr_2292={{0x68, 0x29, 0x39, {0x67, 0xa, 0x1, 0x7, 0x0, [@local, @ipv4={'\x00', '\xff\xff', @multicast2}, @mcast2, @empty, @loopback]}}}, @hopopts={{0x38, 0x29, 0x36, {0x0, 0x3, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x1}, @pad1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x7fce}}, @dstopts={{0x30, 0x29, 0x37, {0x0, 0x2, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x4}, @pad1, @pad1]}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @broadcast}}}}, @hoplimit={{0x14, 0x29, 0x34, 0x9}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5c8}}, @dontfrag={{0x14, 0x29, 0x3e, 0xfffffffe}}], 0x198}}, {{&(0x7f0000000b00)={0xa, 0x4e21, 0x9, @mcast1, 0x7f}, 0x1c, &(0x7f0000000d40)=[{&(0x7f0000000b40)="d484263e3893", 0x6}, {&(0x7f0000000b80)="3fdb089990865c899767a750fd22dda380b4f93303984c55b745046d9a49485284f01da2d4731c730931acb5a04aacb97c8aa0adc574ec79031b3916", 0x3c}, {&(0x7f0000000bc0)="6fd58c033356d2b32213589baa365792895ba51446497ae449ed06d642491c75e1d0ec539a45f522994ec01d931ccce7946d8f48578dd40e67e367fdf25868772933c1ac9d5774d93f53df889d1cb84e03353753a17bd0237ec9ba5943d4897f8c06c13fdcaf913769eeb333f5abb376bddff20cad6a2c263a07f8a97c073cbd57c5c1122ab6ca68b85c923a9d5d538579f7e16fd9243414", 0x98}, {&(0x7f0000000c80)="7c49ffe0adfe0d2ba1d782eef4d391accc090da2defac1e121f904c69d0025d5fd3e3cd72717d88ed33750bcbb0dc7c665a1a72ead919978b2b78c8ba3d7fa621fbd747664beb6118149a83cc09d7860ecbedcaf50de90ba42ae57aeea0c63c81c15e1d6b8f79e979dd73adcd54dc91c383b0c95bf87f6deeb8de92cb77c606beed1", 0x82}], 0x4, &(0x7f0000003000)=ANY=[@ANYBLOB="180000000000000029000000360000003b00000000000000480000000000000029000000390000002b06013f00000000fe800000000000000000000000000029fe880000000000000000000000000001ff020000000000000000000000000001893378b09eac6837cd0ec2f2feee5d22c213782c8d608fd24d4bf3db4d66a07c30765fdcd1a3398d19b1f956d48e6fa3655bf7e0a0ebcd32557657ad3b844c880c853bbb950553c5deecc4f8c563348559c455b348d9e801e71fcff4488c86"], 0x60}}, {{&(0x7f0000000e00)={0xa, 0x4e23, 0xab36, @remote, 0x3ff}, 0x1c, &(0x7f0000002440)=[{&(0x7f0000000e40)="26293e95cf179062957002072f4cfe97315f112d099a89c02f5643bb7cf1b7ab75a62b3ca5c67dc583c6da5de3be801f3a5b4b58b005775d6ee791e775208d79e238425314abc5e57ef855c01e5eca370345f2ba0e10b4bc05d0cb749eaf50117ea85de0f78d5261e5882ea7db3e0cc8c02eeeb2eea3cea5616abaceec391c692bf73c53855f9a98b1c5bc7938945d627e385e12bd051b8e66dc1b01fef5c564ff2305f20bd66040", 0xa8}, {&(0x7f0000000f00)="0755cc5845d1ff62fe787b1445b54fe408bcebf4e1029d0eea6b4b01437f8efa2013991f9a382bc8ba861e0c983913c06ea73f1f306bf342ed9aed73d22ee25d2c488d7f5b5f5f7e869a3e8b703ba1d7d58a90dddc809d3c354b70a6efb43b3ab92c57c4228af7169130140cb3fce430209a4c18", 0x74}, {&(0x7f0000002040)="ee5985976f972713be40aed4592ed4a868d7dafc3b5605d6a563faff76ce236f929efa2bd59adb38a2eb2b4aa90d06e8f9822fc43cfd4e6cab88b6c91140f5e238ff67783cdaf70dc874f1a6ec0d68436a700bad57bb1a411a694439929142b7105e8b13d8e2e377ec3618eb1aca683922de2b084d8e6c4272898245363c5d401a7f0cc1ccb98f8bb2183f3bcced7cd8b1d8295c921b4d7820daa8fdfa05d6", 0x9f}, {&(0x7f0000000f80)="b60507b71db0b103c5306259a0b9ae8f331387c2", 0x14}, {&(0x7f0000002100)="e7deef497079c9e60a68decdf7a59cdbdd838915d8280a8be0c5d4ca491ff7ff966755223fe2553e6913836b42ed9c0cc6a78feffb3570d5849f439b7ea4d0e13a8e7f3d6cfa27dc602aacd91741bdd6cff51efe909e788c16586a4b4fd91b45e0bf70c4e420570e4f909715c8d63fb600e944f6b8654474baca059723cfbe22b193d7f2d037447ec899c026d26d5173dad5b460429f0610429af1396c313bc84466a85161b494800f368873db82f49efd27c459cced8d10c064037047c9745e6157a664fc02ab8c3789f0edcc86c10290e74c7d3a824ffa2890c07ed1895a0050c8904c4a96d9b9a9657cbd77a37c", 0xef}, {&(0x7f0000000fc0)="b4c6bb34c51d66b884aa6921d77f9d3de29a8e50dd0c34eece", 0x19}, {&(0x7f0000002200)="9d71277b3b52c8a8d7dba30f846d33d4c19edad249ee14fb2dfc97b625157ba394fe5562bf9af33e4454b7e527c92192d1a4c9b29c71f298445b41cfa0861a0c9ff0f4d4ae197597c2e1637f3645132a022b7e0f154e6a84e0652603cb3c7a3137488e6d3fcb24449edda88e1c075169ad154191c7217656a27ac02b71f44b5f0a774e0958f97dc7", 0x88}, {&(0x7f00000022c0)="dda67323b69e710e26ed9a8ce28d5f95d90988607ff07c7719c0d7260a1c6b5a0c71de78b1285899fd9e937c3c7f2b0beb3a9e4b7f6c6089ab01b36ae5fc2dbcfcc5ed3c38324ab959f88d721cba4e62a1cc9b75df51cff2f6b59eb58e004ac456bd37d7b9bee56435ab4608734424a87990668de00e0e988958ac02c773bb383d3c5c187afa26f46db278af08c257e765db3dfcbf86d9de159e376aecad0626f3484063f4c36ea7535dc5705eb6", 0xae}, {&(0x7f0000002380)="eddfe6d243d56afa14f511ab47d38e5556636713fc87cfe31e1e933f7ecc4a424d2deab006dfaf0724ed767510c12afbcd145c7131cdafe38f7eae798207f12cf95ff4ed7673bdd081c257e72c271a03c6ef991c404505cd46c4f3a4a3aeff5bb7bdb5e08d6e662d257e39056ea3b8002459627cc4d03be8dda4f77e196cfcf2223ab5b7682841def357f8c1b03af610835e6d09a11ef3609ed1eaae64c5c77c23975a8dac0c1f6eba3b2d792cfce853da38cdb1a896359b48175249", 0xbc}], 0x9, &(0x7f0000002500)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x8001}}, @rthdr={{0x48, 0x29, 0x39, {0x3a, 0x6, 0x0, 0x3f, 0x0, [@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast2, @loopback]}}}, @pktinfo={{0x24, 0x29, 0x32, {@remote}}}, @hoplimit={{0x14, 0x29, 0x34, 0xc88a}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x87, 0xc, 0x1, 0x1, 0x0, [@mcast1, @ipv4={'\x00', '\xff\xff', @empty}, @dev={0xfe, 0x80, '\x00', 0xf}, @mcast2, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}}}, @rthdr={{0x28, 0x29, 0x39, {0x2, 0x2, 0x1, 0x1, 0x0, [@empty]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0x21, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @pad1, @jumbo={0xc2, 0x4, 0x1}]}}}], 0x178}}, {{&(0x7f0000002680)={0xa, 0x4e22, 0xfff, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000002a40)=[{&(0x7f00000026c0)="c69140255941735b9b426df6bb8ae1fc390d341ab3e7bc5cb586072e36a1cae8b80b0b7d7b7c9002196b94a7843c9e8a99c4533e7bb401e8955cc1fa19f973a462cca9ba09ff69ad9a3c71656804cebd7881f0274b5a1b99388413a26ef0464ef9feba330d09471dbad8c2d5f2dc3bb8bd2d1faff5726f216eb5691df12b424ae224f1b9abbc0bb4b3c28ff0c24a35579c62c81b66f1583aabdb10a70a156740152436e505ce5e09b44e668cb444598d1826b2ce570d1878cd8e6aae2adb8879a3c579f633a2228c3e5a2496a2f5f4360ecde96a6bf89769baaaefb9fdb91a09e52b7992b582e5ef89c20287b80cac4088", 0xf1}, {&(0x7f00000027c0)="5030602697ab999ac090743e7c5f17d98e35eee2744cd9f6daf9dcec359cfb3a3a4e531ea36ed1c24d1ef1f4f8c0dc1838d17afcda82d1497b648b7bee97bb13a169f30512db969075999910bc677436cefa627b6b9d4deef378ee601ad689793bcc5651dac257742b579eebfdbd86be6e104dc03de6846f5a2ca526db6765e8598b424d8b5e91c2fa4b3eb77d8e68078d9969ed3adbb25b3f2be0fab30a66cfac02b5cd64edb89f7320b73ff9ba5628ba38dc079f71a38ccaa270f4ec2243a59f40fbd736b136ba66ec110a35af5c4d166e5f6287de0eb678c39555d15fd2a285abd5b81042e2d07f7a25f7747e322858c0a845bd65", 0xf6}, {&(0x7f00000028c0)="069cf4867139ba7da27de5f374a9ab6a66d303005f289b5939fda4ccef173c4b817554533ce773f3a72f245e915d675c31f99b3e16af47cedc9542d61f302ec4dc09f7791cc3e74e1f98e516fc5fa0f8fc6637c9cf49b409da539778ba53e6a1be518a804298e4b452b7544aa48b67e30e6ab5f25bfce3bbae28f19347b812fe0c53d7f831d73aa62b6c03474414bb1024145d32e6e4e164e98e5cb8200515ff99d6d77bd0cde4bb8f81fe49fcd5cb55b2d043c75cc570ce16af5009d55321a441dd30c0e9e2a283d6d1148cb213117d10f169f3a75651afe75eb6b0f8872996a1a4ce38", 0xe4}, {&(0x7f00000029c0)="bf8690ce17f1fb00e1bb0d7779c2187d5f905f897aa032a41ab5d1c25a3d9a9919b1fa5321cd0cfa2e4c46b218bd563f89dbab313359005defc4f3ec2ab22d7fa871b2cb33369d4117d4fa1819cc321a16", 0x51}], 0x4, &(0x7f0000002a80)=[@rthdr_2292={{0x58, 0x29, 0x39, {0x29, 0x8, 0x2, 0x2, 0x0, [@dev={0xfe, 0x80, '\x00', 0x18}, @ipv4={'\x00', '\xff\xff', @broadcast}, @ipv4={'\x00', '\xff\xff', @empty}, @remote]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x10000000}}, @dstopts_2292={{0x190, 0x29, 0x4, {0x2c, 0x2e, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @enc_lim, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x0, 0x95, "37320ecdcb60640a0630f0014c97d44a0f0c21274686198d901f9b9f03f5edfa854a57efa1374eb17aae99a9923ff0069bde1d0aec9c97ebc9434413eb1a51d6003c24688a12604a7f78422ddbed47a850b2d1970efb10216d3d2237ccd0588fafdcf134e91441ba8175d558225da15beceb2873cba9ca4d3b2cc2b6c182e092c57f145dc3763340a5c5d2f4ca7db06554d1f6b99a"}, @calipso={0x7, 0x40, {0x1, 0xe, 0x0, 0x8, [0xad2, 0x80, 0x40, 0x3ff, 0x1, 0x8, 0x9]}}, @enc_lim={0x4, 0x1, 0x8}, @enc_lim={0x4, 0x1, 0x6}, @generic={0x7f, 0x84, "d26c605cad2c1be719019551c4ed7e80a83c4ee5911fd3e10fccda5a4da095ec69500ad10b10ce4ac692bdfe8bf7965a5b39b500356413c750a3eb9092cfe33ae77a695bbb982ea5063e43e5b9868c86d369d23ea104609eef675b8a35523900242ad5d7d4baed9572549127ffcfd7aefa0546163492af6416fbd1cb73498ccc1a250cc5"}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7}}, @hoplimit={{0x14, 0x29, 0x34, 0x101}}, @hoplimit={{0x14, 0x29, 0x34, 0xd172}}, @rthdr_2292={{0xfd0e, 0x29, 0x39, {0x29, 0x8, 0x0, 0x7, 0x0, [@ipv4={'\x00', '\xff\xff', @empty}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, @dev={0xfe, 0x80, '\x00', 0xc}]}}}], 0x2a0}}, {{&(0x7f0000002d40)={0xa, 0x4e21, 0x6, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x7fff}, 0x1c, &(0x7f00000033c0)=[{&(0x7f0000002d80)="da6a93aa07efcf077df9d7bfca7fd6eb2ba542ced11225a38f9068ce48247449e5e3056e5d4b44a31921346a8cd53cced1c2d80c0b7b36eb2ab79b3608c7194c5b96afb4b2726cd3ef7c65399086ac4203779c65759005831d3dec212602b84515e5fe", 0x63}, {&(0x7f0000000d80)="4613fa1f5bd98d6ada8a0311c750a595eb088060112ca8d9e6c3e83e4a80b579e06e9088d3a7832155e7e2a6e8eb7d2589cb415215c1537f760560456f01922b9976ab4cae0b488dad1bbbbba9fcb66efcfab4819b0759efc1544164c05684ef8da1139e5c7d6e8cf5b10df44768", 0x6e}, {&(0x7f00000030c0)="786a93dae95fb211f45f775dcc1b4883f3fe80368a661a45ef0ce63f5c001cb47be6d405c375f0b8ac677e2e648dc6503499d287d8e0ce02cc3824b47f12032424baeb0b034b283f612ef11f1b06f2abb5de2107820cb5ef033376e1a840b1662c71a19b28b5f9b29b233cf06710710ecf0577efb4c498b3b3f9a7daebeb54821f87e2062d360487f7f19c3f8b", 0x8d}, {&(0x7f0000000240)="d59a413a8bb57eab2c238fa1031523a0d9657b890e8ec75e74f551fed26afc4f07542d3403562df1613010fb13", 0x2d}, {&(0x7f0000000340)="ce6b9606f1efd3833216460e82b5d10a716e4407ca20a568a1a86a8c", 0x1c}, {&(0x7f0000003180)="038205b4818936f59f8af9f61f83664a1904ea8488190131ae8bd31850ebfcc7be5fb43841ec0dd65b3dd6823e2c4cabd6eac4af36f40b941c9dc99b452f8ef3548e6e346c604202504db625329af2b0d166ee53a7f540da2a493214c031db2a2cc6c49e55a515ccef", 0x69}, {&(0x7f0000003200)="69ca6510eb6e221daf6d3a669f0abb452f89e0c56c597f082c749ae1dabc41f925396e3e1792f5e631fbc18e7f20fdad6f6917af1d7606d386b2a6c28710d6bbba521879b412f2d42df908846b277322129f6713df6662b3f333e28a0c1bcf88ea98e4b60e6e0bbbf1e1bcc94caafc02d73a8e0001a3cc331af8fc1c9125e78ad450c7472404cf53b5d5e637600976d0bcd766fe9f3286ed340426d1aa23635970e32a217cfda2608e0ff31080a29cc146c41852539964fbb031f2e7f497c91e980664dc364ee887dfc50d63be3de4be6ebb51d577183cda708973819a7ce3389dd85a286900db1d40b4edef1d0c095f", 0xf0}, {&(0x7f0000003300)="efaa85e7895a01e4", 0x8}, {&(0x7f0000003340)="aef36a452169cb3f65211bc4320b7efd1d16590f32f2895601fd070f1f4b5bfe8119124ad164b96ad9b593938fdfd0e7a28056255622b9fe66fbaaa6ec793ae69f2c11fc2f68e3b7488eab6780a98ec0348b3bcc553c9d6ffdfdd8792248e59918923d199113c8be886a3500", 0x6c}], 0x9, &(0x7f0000002e40)=[@rthdrdstopts={{0x38, 0x29, 0x37, {0x21, 0x3, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}}}], 0x38}}], 0x6, 0x5) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140)=0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000180)={'\x00', 0x4, 0x100, 0x2, 0xc2, 0x40, r3}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1829.426811] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1829.428110] FAULT_INJECTION: forcing a failure. [ 1829.428110] name failslab, interval 1, probability 0, space 0, times 0 [ 1829.429323] CPU: 1 PID: 10103 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1829.430202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1829.431376] Call Trace: [ 1829.431645] [ 1829.431876] dump_stack_lvl+0x8b/0xb3 [ 1829.432286] should_fail.cold+0x5/0xa [ 1829.432696] ? __kernfs_new_node+0xd4/0x8b0 [ 1829.433159] should_failslab+0x5/0x10 [ 1829.433569] kmem_cache_alloc+0x5b/0x480 [ 1829.434017] __kernfs_new_node+0xd4/0x8b0 [ 1829.434456] ? kernfs_path_from_node+0x60/0x60 [ 1829.434944] ? lock_is_held_type+0xd7/0x130 [ 1829.435394] ? lock_release+0x3b2/0x750 [ 1829.435814] ? kernfs_add_one+0x3c6/0x550 [ 1829.436258] ? lock_downgrade+0x6d0/0x6d0 [ 1829.436707] kernfs_create_dir_ns+0x9c/0x220 [ 1829.437183] internal_create_group+0x782/0xb20 [ 1829.437671] ? kernfs_add_one+0x178/0x550 [ 1829.438132] ? sysfs_remove_group+0x170/0x170 [ 1829.438616] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1829.439202] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1829.439786] ? kernfs_put+0x31/0x50 [ 1829.440171] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1829.440760] dpm_sysfs_add+0x7e/0x290 [ 1829.441173] device_add+0x9a9/0x1e60 [ 1829.441583] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1829.442174] ? kfree+0x217/0x410 [ 1829.442543] device_create_groups_vargs+0x203/0x280 [ 1829.443074] device_create+0xdc/0x110 [ 1829.443476] ? device_create_groups_vargs+0x280/0x280 [ 1829.444016] ? queue_work_node+0x350/0x350 [ 1829.444471] ? init_timer_key+0xd1/0x110 [ 1829.444910] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1829.445386] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1829.445919] ? init_timer_key+0x81/0x110 [ 1829.446359] mac80211_hwsim_new_radio+0x382/0x4900 [ 1829.446876] ? lock_is_held_type+0xd7/0x130 [ 1829.447349] ? hwsim_virtio_rx_work+0x360/0x360 [ 1829.447834] ? lock_release+0x3b2/0x750 [ 1829.448267] ? __kmalloc+0x25b/0x440 [ 1829.448685] hwsim_new_radio_nl+0x9ab/0x1050 [ 1829.449162] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1829.449716] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1829.450307] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1829.450992] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1829.451678] genl_family_rcv_msg_doit+0x22d/0x330 [ 1829.452185] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1829.452886] ? mutex_lock_io_nested+0x1310/0x1310 [ 1829.453395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1829.453986] ? cap_capable+0x1eb/0x250 [ 1829.454411] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1829.454988] ? ns_capable+0xd9/0x100 [ 1829.455390] genl_rcv_msg+0x33c/0x5a0 [ 1829.455800] ? genl_get_cmd+0x480/0x480 [ 1829.456221] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1829.456772] ? lock_release+0x750/0x750 [ 1829.457207] netlink_rcv_skb+0x14b/0x430 [ 1829.457639] ? genl_get_cmd+0x480/0x480 [ 1829.458072] ? netlink_ack+0xa80/0xa80 [ 1829.458486] ? netlink_deliver_tap+0x1b2/0xc30 [ 1829.458983] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1829.459510] ? is_vmalloc_addr+0x7b/0xb0 [ 1829.459949] genl_rcv+0x24/0x40 [ 1829.460294] netlink_unicast+0x54a/0x800 [ 1829.460731] ? netlink_attachskb+0x880/0x880 [ 1829.461191] ? is_vmalloc_addr+0x7b/0xb0 [ 1829.461638] netlink_sendmsg+0x904/0xe00 [ 1829.462077] ? netlink_unicast+0x800/0x800 [ 1829.462532] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1829.463111] ? netlink_unicast+0x800/0x800 [ 1829.463555] sock_sendmsg+0x150/0x190 [ 1829.463966] ____sys_sendmsg+0x703/0x870 [ 1829.464399] ? kernel_sendmsg+0x50/0x50 [ 1829.464823] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1829.465310] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1829.465869] ? lock_release+0x3b2/0x750 [ 1829.466305] ___sys_sendmsg+0xf3/0x170 [ 1829.466722] ? sendmsg_copy_msghdr+0x160/0x160 [ 1829.467211] ? lock_release+0x3b2/0x750 [ 1829.467644] ? lock_downgrade+0x6d0/0x6d0 [ 1829.468092] ? lock_release+0x3b2/0x750 [ 1829.468512] ? ksys_write+0x20c/0x250 [ 1829.468922] ? lock_downgrade+0x6d0/0x6d0 [ 1829.469370] ? __fget_files+0x287/0x470 [ 1829.469802] ? __fget_light+0xea/0x270 [ 1829.470232] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1829.470825] __sys_sendmsg+0xe5/0x1b0 [ 1829.471227] ? __sys_sendmsg_sock+0x30/0x30 [ 1829.471685] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1829.472283] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1829.472832] do_syscall_64+0x3b/0x90 [ 1829.473235] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1829.473778] RIP: 0033:0x7f406f897b19 [ 1829.474179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1829.476091] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1829.476881] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1829.477633] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1829.478387] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1829.479135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1829.479881] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1829.480654] 03:04:46 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)={0x0, 0xfb, 0xb6, 0x2, 0x0, "e072be90bf7041d375010ecc3c80d6c9", "303fd7b43904b90f86b5419d93af35251161583f25223bc6dcc441de4a47d0f6c31d764a40d3a38de56e55a881e7734814b1507fe265097ffa37c8ef14d1175bc114de06ae34b015f5be94b6f4bf5a4f39fd277e7c2605e6359a7f38142ea582451948fdc72dd339a1c1df47023dc490a887173655bb5923a571e27cef35c9e2a7390ec43a2953260c0f3472007640b859a2200b4803c3edcdeb468ec8ffab26bb"}, 0xb6, 0x0) syz_open_procfs(0x0, 0x0) 03:04:46 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x401c5820, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:04:46 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:04:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:04:46 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) [ 1829.527818] blktrace: Concurrent blktraces are not allowed on sg0 [ 1829.571107] netlink: 'syz-executor.7': attribute type 12 has an invalid length. [ 1829.592957] blktrace: Concurrent blktraces are not allowed on sg0 [ 1829.644581] blktrace: Concurrent blktraces are not allowed on sg0 [ 1829.655707] blktrace: Concurrent blktraces are not allowed on sg0 03:05:01 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x4020940d, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:05:01 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x9effffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:05:01 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:05:01 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) r3 = epoll_create(0x9) epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x20, &(0x7f00000000c0)={[0xe50]}, 0x8) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000440)) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x90) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:05:01 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 46) 03:05:01 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:01 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x3000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:05:01 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000340)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000800)={0x0, 0xffffffffffffffff, 0xe3, 0x2, @scatter={0x4, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/154, 0x9a}, {&(0x7f0000000200)=""/192, 0xc0}, {&(0x7f0000000540)=""/168, 0xa8}, {&(0x7f0000000600)=""/255, 0xff}]}, &(0x7f0000000700)="4925a7c531985181aba1e4ee79ce989195d584f240238d5c46e55c44a4912fdc2342e76ff478415eaa6eb55ca676a98c79160228e3883322f3940a70a25c33938c0284fede670cdfc97f77a70d299a8d48547f5b42a5bb09dd4d0537f113a43be9259ac749a13e26f2279e4615d595e02d870cd51a49d62789a8520ef0ea8116c26dfb605ded275b2ea7559e33c1346fd25db09e55a0dd41abbf8dad6a12dfc152a1df471b1edffd6c47c6b4dfd0e1c38ecf39b7ea9f6862ddd86641a2a435598f631d56568196c912d5dba26e8fa118c0a64587148d395a5c598014cf89704595a173", &(0x7f00000000c0), 0xfffffff7, 0x10, 0xffffffffffffffff, &(0x7f00000002c0)}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000880)={0xe4, 0x29, 0x2, {0x6, [{{0x4, 0x4, 0x5}, 0x3672, 0x1, 0x7, './file1'}, {{0x0, 0x4, 0x1}, 0x80000001, 0xf8, 0x7, './file1'}, {{0x80, 0x0, 0x4}, 0x100000001, 0x8, 0x7, './file1'}, {{0x0, 0x2, 0x8}, 0x1f, 0x1, 0x7, './file1'}, {{0x10, 0x4, 0x1}, 0x5, 0x81, 0x7, './file1'}, {{0x43}, 0x7, 0x9, 0x7, './file1'}, {{0xa, 0x1, 0x1}, 0x2, 0x2, 0x7, './file1'}]}}, 0xe4) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:05:01 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1844.160196] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1844.160243] blktrace: Concurrent blktraces are not allowed on sg0 [ 1844.162079] FAULT_INJECTION: forcing a failure. [ 1844.162079] name failslab, interval 1, probability 0, space 0, times 0 [ 1844.163873] CPU: 0 PID: 10155 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1844.164743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1844.165963] Call Trace: [ 1844.166276] [ 1844.166527] dump_stack_lvl+0x8b/0xb3 [ 1844.166967] should_fail.cold+0x5/0xa [ 1844.167396] ? create_object.isra.0+0x3a/0xa20 [ 1844.167912] should_failslab+0x5/0x10 [ 1844.168335] kmem_cache_alloc+0x5b/0x480 [ 1844.168806] create_object.isra.0+0x3a/0xa20 [ 1844.169298] ? kasan_unpoison+0x23/0x50 [ 1844.169748] kmem_cache_alloc+0x239/0x480 [ 1844.170233] __kernfs_new_node+0xd4/0x8b0 [ 1844.170707] ? kernfs_path_from_node+0x60/0x60 [ 1844.171224] ? lock_is_held_type+0xd7/0x130 [ 1844.171722] ? lock_release+0x3b2/0x750 [ 1844.172176] ? kernfs_add_one+0x3c6/0x550 [ 1844.172646] ? lock_downgrade+0x6d0/0x6d0 [ 1844.173115] kernfs_create_dir_ns+0x9c/0x220 [ 1844.173617] internal_create_group+0x782/0xb20 [ 1844.174141] ? kernfs_add_one+0x178/0x550 [ 1844.174616] ? sysfs_remove_group+0x170/0x170 [ 1844.175126] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1844.175747] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1844.176213] blktrace: Concurrent blktraces are not allowed on sg0 [ 1844.176381] ? kernfs_put+0x31/0x50 [ 1844.178082] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1844.178714] dpm_sysfs_add+0x7e/0x290 [ 1844.179149] device_add+0x9a9/0x1e60 [ 1844.179563] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1844.180176] ? kfree+0x217/0x410 [ 1844.180571] device_create_groups_vargs+0x203/0x280 [ 1844.181124] device_create+0xdc/0x110 [ 1844.181542] ? device_create_groups_vargs+0x280/0x280 [ 1844.182109] ? queue_work_node+0x350/0x350 [ 1844.182600] ? init_timer_key+0xd1/0x110 [ 1844.183055] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1844.183568] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1844.184099] ? init_timer_key+0x81/0x110 [ 1844.184554] mac80211_hwsim_new_radio+0x382/0x4900 [ 1844.185096] ? lock_is_held_type+0xd7/0x130 [ 1844.185588] ? hwsim_virtio_rx_work+0x360/0x360 [ 1844.186106] ? lock_release+0x3b2/0x750 [ 1844.186557] ? __kmalloc+0x25b/0x440 [ 1844.186981] hwsim_new_radio_nl+0x9ab/0x1050 [ 1844.187471] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1844.188050] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1844.188653] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1844.189388] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1844.190121] genl_family_rcv_msg_doit+0x22d/0x330 [ 1844.190658] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1844.191394] ? mutex_lock_io_nested+0x1310/0x1310 [ 1844.191933] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1844.192554] ? cap_capable+0x1eb/0x250 [ 1844.193003] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1844.193616] ? ns_capable+0xd9/0x100 [ 1844.194041] genl_rcv_msg+0x33c/0x5a0 [ 1844.194479] ? genl_get_cmd+0x480/0x480 [ 1844.194918] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1844.195489] ? lock_release+0x750/0x750 [ 1844.195928] netlink_rcv_skb+0x14b/0x430 [ 1844.196374] ? genl_get_cmd+0x480/0x480 [ 1844.196824] ? netlink_ack+0xa80/0xa80 [ 1844.197252] ? netlink_deliver_tap+0x1b2/0xc30 [ 1844.197756] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1844.198352] ? is_vmalloc_addr+0x7b/0xb0 [ 1844.198809] genl_rcv+0x24/0x40 [ 1844.199179] netlink_unicast+0x54a/0x800 [ 1844.199631] ? netlink_attachskb+0x880/0x880 [ 1844.200125] ? is_vmalloc_addr+0x7b/0xb0 [ 1844.200600] netlink_sendmsg+0x904/0xe00 [ 1844.201064] ? netlink_unicast+0x800/0x800 [ 1844.201535] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1844.202166] ? netlink_unicast+0x800/0x800 [ 1844.202635] sock_sendmsg+0x150/0x190 [ 1844.203072] ____sys_sendmsg+0x703/0x870 [ 1844.203534] ? kernel_sendmsg+0x50/0x50 [ 1844.203977] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1844.204481] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1844.205057] ? lock_release+0x3b2/0x750 [ 1844.205503] ___sys_sendmsg+0xf3/0x170 [ 1844.205940] ? sendmsg_copy_msghdr+0x160/0x160 [ 1844.206447] ? lock_release+0x3b2/0x750 [ 1844.206897] ? lock_downgrade+0x6d0/0x6d0 [ 1844.207354] ? lock_release+0x3b2/0x750 [ 1844.207799] ? ksys_write+0x20c/0x250 [ 1844.208216] ? lock_downgrade+0x6d0/0x6d0 [ 1844.208687] ? __fget_files+0x287/0x470 [ 1844.209141] ? __fget_light+0xea/0x270 [ 1844.209582] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1844.210211] __sys_sendmsg+0xe5/0x1b0 [ 1844.210639] ? __sys_sendmsg_sock+0x30/0x30 [ 1844.211116] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1844.211742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1844.212321] do_syscall_64+0x3b/0x90 [ 1844.212733] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1844.213298] RIP: 0033:0x7f406f897b19 [ 1844.213703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1844.215728] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1844.216580] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1844.217360] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1844.218154] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1844.218942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1844.219722] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1844.220521] 03:05:16 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 47) 03:05:16 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x80086601, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:05:16 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x80001, 0x0) 03:05:16 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:16 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:05:16 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) r3 = epoll_create(0x9) r4 = socket$netlink(0x10, 0x3, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x90000001}) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000440)) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$EXT4_IOC_CHECKPOINT(r5, 0x4004662b, &(0x7f0000000080)) 03:05:16 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x4000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:05:16 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xafdfb3ee, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1859.253732] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1859.255153] FAULT_INJECTION: forcing a failure. [ 1859.255153] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1859.256491] CPU: 1 PID: 10171 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1859.257355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1859.258551] Call Trace: [ 1859.258828] [ 1859.259065] dump_stack_lvl+0x8b/0xb3 [ 1859.259492] should_fail.cold+0x5/0xa [ 1859.259914] prepare_alloc_pages+0x17b/0x500 [ 1859.260398] __alloc_pages+0x131/0x4e0 [ 1859.260823] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1859.261455] ? lock_is_held_type+0xd7/0x130 [ 1859.261915] ? lock_release+0x3b2/0x750 [ 1859.262355] ? __slab_alloc.constprop.0+0x45/0x80 [ 1859.262897] alloc_pages+0x1a0/0x2f0 [ 1859.263298] ? mark_held_locks+0x9e/0xe0 [ 1859.263735] allocate_slab+0x22d/0x300 [ 1859.264149] ___slab_alloc+0xa09/0xe50 [ 1859.264563] ? __kernfs_new_node+0xd4/0x8b0 [ 1859.265029] ? lock_is_held_type+0xd7/0x130 [ 1859.265480] ? __kernfs_new_node+0xd4/0x8b0 [ 1859.265941] __slab_alloc.constprop.0+0x45/0x80 [ 1859.266437] ? __kernfs_new_node+0xd4/0x8b0 [ 1859.266894] kmem_cache_alloc+0x393/0x480 [ 1859.267338] __kernfs_new_node+0xd4/0x8b0 [ 1859.267793] ? kernfs_path_from_node+0x60/0x60 [ 1859.268286] ? lock_acquire+0x1b2/0x530 [ 1859.268708] ? lock_release+0x750/0x750 [ 1859.269133] ? lock_is_held_type+0xd7/0x130 [ 1859.269579] ? find_held_lock+0x2c/0x110 [ 1859.270007] kernfs_new_node+0x93/0x120 [ 1859.270439] __kernfs_create_file+0x51/0x350 [ 1859.270898] sysfs_add_file_mode_ns+0x218/0x430 [ 1859.271397] ? component_del+0x4c0/0x4c0 [ 1859.271835] sysfs_merge_group+0x196/0x310 [ 1859.272281] ? sysfs_update_group+0x30/0x30 [ 1859.272738] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.273323] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1859.273913] ? kernfs_put+0x31/0x50 [ 1859.274298] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1859.274900] dpm_sysfs_add+0x241/0x290 [ 1859.275331] device_add+0x9a9/0x1e60 [ 1859.275733] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1859.276305] ? kfree+0x217/0x410 [ 1859.276682] device_create_groups_vargs+0x203/0x280 [ 1859.277207] device_create+0xdc/0x110 [ 1859.277601] ? device_create_groups_vargs+0x280/0x280 [ 1859.278141] ? queue_work_node+0x350/0x350 [ 1859.278600] ? init_timer_key+0xd1/0x110 [ 1859.279039] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1859.279519] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1859.280025] ? init_timer_key+0x81/0x110 [ 1859.280462] mac80211_hwsim_new_radio+0x382/0x4900 [ 1859.280977] ? lock_is_held_type+0xd7/0x130 [ 1859.281444] ? hwsim_virtio_rx_work+0x360/0x360 [ 1859.281937] ? lock_release+0x3b2/0x750 [ 1859.282366] ? __kmalloc+0x25b/0x440 [ 1859.282775] hwsim_new_radio_nl+0x9ab/0x1050 [ 1859.283240] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1859.283794] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.284385] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1859.285077] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1859.285771] genl_family_rcv_msg_doit+0x22d/0x330 [ 1859.286282] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1859.287000] ? mutex_lock_io_nested+0x1310/0x1310 [ 1859.287511] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.288092] ? cap_capable+0x1eb/0x250 [ 1859.288518] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.289110] ? ns_capable+0xd9/0x100 [ 1859.289516] genl_rcv_msg+0x33c/0x5a0 [ 1859.289926] ? genl_get_cmd+0x480/0x480 [ 1859.290361] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1859.290914] ? lock_release+0x750/0x750 [ 1859.291341] netlink_rcv_skb+0x14b/0x430 [ 1859.291769] ? genl_get_cmd+0x480/0x480 [ 1859.292189] ? netlink_ack+0xa80/0xa80 [ 1859.292611] ? netlink_deliver_tap+0x1b2/0xc30 [ 1859.293098] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1859.293628] ? is_vmalloc_addr+0x7b/0xb0 [ 1859.294066] genl_rcv+0x24/0x40 [ 1859.294431] netlink_unicast+0x54a/0x800 [ 1859.294863] ? netlink_attachskb+0x880/0x880 [ 1859.295323] ? is_vmalloc_addr+0x7b/0xb0 [ 1859.295761] netlink_sendmsg+0x904/0xe00 [ 1859.296194] ? netlink_unicast+0x800/0x800 [ 1859.296648] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.297237] ? netlink_unicast+0x800/0x800 [ 1859.297706] sock_sendmsg+0x150/0x190 [ 1859.298119] ____sys_sendmsg+0x703/0x870 [ 1859.298561] ? kernel_sendmsg+0x50/0x50 [ 1859.298986] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1859.299466] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1859.300022] ? lock_release+0x3b2/0x750 [ 1859.300449] ___sys_sendmsg+0xf3/0x170 [ 1859.300861] ? sendmsg_copy_msghdr+0x160/0x160 [ 1859.301344] ? lock_release+0x3b2/0x750 [ 1859.301765] ? lock_downgrade+0x6d0/0x6d0 [ 1859.302206] ? lock_release+0x3b2/0x750 [ 1859.302637] ? ksys_write+0x20c/0x250 [ 1859.303040] ? lock_downgrade+0x6d0/0x6d0 [ 1859.303243] blktrace: Concurrent blktraces are not allowed on sg0 [ 1859.303486] ? __fget_files+0x287/0x470 [ 1859.303515] ? __fget_light+0xea/0x270 [ 1859.303535] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1859.303559] __sys_sendmsg+0xe5/0x1b0 [ 1859.306647] ? __sys_sendmsg_sock+0x30/0x30 [ 1859.307095] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.307694] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1859.308239] do_syscall_64+0x3b/0x90 [ 1859.308640] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1859.309183] RIP: 0033:0x7f406f897b19 [ 1859.309577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1859.311514] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1859.312315] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1859.313066] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1859.313813] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1859.313978] blktrace: Concurrent blktraces are not allowed on sg0 [ 1859.314570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1859.314579] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1859.314603] 03:05:16 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000040)={'macsec0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:05:16 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:05:16 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:16 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x5000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:05:16 executing program 0: open$dir(&(0x7f0000000080)='./file0\x00', 0x56200, 0x95) r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x18, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000002000028020000028400001b0000000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e39333730323938383300"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000e971656294be4eee80012d67ccdc866e010000000c00000000000000dff4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000000000003000000000000000", 0x40, 0x540}, {&(0x7f0000010300)="02000000030000000400000066000f000300040000000000000000000f007f5c", 0x20, 0x800}, {&(0x7f0000010400)="ffffff03000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000dff4655fdff4655fdff4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011500)="ed41000000080000dff4655fe0f4655fe0f4655f00000000000004000400000000000000050000000c00"/64, 0x40, 0x2200}, {&(0x7f0000011600)="200000004c3e14de4c3e14de00000000dff4655f00"/32, 0x20, 0x2280}, {&(0x7f0000011700)="c041000000380000dff4655fdff4655fdff4655f00000000000002001c00000000000000000000000d0000000e0000000f0000001000000011000000120000001300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000dff4655f000000000000000000000000000002ea00"/192, 0xc0, 0x3402}, {&(0x7f0000011800)="ed4100003c000000e0f4655fe0f4655fe0f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000003a08c6c6000000000000000000000000000000000000000000000000200000004c3e14de4c3e14de4c3e14dee0f4655f4c3e14de0000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x3600}, {&(0x7f0000011900)="ed8100001a040000e0f4655fe0f4655fe0f4655f00000000000001000400000000000000010000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009fdbabda000000000000000000000000000000000000000000000000200000004c3e14de4c3e14de4c3e14dee0f4655f4c3e14de0000000000000000", 0xa0, 0x3800}, {&(0x7f0000011a00)="ffa1000026000000e0f4655fe0f4655fe0f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3933373032393838332f66696c65302f66696c65300000000000000000000000000000000000000000000059309ce2000000000000000000000000000000000000000000000000200000004c3e14de4c3e14de4c3e14dee0f4655f4c3e14de0000000000000000", 0xa0, 0x3a00}, {&(0x7f0000011b00)="ed8100000a000000e0f4655fe0f4655fe0f4655f000000000000010000000000000000100100000073797a6b616c6c657273000000007ff24aa0bbd309370000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000067b843af000000000000000000000000000000000000000000000000200000004c3e14de4c3e14de4c3e14dee0f4655f4c3e14de0000000000000000000002ea04070000000000000000000000000000646174610601540100000000060000000000000078617474723100e906014c0100000000060000000000000078617474723200"/256, 0x100, 0x56}, {&(0x7f0000011c00)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000e0f4655fe0f4655fe0f4655f000000000000020014000000000000000100000015000000160000001700000018000000190000000000000000000000000000000000000000000000000000000000000000000000000000000000000068bed055000000000000000000000000000000000000000000000000200000004c3e14de4c3e14de4c3e14dee0f4655f4c3e14de0000000000000000", 0xc0, 0x3de0}, {&(0x7f0000011d00)="ed81000064000000e0f4655fe0f4655fe0f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616ca13ce1c6000000000000000000000000000000000000000000000000200000004c3e14de4c3e14de4c3e14dee0f4655f4c3e14de0000000000000000000002ea04073401000000002800000000000000646174610000000000000000", 0xc0, 0x4000}, {&(0x7f0000011e00)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x41c0}, {&(0x7f0000011f00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x3}, {&(0x7f0000012000)="0b0000000c0001022e000000020000001c0002022e2e000000000000e8070000", 0x20, 0x6800}, {&(0x7f0000012100)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x7000}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x7800}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x8000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x8800}, {&(0x7f0000012500)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x9000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x9800}, {&(0x7f0000012700)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0xa000}], 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00b3284bcab252c5fb69a5e1de3b8fed1c7ae11822d600"/36]) syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000006c0)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x141042, 0x0) 03:05:16 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xeeb3dfaf, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:05:16 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x80087601, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:05:16 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 48) 03:05:16 executing program 7: clock_gettime(0x0, 0x0) socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) [ 1859.588309] blktrace: Concurrent blktraces are not allowed on sg0 03:05:16 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x6000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1859.598202] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1859.603163] FAULT_INJECTION: forcing a failure. [ 1859.603163] name failslab, interval 1, probability 0, space 0, times 0 [ 1859.604364] CPU: 1 PID: 10213 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1859.605222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1859.606405] Call Trace: [ 1859.606676] [ 1859.606914] dump_stack_lvl+0x8b/0xb3 [ 1859.607381] should_fail.cold+0x5/0xa [ 1859.607786] ? create_object.isra.0+0x3a/0xa20 [ 1859.608269] should_failslab+0x5/0x10 [ 1859.608674] kmem_cache_alloc+0x5b/0x480 [ 1859.609110] create_object.isra.0+0x3a/0xa20 [ 1859.609569] ? kasan_unpoison+0x23/0x50 [ 1859.609988] kmem_cache_alloc+0x239/0x480 [ 1859.610446] __kernfs_new_node+0xd4/0x8b0 [ 1859.610892] ? kernfs_path_from_node+0x60/0x60 [ 1859.611382] ? lock_is_held_type+0xd7/0x130 [ 1859.611843] ? lock_release+0x3b2/0x750 [ 1859.612261] ? kernfs_add_one+0x3c6/0x550 [ 1859.612699] ? lock_downgrade+0x6d0/0x6d0 [ 1859.613140] kernfs_create_dir_ns+0x9c/0x220 [ 1859.613609] internal_create_group+0x782/0xb20 [ 1859.614085] ? kernfs_add_one+0x178/0x550 [ 1859.614531] ? sysfs_remove_group+0x170/0x170 [ 1859.614998] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.615577] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1859.616150] ? kernfs_put+0x31/0x50 [ 1859.616205] blktrace: Concurrent blktraces are not allowed on sg0 [ 1859.616535] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1859.616560] dpm_sysfs_add+0x7e/0x290 [ 1859.618861] device_add+0x9a9/0x1e60 [ 1859.619265] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1859.619861] ? kfree+0x217/0x410 [ 1859.620236] device_create_groups_vargs+0x203/0x280 [ 1859.620775] device_create+0xdc/0x110 [ 1859.621201] ? device_create_groups_vargs+0x280/0x280 [ 1859.621739] ? queue_work_node+0x350/0x350 [ 1859.622185] ? init_timer_key+0xd1/0x110 [ 1859.622645] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1859.623150] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1859.623666] ? init_timer_key+0x81/0x110 [ 1859.624107] mac80211_hwsim_new_radio+0x382/0x4900 [ 1859.624628] ? lock_is_held_type+0xd7/0x130 [ 1859.625094] ? hwsim_virtio_rx_work+0x360/0x360 [ 1859.625581] ? lock_release+0x3b2/0x750 [ 1859.625999] ? __kmalloc+0x25b/0x440 [ 1859.626404] hwsim_new_radio_nl+0x9ab/0x1050 [ 1859.626878] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1859.627422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.628008] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1859.628688] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1859.629373] genl_family_rcv_msg_doit+0x22d/0x330 [ 1859.629873] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1859.630568] ? mutex_lock_io_nested+0x1310/0x1310 [ 1859.631075] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.631650] ? cap_capable+0x1eb/0x250 [ 1859.632074] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.632655] ? ns_capable+0xd9/0x100 [ 1859.633053] genl_rcv_msg+0x33c/0x5a0 [ 1859.633455] ? genl_get_cmd+0x480/0x480 [ 1859.633865] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1859.634408] ? lock_release+0x750/0x750 [ 1859.634834] netlink_rcv_skb+0x14b/0x430 [ 1859.635261] ? genl_get_cmd+0x480/0x480 [ 1859.635676] ? netlink_ack+0xa80/0xa80 [ 1859.636087] ? netlink_deliver_tap+0x1b2/0xc30 [ 1859.636572] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1859.637103] ? is_vmalloc_addr+0x7b/0xb0 [ 1859.637538] genl_rcv+0x24/0x40 [ 1859.637882] netlink_unicast+0x54a/0x800 [ 1859.638307] ? netlink_attachskb+0x880/0x880 [ 1859.638779] ? is_vmalloc_addr+0x7b/0xb0 [ 1859.639218] netlink_sendmsg+0x904/0xe00 [ 1859.639647] ? netlink_unicast+0x800/0x800 [ 1859.640098] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.640674] ? netlink_unicast+0x800/0x800 [ 1859.641116] sock_sendmsg+0x150/0x190 [ 1859.641518] ____sys_sendmsg+0x703/0x870 [ 1859.641947] ? kernel_sendmsg+0x50/0x50 [ 1859.642367] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1859.642843] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1859.643393] ? lock_release+0x3b2/0x750 [ 1859.643817] ___sys_sendmsg+0xf3/0x170 [ 1859.644223] ? sendmsg_copy_msghdr+0x160/0x160 [ 1859.644699] ? lock_release+0x3b2/0x750 [ 1859.645115] ? lock_downgrade+0x6d0/0x6d0 [ 1859.645559] ? lock_release+0x3b2/0x750 [ 1859.645975] ? ksys_write+0x20c/0x250 [ 1859.646385] ? lock_downgrade+0x6d0/0x6d0 [ 1859.646824] ? __fget_files+0x287/0x470 [ 1859.647259] ? __fget_light+0xea/0x270 [ 1859.647673] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1859.648259] __sys_sendmsg+0xe5/0x1b0 [ 1859.648654] ? __sys_sendmsg_sock+0x30/0x30 [ 1859.649112] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1859.649145] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1859.650867] do_syscall_64+0x3b/0x90 [ 1859.651278] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1859.651824] RIP: 0033:0x7f406f897b19 [ 1859.652220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1859.654117] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1859.654907] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1859.655638] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1859.656382] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1859.657121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1859.657869] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1859.658635] 03:05:16 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xa9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:16 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xf0ffffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:05:16 executing program 7: clock_gettime(0x0, 0x0) socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:05:16 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) setsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, &(0x7f0000000040)=0x40, 0x1) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r1) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000180)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@private2}}, &(0x7f0000000280)=0xe8) bind$packet(r1, &(0x7f00000002c0)={0x11, 0x1c, r2, 0x1, 0x8, 0x6, @broadcast}, 0x14) sendmmsg(r0, &(0x7f0000004700)=[{{&(0x7f0000000080)=@sco={0x1f, @none}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000300)="958e7ff242015bddf8b5b7d052408d9f5dffec91285f6d9543b3b488038b8a7cad40912b967b95a71d7ed3c145a10a0c5f1d7d5864b7bf356d2f2aa44fedc47bf7798b0847454ce566a276a9094301030d4d9a6728b895a4c1c90f580ad467d5662a0fd34d1f085b3c7dc21ef84498da5df09f2fb177", 0x76}], 0x1, &(0x7f0000000380)=[{0x110, 0x10c, 0x0, "1f7d15677367faa3f2429d0cb8b78d143e191a47fce7d3a81aff535875f63e7897298dc1bda2b5f146de469cdd8173eef132dd72863568e7ddccd4cdd57dd0e3ad157679dd4d112c83673154e701b1d04eb4bf5186d41249f9c292502e8c9b540e737b3b24f1a7a86a9ab30fedbd744ba8a1f82becd2300548debcd58743f55b417f1a499b413322b3d43e4fc8b3f3a3c1bc2710a90576899133c9be8ff96f3e0ce1800d73627f050a393e2393f9840ace92bba342c5b1eb8bbb33e7eb0a253212898a44627acdbcab0c74188d3525b8d4ab00120fab0b772e8e69450e246518ca2bdbd4fbff2c5ddb79b6776a811358f4fce1ac66aef9fb0324c8f528be53"}, {0xe8, 0x103, 0x7, "1c713f22975c96209897e00fc5f6ad9431f76b860115434756d97310c61530f922d05fe41a3daf126caeaa32dee5e507205256cb68a64774fc97b3a70d9eadf19cf1065abd516e5bddf57b6731b2573385d2aeb54dde7474b500e4989c308a955e89e5669a24ce71174f5cf2bf9534b7011e1588d0d8d332ffe99d92fde972528e238f6e1f9dd3b30c0be6882eabe12de336b6d403f7b51ab54507ddd5e77d2c7ef31d3d8361a3aa129bdb041d1bd96d4f521408eaa8bf16aff47629f64305d85ea4e6f4e3b411286d51d32806a9125b21a10297"}, {0x110, 0x1, 0x9, "4b05cdeb6831a04dc585606e8f898303b8e85827f70996188fee9c195f7f28f49b060f83e67380220b7254945e70120882714f14eaca2adea2e205ff3957b9cf3aaf973e4505ed2aced9ec17a38269d1e998ce88fa6eb8685cb86da92b6d51d7297ee17d43f5fa191d00a01d2756527d630684501888bdbd70eb704568e361d5a59ad1928b6643621d8d8ffdfccc6b454a8ae8b6ffdca512bcf7ffd80cfea8b0db13fd9dfb97fcbeca060f7270d3fbe4c63f265bf90d3e034ae82985e834995a2e485e371db785d4466ad907cbdbf01ee13fbece22aad9d86f17254ebfccacc68573215e3fd27c3650610fdae0495afb8ce495332b2aea3ef69043b6ed"}, {0x60, 0x6, 0xb5, "ba3f698f7ece8c7a61a0df59a6056de1f108880ef1277bbbf08da1e622a93f5c2431137f5639f76ef099b23495fc98f6d83dcfb38fe668a11ff0e2b24de3180ee56231fdc819dc4d696a06f4f9"}, {0x60, 0xfd, 0xffffffff, "47d7a50149ad38442fe58ce0eb00518078c372b0e554dd098250542ed90f69d6913c198c7b86a97467020dc3e19c3e6d5a489a1919552429a6a90bebe38eb7fb655469633d4333c69dc3197d71"}, {0x70, 0x29, 0x9, "28dea5ed1ae7f08eb41b0ded6b96f949fc6bbe9f680c7ab43fc9a335bccfa74a876681417f62e07d879236e710aa50694f4bac6ddd33cd4d1a0824a24bc7bef2029b2a3e1bc03c55401d51446dae403eef2943a022a2bc950d71ecc9fec3"}, {0x58, 0x1, 0x1ff, "3c84a5984db795162068536836ecdefa1feb51a5aadba1e6d0c0fd82502bd430e9ff219718f664f198e1eee2ad36cab3820eedb62f8c5568434a96a668af058a464f8994"}, {0xe0, 0x116, 0x7fffffff, "2d4a2624551f8dd88d559fe86e71a194628e9d8e8736e309bca80efd13bf0115d64207b64a5f968b0a857795cb340df555b75381750d92d2d2165cc20c0c9979a94a637d5a44d3e4c5196cfad5af5ab34ab47474cf98cf6d47884eef8c8b6046a77330cdb387d9f9678b0bad57049df6c87fdbce8b9f49607380e9303df47b258dcde3ce745678c1bb8069c1fa0c74760131e14f11a71c88845ed876ee85b4773b08ca42f4aa18f6f51f904183fc54dc9496a2d7325caeba01ae1ec5935617bc830e01dce8afc670f66ac24ef41b8112"}], 0x570}}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000000900)="1f58d3e51c25df38c6459a9f8a45d1fb32263e532157722c04572ee4afcc0fd592c24a35531fb45ad7814536dd2b7a34a837ce1dcb4b4e598ce03f1ee4d958ea1c25cf66936e9cfd580936827f8041d51afb18a10a3ffadcd8de6240ac0dab4414579ead353e422e8354e8d13a63decea6ade2ac7da99c5954701faa9311b59f73b970a5056c4c56271e26fa9ac951d91b20c275625e59631d9d5f34efb77727eedc072b6ca7ecc45fe591e29930f3b445f36b5e6377e7395acf8ef10b27023bf43cda39f212975d3da12db88f8ead3a85c1759e45c904a2a0c164a69ec48bf015d6965d2b0bf5c3c6f81250654a22bac22ffb8110ff431be84ea394b9514538fa73ddd39d909c0e23a5b5721094839dd74997efa6587a1f56178a084dca83c02576c761f6deec809ef0212da7f3557b17733549433615119e1305ebce2ae2104ac9a0218602372d54abcc91c38eb4fad1ece6cce8e49a712e4109571a9777a5c6b2dd0684b875c58f5aec50f6dc9900ac57a235539dee47b9c9a372664c62d6419f471b7b80fb862a81bb45cee9304277000f0f8e73deeeea8aacc389210034e2d8c8d072761d5a78f3df66eb3a170db3f9617ec037dbf9bab49ce4630e3d8687180ac820708481b20319f26e656cd61fb9564633c7c1f1118756a12c5f277da7cc4ac48ed25465e947359573524b64ea7d61a20a831092b98e77ed1ff1e96c1a36afe4b14ef4bf40761c87622ea8bef9b6f34795979c118525d796c1223ba0265ba76f6594dd2f979120544a42759bb71a9557a27adb415c3287c405da5004361922540fd68c2dce222207c7b6d9a980403363707a1db93f7bf5a3225ecad352a5d202f2c81c60b6c9e0939cec93a9cc0506fe5ef6e57a1dbe3e9b1d06b22bc3f68cf55407f8c5c8ffff809de1800b0e0fbd1266c9d9886769a0a01e27d34c684767a37e2a7036f8200d2b43caf61a30fa79d30f6d52f539db348c74977e2b6452a697bc02665e4ea386d64741dde43369c48871bdcad8f2d1aead032405df8f905f5bb3801ee9103782f06b7e38429d6a41ac22e7357103497c244ceb793a40f1a9ce49f6476f784a70111e13a62f608694135c99874e8fce6727af65699dfad4efe5592df4dab2b2de66246f5dc0619bf9ed386a377ef0fb37be19d6338b724e77c163983da1396f82ed0e27941234319b335353f2757c71b6dc590ceed41d5e14d1f30d89415ff4ed0637a5fca11dea94785b6ce7727740d12e5d20acb81f9366fcdd4b77836b3eece68f7381ca9ff940d02b691996d9ceebcdab80f1cbd5af3143149ef62d3434fa642ed321a4394f145087189b9f77017828c2ba70bdcc0d01fd8c8533e250252b2a690e972b820687f935aa4a1f28f116ed23aa181e837a8540086d44f45aad177d9733677de09ea0edce916e0973bcfb0b116bb21a1a653ab4223f42ad65e3b0675e63f82d33a2706a0625f00223142ed4205b992d476a4eb583e11a3a51a9c0d58d1b3b8957511b23ad1a1f066108540bc54bec058dac6087bf8dcf20c62691ab11653b1d08d4f08144732af630b15ca1def893af49e3164c81471232eb98f9190b02cae88a11a5a968901f0e67368baf29724522fcc459f90d389c7e0397951b70d2bc63d2b5eb0976b88cd3b5f202f1c1df77b8e4c14d50a6b897e7b8fcd5b284852a720b0913a2be315736a829d71cc3f9a774490b520618a47951685895151455643cc2d30c5ff471ff50a08ec149301c395b210ffcdb012d70121f2772b3cea4b6272e418ceb09e1f5ab5efb4d36a46a80d0c448411f173fc8662a80e83ed50885e31594394a2275357b88997024fedd8e5c7fda3a2d6c6c843ea5aaeb7616fd40cd970cf2bf734eb90c0c0056c3f993fbca1ab6adcea3cc042f3de4f8bf89fe8e896fcf59826ff4ffd369424add968aa07c0fb2a23a788ce2a241a0c27bb48427f335ddf772e60996a10052c0a87e759fc5bc7af7fed65d6ad1c0459daf1e8633a7bef5b1926344b68c7a3b56aef1a45e2eb249774ea1b459c54238df101856f2abe97ff4a1a3992d13596ed92ebf735a47d01fda07b04873b62b96300ec2c09ac45ede84ad73ff16f1923986f336c00e84cf29cfe9aa6bf46a8f8c7551bdb2e7d95462df28451ac34ae00af41e34bf6f8bd76084a08a000f29df585f7c09c60fb91fd898c938b3df3f68a2a8abf945c652f01692c5d0565785a1b4c4da329608116306d36fd8b78cac2fbb970f212e1bc4471c4cfb2cb74214ba237deef76110dc69bba37c6011d577eb39ef0a2a3c18a9efaa837cc2b1a164b619a9a9418eb8d31e801ca860688e06b77075e2d74eb26f5e84937b530143e74ac1274ec4b9fff617d89da519f563ccd9145063fb0b8cc1541f7d702033657cb20be767142cc26603a2cbbbc1cbab89769fdabe08ac053b8fffcc76e9b5cb19ac5288e4308a5be45976c94397cf56daedb6455a8107e39688b8d791e60f7e1a882755f7c6f224e039ba3246a2363faa5d917e3631346acb9aa2b286e0dc027c47b6bd79a35e327a94ea0343d2e136b753b7752376b03b59c571deb06db1054797fdb8bd005d828925fd768636cfa6f71463fef4f66cf22a215fe2d49c48caabd4a26f65b3d7564a05d40756dd2262a00f085921587731d424aadabbbb2978fff8d477c412af1f2e3d28f4a6f1f82d2afd263ea886d0eb37ad59ad8915e4a734b0a3e68bdf171b497c514306c90d0e4fe7a18521e2bf8419acc4a740711e25a1b0d2d3d9618994fb90ada1ec641f06cebffde97ef2b4a9d119a5dc4448a36eed2a381b8f4330a03b198772b37f7f56cc6b6dfa0659cf50185f5075a0a001a1171f8a6663e1b5afa18c3a4b3bd69c9cf856dfd6479b2421d62ab009d3fbfcfb82e23da2968c23e0544b8f43551f0ef05beb20e47cecfda6029a6ef1b38b4698614e83c638e310749a37491e52b084a297811ef0ee7d0ee252b2f5e720f22b3a368489b4bba7dd45468c008728ef6093aab6c8c0a32522622daa8a759256ec4b42f96e8563e8683050adbd74126e9a69e0a2a17f710ad9011045cfeec5fc487dcfdfc100713f8fe24e3e81c88540a191d7ef47b207bafbdb6365c84c70be0c21c872658f7c83f29cedd550400852469510da9fdcfe167a3384a51429649e0683bde869a72b0daa87c751354d3cacd7aa265d9f1af2def59ffebfad02c6b4c267a18d93bcbebf58c667f0fcf68f9604ce7a2c70ed616e6d7603c00aab6b6e3b194f043d47ea745d8b2479f66cca9fa6857122bdfbab43915f705418052c0bea279dad7304150748e2007964b18983e220851893dd483fc6a7fd520fdb04612f9e2bbfd615b6e1a2ef1b0de53b895631d598c703c0e6f012a9e0e93f876804f1dcda6173426402579df718adcd48748da49efa6f92fc1324c1f6c28c6de1c474e201dd5a5e80cf8d62260dbb562594a3409232deb6f7de31b903ae215665ce0a4d65795fad66df1046e1386d1f299220ac30d1cc87e8f3b4c7c098af0bfb31ca468ee45264eead35a870ad9aba1a5ccc3181e327112efbf8e23521ffbe6321530b5aca442bfa09f93e1c4f03b4cbd3c2114f4212b59e7e4372732b983d67adbba57f4c004a4feb036806b062f7108a750ad94cedbc399e1d2fa4ca563ab56e0e94b0aa3d4c3fdbe3cd79f7c6cb84ab62b7920ba8795ee557604251ee04528b24f940107ef7befdef6834379d4ab2a1fd27f50a951db1db027919cc16b9378552b4b8d569994c09d167f5702c95a677f54cc7fa46f02e61a95a38650a61588e0ceef222c0a7750c87bef93fe0de1e65660b631fce48dc8eb1df151cf5db4850cfd9c51ce7995ed523784604354945c561b5042e3902d288423ef06baeff7616de63a69f572f6f502405747d0cc27a969aaae82f64c36fc7af46ed409b5fb762da9b1143e49850bddd4721b7e984ff04b32bfba27d4ce5f6e55da4e59b7372d8f58b84b4d18f38901a3147c36ba08fae42cb801e28fe60c91e870e1bdac796160e32f342f418c9e426e481d91893e78c1834f150c52f2a347be18c27fa8d7f4713034426c76639b7abbe513e477d9a56599f26b0fedf662c74f3283fe209b9edbb4c2c335280910f6627f20f39e058de0bc4d675d114dcde6941bb0e7659a0919e93fa3aff5bf77644a9d39c1793e53bae9207850008e73bb48410091be53f4d0492cb3a35852a7e7ecdecfa587e327a2667a1c8dcce8a717e0461858b9e4e36a23b1677709e052a2639569e39f67303ba7c5d1631534293121ac701ebed86ee799b88438ee492fc2ad654a997c0f45ba36dceeffadb768177e1f5420d4e52095218a45a4fe32bf53cc6961204c5069385265c503bb983ec58dbc9f7ce67d259f5d1b0d28317ac96728f35a9d6f424624890151a532214c2c75c0680987bb43b9873fe357bc039247397308fdbc6614158624557db66e57d291ee9e97cae2a55fcd8eb27fa4dcb69947ba38b36f2932ef8949919ef8c1eae3e0af1484aee4f6672bb6e14c210f0c0abe33982d9fb050248319ea2b45d404ed786fac1a1691e0935efa3857dbf06d7a3e9bcae53cd863d75f99d6157e6602cf8989a02b38f04852ede3d0b6229d85bd874758e1b3215438369365c679fffaf845e9e6000928580f2ad9e1ebda760ca520c5aa7df0952edfadcbb568c6a7344db3ff24984df10c4356889b68958b09af9bde62b8b5214b4bf5646de5d226b6d332d3244117adbe5f72bc6b480ab0aa8f1cc58d5b949fd6c03de001496f3df5bdc60d0d0098d57fefd59d3fab3a4e0f209e813ef05987f676693157b8160b61f82177ccc034d9e56ccdd1617e713f7ffae71e2548a0b5d6d217df714255b16eaf1a3967d52cc09a260ecd68d32b8714593c0e409db317b679b630c3443ed456ca1380a330f594218068d576509ee15ec0c29c5413f3bc078a85b9fa165e3eb7acacc289eb70cbb4289a12cefe1e9f6c654eaa7d3e30c6d0f4905540e1f3e07419c9382ebe7bbc4b4d67da435b85f15445958fbb6f3e5cd3413f9339f26a5e2144f6215768d1f57567fc517f1dcb6e9f111c73a4ac7b75a372bd630658413ca2f9f5b4371cad989b6f0d6ceb77c634c91a68acc6b3b857d96615542f707c33f1cc3b8cd44c2403777088c218ef929ef0a3130096791fee9fa6bcc49cdd62a2557d3ff2a203e58a2d2800aee645eac55f3e6182981920ae1237c292d51d16aff4fda7768b0bb5c64523ed24f7b2cd2f1887a264c6c72762e513275072ab0467a38a199417d85906c13db999987f47d11b803d2c7e5f9709b9b7a4be533cbee6b3e0bf61341f06a91bd5094829aee314d7ff56e575e914b3ab4d622bb1c7bff9834d14633f2c23272e0cbb819171f10feb325d5155ce6ecbe0de5741f5993f9adedcb541a9c2012ef0223b67eb05e2c7c86fe0c116844135ccc501d266ed83ce3e189abc9edd9cc3c891568e1928f5c6ea2a414e95fa4df1c0c20263336567c12d1f045eacdfdc0066f440073ff9e688d91291e60ad4e152e3153c4e2adf96c6dcb4923798e47a2c21e62f583d22686c51f15b92ab573530c6129c7e94c87ca1a8921185d3bfb6eefd84e42deaefcdb12f11b334d22f9b9c968303fe7e66e0c2dcde84bf755fac9752cab0570bace90388420b489461504f8d2a6f0151ae8aa9c94d0809fcb3397c768789063cc46c3ed1ab0ed4a9d4c4dd7b23a48a9a8f5051b3e238bebaa2b9aed9aa0adb0edd4ec452bf5b5500f233d9a0e43d7ec5d04647ca0eb2f09", 0x1000}, {&(0x7f0000001900)="05c49b3dda2947a8e5ba16909659d7e08a985ec357e49349a7465226abc9750056e56e7c0c0758ce03", 0x29}, {&(0x7f0000001940)="7fadfa47db868e6a7701d1969e0b352600d01a6993f38ac45ceb956cc16b29ebfbdeb2cbf51968779f9aa5817dddf43e94", 0x31}, {&(0x7f0000001980)="6baef76ab5bf63e35d7f93836d4145a1d9eef4935b07e5f1b6647b582bf58efc09fc38f77e65afd35cc013ed8498c17905512d903ae6713bf8d6aae9770f633130d2f551cee00f5e165ffef2b28853e3c3e1f9f4d346e5f4e70c834bd5c79eb7d778dd955573c73d9e82acfa0131d514ba4491a6e234374612c892189e06fab19f16858ac4d67be68e96656ff85e215aec2010a8d760344f25e6c53632d5a0905075a7dc5f", 0xa5}], 0x4, &(0x7f0000001a80)=[{0x98, 0x170, 0x581, "c4699edb2de15d4515e1c99cb4aa853c15afb42d0829998807f003d47d002341df6d27a73fa7819612d04ac3e04b83e7bdd9767968aa1eefe443598cc044871bf0a2cd18cfe728fdc721077be905a7d9012972bccb1dd98dfc46c4e62b5d71470d822aef57d625ea6453935b7964b7d0d4ab0929236b2dd5e2c2a54c05feba8259c7e84952a0"}, {0xa8, 0x29, 0x3ff, "d8ffc74c7d295f837780fa2a160126d67cc6facdaa14fcc6ae00491baa190040c7e1dc3ee1c7bf9b0a35fda0c5ed09877054df104a372dfbdf3b98c0c31ad0566c7032e2a9b476e15dc5f227968697268062a5f06dd4459b4f7c48da9863f765bcf7478b77a9ed00127e489a5cb93d10734db76905cd97defbc71fd49c1cd823d68a524b3020ec28a055b0d7034a55dab8166d754c1c"}, {0x18, 0x11, 0x80, "86fb8e71"}, {0xc8, 0x101, 0x5, "42d36598cafd6f1d569e5ffc7a3a2cdb27cbbc476e685aa195cf1cd9570fe039d825325cff7e9118aa0a6b8ee909b959ced7f781025ec9827935d239689f93ee7f57c341a32dcf3801dc6d4d4ee151c1f13a365bcbddc16089f7646b90405aef4c9762aaaafdbce3f1b9c59c0304f6b93184aceb830f8f55f2a38f4524a751f7be2d90b09aa1dbad1fa3f776a5161a9ac156c61b0820e21773ef9ec9f1960f21244d8091f808b26993e519d6eb78808cf9c7489ad879"}, {0x40, 0x10f, 0xca, "be852afa56e70243545d54a04be4f2a885fd7bcd5fb07c01c1d074b2a163e8ac0539d9c6855b21fe760ac3235bfdb219"}, {0xf0, 0x88, 0x6b0a, "9b180fe3e908ec058ad541ae9227e9ea187fbbae99efdc62c89b55670d396de09d100b1d0426d1e4cc8e841709d2602d235fd4fc923bebe9d8b6904860db65e9c8cbc63f140561f2acb0e1073e0c6f3c069b30ed13c01dcc0f1b67b039eaef02586246c6c60762f98dde4d0b78c9da93a96f90281a5538c648c7f25bccdf1be8ff7fdf88f40dc3783a4f4ecabd25930f5255e7a7d968a1fcbe5fef68bb2b9ba4c5e82a15ecae3914302d752de720ec99febb588b2ae98e102fd8114efc53f494f2aed5400691ba32c51ab151086e976e9f4cea96601dffe41a4b5e27bb39d2"}], 0x350}}, {{&(0x7f0000001e00)=@nfc_llcp={0x27, 0x1, 0x1, 0x6, 0x74, 0x54, "3f259957450610f66850866243125222dfde52efe51799a9600eb0fee473793e978cb811bdfc34be59d7a8e716e45fd0203fd57a3f575ecaa2826a6354210f", 0x37}, 0x80, &(0x7f0000003300)=[{&(0x7f0000001e80)="984a11720706040b4d44b11f1a474a4743d704a73770c1bde85c95233c509cbe86e39efc36932701a9d224c0c7b051804c2aa4d69ceb5e48610229e0fce1dae33d4914e9d5b3802520a9b5d6ef4b9fb0b15af661f66fa2a98a9ee412a4a5708865797f839743fb783b7de3ae2a1433ceca7f80ffe018023d2a33a92000566d6ba91035ff4709412797b5041475893066f9e911ffedc1f017c13c2e89deb21bfb662d5b54ac87b7a1b93cc93aea118512e743a3a9f2e231e9713f48c6062e5a7b53", 0xc1}, {&(0x7f0000001f80)="aac3529ced1239bdaedb028ef744cb64dbcebd45c715aa22df25b186d762eb9dc591d8435856bdd0e26c0a71e211e96bfd70ad21861c6d525a39527669ed8244fd79871cebc1168ac847f7f953c033fc8a87c1b2a43c2013e8b59db2557c45e544477cdec10e2d7aefcad5b4c85844cb1f96672393e4be0d997d409ae0288f8e9e68b19e5d66631c8dadc3e12149b850ef70e36e38e0c682e60ab350ea9b4af8ba59b669709100dda082f27c002f54122c07d4239290b6aaf7f1068e9baa9b69ff5ff78a3138f6225b4fa53728cfa345529df1e901005700d2d47999212585b5c4d5eb0503707542ba0b2848e38719f45367df43cba2cad969c223d40e3b", 0xfe}, {&(0x7f0000002080)="a1b772ef02f97a8c20e0ab84c1a67f9df7ade8fd0a111dd7fa392a4a3017833411778685b3296ca7ca69ba94ab7d7a4bb3e18027796ae4dd74c8544d426af3238f507b533122eb9a9500a656a9131c9b437f971253119cec0c5a491c339e86ec709f5b5b054bd112cd2817f1ec08fdf70243b09d1be6d66106af3584e9981a455eedc6ed35672970ee9f500f4589f006d7696ac8e2a5d5d1d76e5b", 0x9b}, {&(0x7f0000002140)="c056f47b31b2ea00e0ca3051f628ef4281697b179ec506b53c2d3c4178609f2b8ba554087df6b6517d5a487153b9408038545ea7588d5b19f3033532e2813db878f8d3c21292b7d6464c72852af318877c25677f76a3e8831ae72a938ec2620ab1384edf1bc0af51f4ed9c91ee548f3a174f9edfe2a59923fad0f98c8abbb9c1ee88df1f459e011e87a7076033135b2f0445242839c2b33c081ec3c6cfe7ef00290202559abcf0b354f66386b097f1eb5cd55578c1bb9bf8281af5", 0xbb}, {&(0x7f0000002200)="66a7bde0eddf6daa4c10c078ef9a518ee7987a54a9b6667006272af6c3540079dc89ce8ecf469b065aecc8426c7791476e55958af28074e25b87c163c364093e928a876a8ef4552bdf6d6d1cc9d1c21c5f2f464818a71f6ed3fee99568e2a6726dd487c8e559d8adf280a40703f10ad0a46a4a210d779b62b5c3ebfb9be3527b48ce1fa006fc05bff077a6a0c617542b3a8da8e9dc41fbf25939bc50ffc36fc53e1141d6dbd0ef08a3c5239dd9a794bd177537b80d72", 0xb6}, {&(0x7f00000022c0)="5a48e6f42b2d98eff939764728101b9cbc7f497631b5595fff138c7ac92045f502f15c20a182589811f3da30292ca938f6f613470ca95601e45391e145203d87c91c17193795ebce2887fe8dc768c4b5158449faa095155de545b58ed6dd77bb6ae8bab219e481a56bcc8bcc303b199a72cff5607de8abf657d5816f506d14713eca3c0ac0c5d4b1617825da6ed3a6054622566369bbb251af26caea2607a83d7b5a797612eef5bae51bb7e7730325b9a510b7be7fd4937a6acc8a0c96f7f493c9e1aab63875f468beb0a90fd365d1c9de34d99aebf2980539d5f70a70c5e764c6497e0f224386e7fae49c640ef4e5f33904eca2f5eb5e08bf7bbced7a95f5bde0f360de520733e9a21b8bc18b6828fef4b5915747e46d19274d971e9fb66c348fbfb57c58b2f211d8f7e64e8c5bd71c3b4e64e14a959bdf14365a59a7cd142c52de21a6d5ce0c61b31ca270fd06d08e7bb6b9a9078c2525e67825dd6f6d02e7afe67ed5855c4ed64b6e24d4d374de964312f01be52c40b0aab0f0b405f3ef56a29192bb3065d7ab2059d8d70a0d5dc8c6342dc3bb57b6c00e37ce9e9c296f9e2e601767b82021590e8f14aa57d054b9fef34914c7a1d68e353ac56d4de4094ce49cd40bbef9b01d48f99cd0a89d51e05c0c4d22477fe449fe49a32a83b6c1598b41f73ea32985228ca463ec5f9ca455d2e21250d13ea2b52e42fc44847dc8e4dccf6ccf4968593390886116c627887662e7f651e922ac9e33c328035ded1deceaef5174aac32d3b38c85394245fa7e4da3086ccd184ec7fb9c1d4284a7fb511d88c4e275010d3ac20ea122b49af70da4fefb8c83b93e681986b2a15e2a97c2ad761abe5d6a07b1e5e5dbf4eee8a09be67f95caf8bdebb4dead7e9edf51969e1889f32919d3dc551a484e11ae1ae2be64db6d99e658667bbffb13b1ef7479426e4dd4e6558a626df470cc4950661df8523775bb8fcce7d079ec41dea87cf8cbfa1b9a662f94847415ac106f5a9677f7c1bd9fc51f36af008f3ca69ec3dbd0e90aa98170ee71c3145c2232311fe29bc077be2a561fa567b3448578e89f407d920af4b58253ec7f988d1e52a7047a9366df4938eeca3dde3c4ff1a95f80dbaba52570d9e2fc7dd8b6a4eddd2fc682eb7fc20c38a3c6742c9671130d2c4590bc36d2d593fa80f576ce7635626e31c2f72ee16c52f4412af199327ddd78dc13f6d51cdafce0ad06e7c889c242cb57e0aa770e068b9f3ca43b9a36bf57c5f055abf987d1c76b5617df09345d0267649cd35a530ec807d26381dda88ffde88e7f6da7dc46f5dae6d71e81ad8a2223824c8d610dd9e8656f17dcb0c576de9340208498e6ba14de0144ba5c875c398f15e6665cfd191d48b8f39f9f1f14b750be898be210dae952cb7cb161061cba174fa9b85d4c5d85bd2659edc3f7d90c1c03b6dc8ea6893495d811baf8ac45c01e65948c1d714f96020c614552ec29653775451f61b0ac99e4ce554fa2cbd9bea3d955f9b175ea52fe6afab2689b3f20756b22987423e18022e66ed64560b741c3160fe61954f40a911e7b20d9a29609aaa60e5144fbe839579ac6ce2a91c89f39db449b5cf39c301b72c7c0db04cc52789a39bf6916031dd64b6f87ff26bbf8aa0beac3e9ac804e847394dfdaa551af870f5fedf0e327e13d18efae53ec59b2a283858d02a6d7c37984253f3818503b704e1a1f3ad7289845df66d9b296a17bcd7bf0cc7b087c851d9bfd0998fa05eb08e0ac848ed6e042371c9558b9d76d36557ba137e0bd8e74dfbb31e8715c19cea99bb8ec26ab2133eb4788b7d244c4125c8211af2ec62c44c462bfe224d4ee14789b5e5086290ba5b59680d55b0efc88bfddfd3cd12f5061b92b7d65ceef7278828faa4f045af75b31702e0f1e8add704057f6f310324e37afc84e122adad99fe1039391e10e1a865e7d9e03adf8053d0e253975309e24c6f38569030e2c4b18101586f9c0ddcd7f2c895b8e75c8e1fc190b85a981755ea6e44a6805f90233d83e4ac821a6cf308adf89fa53561017bfe15a068edf5d362c32681a78d0d1b9d28eb67a6a99dd93b870807bfdc90a5b2b9350f8911d3162b7c4ea1b010071fe677c2317ea445ccfe7db256b064df5fc6d4fa5b406e78daef8149aae62f139d545b4d4d9491437a3595ba6c9b385fb8e3d50e61929ea00839692f314398d591357628d16ba95e8db0a56091d0c79810e7d3a6f01bb5d9f46545eb9361ff47fb65d474959ef5dbc08b33d25dcde6beba999b82c48079b51e0b4719b5de206e796e98407348599a976e41fb18336ce60aaf7f5759fa11330941c82cfc2f0ffd75d4cb25334ab25dd28199558d51bcee7eaeef1661f386fab20cbda273bb419b4e957574ba409dd6305818d5320bd66b053f6fe4e20d1769ac9c1994aaad3f5ec29c255efab4b7ab7868db70926451a9960f3bdc351d76e361dbf3b48414702855cd3c5cd1061a7104f390334620a27cc6aa86356e70186d49b545b600545ab9f95737caf83a4ea0f7edc10f438f24f5aec77d94a61ebeffc0b2cdd80e601dbe636fe8b6af543f10298d975f9ccc6d02ec4e0d3534981b3127de8964302a5f67f7c175de6e380924dd17d60f411eff751a61bc8e8814a9cdc20d86e6f0e4e3a85ba433571186ea2bc95cbfbfa533026cb09f37ba5b6534bc5ee3b46dfa3b81bac75139353d615da2ed659b313a51dfffc601d1abf8005ca864ed13502bea3fb31606d7e9bb5139366f6624c08264a4ee73539bf5e3eb43c2b9aa559cb754b984040350a81e011ef9121284f275e58cc0b2927e79f54dbd99f8e8a13100c346155b1710934cd12a52ba54a3886c6b70fe47165df4b7691e705c723836b3a6b1c5b94a8e32b888dc0c76f6ade55c35b65c35f86cd732e5302202bb1342b7d09c4092d7b3e53a50bc983b47bad597eaf0c3701ca5f83fc128563ca5db3810add38de863103fb3d9dde72fa491e015940abf2eccbbd01edcb1e3145f6181f671319cca76af0a231a58240358c8f38229449b8c30b394e9af26f365328bf1033d0894a126c7082504c4c26c0344463dc2d491a19bf72a50f33b520733512e933999db649a756749eedb1d3397c0711e12a9f94db1899b6a34065741b680d99ea2d31e5d0b930e3d3d85db31fba66dcf233ac334845baaa32f34283bdb3e802285e201947eb8b1c3a8ab901b913e2f83bdb2c4c44a2e7187d2ccdd5f78f61744ad07bf93bc8a183455404ec974476a428a11b605292e7140cff289a8908a57929c9478f85b56678cea91a98bde2ba6a6087a324fcdb3e902b0331e742efb3fe907134590ac7976fe5a332c4accd82259b2299a376f997fafcc47269c755b9234704e03176597b40b6d7da9d0d56ea4101a66e064470a5529e21918d7d130d6539fe7a70b75e763e929c05080fc9228bd7040f5e3af5cfca04036eba1f66875719d2acb53167966635a171869de43934c92afb33c2129fd7bf3bc9e2ab97db15501bb049e80099a225460cfb30176250da00e83bd94c6ee7471f9e4bee568a1a951dd02156dba980b01d2228ed60c79d20184a803652ab0b120500f7e2fe26a19c271c8cb9b34e9c2c0093b448338797ce99b7a122fb26e047817faf91e10ffbffb0f16ba56d14c725ec9059b2d83003d1e5c470b76d44cb549848a922c0f2b69ed1ed5495f6100bb2d03ee7317b767ab5a055a5ceea130e01dcb8f9f82038cc90a78e3e5c6a151088cd8be1c4a5ab8c7ebcc83fb833dc9993c908064e4182675ad5bf9b7172d45a5e57a545f92a6c8c1446358c4b06d27241180fdf55c34a2d691fe2958f3ee0fd67e28669032d67d097b5d58980ee79743143d2b77ca6039047e2f792aec2b4d17d418bff6f3ac00da999d47355115f34a4947c5023ff279631635b0aa859cebf3383465e7032ba6637de37e9d0d980a8c4653da56df049fb36bdce84378cc749f8d3d83a63ea0007cc2bcbe7954379e1dc9184bf2c45dd71b5007f986a53defab8a5449f5a08ce022f9bf439b1500757ca78604e0daada5851f20f1c5c32798f560da9f1bd05c92e81bb1e21f78d1e9d3870b6366692ffb15b21a9917e706d685206c9403e7ed4616dac17e0c1337e121fb15814ea7a1ec545c63c4de52ebc9b32be51b5e8f8abe2eefdfaac76b0130f5d804ef835ad18fd0d489f3053d276c82583ecacace7f8e55002c3698f2739ddc1ea5c5dbecc50bed587f74be2fc2f205c0be0e01e66f70546a5f93c13441542f31ecf09027ca00a0c241a9bc1db4fe1c0b99c8c29568b0eaa30b185f06823d2c2923d55b4f789d448d4836951674fb64a45fbdb999725132621f190a6c7648675b2b683d24eff50237c75b3e83ee59f27e99cc4c69e96a782ad3c48d4c94b161a46e132e5d423531fffcd5b155ae0c764fca14daec5380a609c82356f074d9b9457058cefe3a755559e47c7e536194aadcc24fe69fe2ace5b12d2dc8c9550a4f9d1a66b314e6ac4125f17bd4de60a940ea00b0aed1a8df0bb0a36e3ab39ea01337b577486ebbf4ab4cc52909286cbc5df9c677073ac27dead62fe6e2a66d08894de7de4ccd5a4898cee311fc39447c29b5dcc10f36a48cf6b9db7af8fbf85c2f954022f2190ce51daf6417abee7ae73aaa854c8236f08b44031a05592a44d9109d088e24f7383f42e9cd640c4d1658bc558fb30832cc8218a1e6e0457caeb70fa2d0d78819d277d062dc490636b98e1c801b225be924ca8fa07ffcad537639a33a449c0c3fe34d80addb7e492a3887e9950a55165a04a6b2147e99e249603a53ca2920f4df8c06ec83f20b9c23641366f6c916966effb63812185dd0b5f27f5dc227b5134476fefcecaab3d306b90095a3e710073ff508a601698c91d554dd51c6eee18a5c762dfe2ca16931624c9401edd7d148a400a4105d2fe5a1db123f44695c2de03636d730047046cde87cf328f6e2ebc53a1371235a4cf025331b65773f362b69b123f8e9597ebacde3c5ac8814b09fb27dd83bd5fd592b82ad1e6fbf3e9908a754c6c060cef71f438196c7324f67d25da3858d3f6e1f655680ebf277611b6b9fcd3dbada9715a40f086fb377ceb0d1bdf78a26e22ff59d7e478be9bf0970ab4926eac58cd1493c19625293443c02063275efcdf18cc63a84cb6865b10d6a65a48ef74833fb4b14b05644c5deb287e3b96731bf690c9dfd78126ccc6f925f073a866402eeff6e56e1bf0fe5fdf78f741efdaeef29d0b1370067b81aa503b6156d49742708a2d61ae23fe1ca2c1bdbc9cddedd1d37c74ff859a53b05d97145a5d0821a56fdf4d9ad39036fbc1b06b842cdc3e31b885d32381023f3cb91435c9500ace7559714d621cf85dd5b5078efe5fc11912ea98cc7b96e6c84d8e43e8cf90d6d7284879a276354ee697c6986b5a04269d1b1978fb4d9c6b08920141a2db4a0b7eb1e5c237f1b9f9afc15a854232ba1435a3373b6120da008659e49b8f0a3ebc9dca8d64646a18cf82ec5934455f3e239b22ec8a7d7a3665e3b63304ccb27fd6ab431b6bef0d2889a2424ba41c17297711010ea1adc90915e0e5468af890ffc8cde01214556a33332a0884c8ab4bbf15f50f4a26dfc1baa57f8b21f41949cb3014a2f9d044efb6238efa1afaf58cd7072ef273c873cb963437a3494563bd0a85ae5c9a12ad2ec1bbeb9a2fca388dc14cf3952691652aa622b82cd7f43bccc8643c2df083210053fc924886f785363d4f6b58e5600a167f623632f223f597a42733f8f5a4af6f91bba0085c5bc0fd5", 0x1000}, {&(0x7f00000032c0)="83e1b77fc93e662eade5c5b396d7794101", 0x11}], 0x7, &(0x7f0000003380)=[{0x20, 0x114, 0xffffffff, "78a814a54fbb007454de7f8cddc5"}, {0xc8, 0x2508b2433036ee89, 0xde, "fa57a221c305b1a52f71c94eab68ee042c4dfd47a9fa12fcbfc71a24fd256eb2971f28cb83f8f4a0d6244752738d9c85d6ac603fd52beba7ffbeec99011286221880470786b3c13017e3d4ebbe1b6092bd36fee1db24ddc5eba9167dfdeb3def2248c611a2cf3bbc633ed3c7ca9da0af1a15fd5c68ba2322879cec0fa80859e71c39f538da194ed63e274bff888a28345baac36278d12852d76c336a721080c50eb7dbca3533ebb0ba6a116cf7e3c98c268ec1"}, {0xa0, 0x10e, 0x101, "4afd0827581f907756aa43509e57c0daf70b61df57b7650f77bb64b9ccae224ab49e08805aba94c95fe840e6a5b50e36f5738d069fd609c0234fcae32a2d1651ec43c47b9e6ef3e5cf55abdf4b753d9a2c40f3651094478d4ccd92c5b8b828d174bacd9066195b91a1b1988dcbae1e3a88e04bc0e0b6a1541720f2c3e14e8935f0a8014ea499089fa2b90d5ff4fe9f5b"}, {0x80, 0x110, 0x90, "cd1983afa4e8b018389309ed849c8f1075b9611b8aba4a4630c6d486faac35c76decee58e1708cad6f6d78a43dfe182d4b1efc7108702b368117db3b942ce25b7da010d6b2e9169b22b36c73964ef2178b632530c259aa6bdd1465d0efffb5cc495b999379e5f3ff339c7059456de67e"}], 0x208}}, {{0x0, 0x0, &(0x7f0000004680)=[{&(0x7f00000035c0)="ceb1823de931a229975f0e58f9bd7d7fe776af910ace25ca65c7e44f7ba18d716b8fc41d9a9cfc70ed7fafca3e7eaf48d662fc546460c1c4b7c0078e5c399046bd06eedefe4e30c64ec79a4cfb03563c16917321172844cc96d12ce6660e972850a409a81b119877335ad06f6035328ed33a740ac519fd2bc5417ee2c3dd146f35de13e0dd96", 0x86}, {&(0x7f0000003680)="ffc5aaec535596b6de2f1695d4b87940071c360888dcf2e5f8c232a505ac4bb6b40d9a2714b3a9e315c928ba745c1ef3883afb88742e8ed1cc829a5820a4fceab12e5ea41f8989b732bd34d80c527801cd199900a393e8e7f8764790325f3f656f1576a014530b1fbc0ead5021332ed27d97e7fc48ad8ee34f67eebf93e1e15af627cf7af3a0217b068b9b8bbf70c97496e798802e1928424aef80b95ca692fecf39f5d040b0454c35c5f8084a5667815a769394cba43e0a83ab1a12958ddc475e99f61ea737986d16267f5655f97316ed1f5a26f20fb81b6d49d8318ee4a885637f4e301bac9fa9ab5e9d727afad85dd910dfa655a8bf9573117ecbe969c70ff06f9533af21d8ead44c07c6adeb3df2e5740245189449fcc67277a3e2a14b3ef8c044087c42a9824c111dc446b645d881622bd5aff4ff69c3cc6a7dd1944fe2d5d7c331781c30dd76668b3afad9b25cdfafcebae33246f5c916ebbddf830be8cee79d48a58b4401208b803414cfef50da2876922acf9d515082e2334ace69f53f6a863fddb83a3b52bce093fd92f90fa61423408364cb57fd1d67d720eb5324f236f86f32182fc465fd5cf44fab98aa89335e2692995bb02a492bc8f8490c34cab50f270db0983e3d201c735802735b0e80a57a052d054aef530fb1f87e90d325451818a471f72fcbff53a65659496f6ab3faf0be8c182f6ec8f93a6eebe7580da34f5d569e7f2192c775de8cad2088177ecccfc3f5dfdfd9b34b56f6733a058c316f069c54aada6fe889a0e7ae381c6bdf26529fa5934d8bf42d2f5dbdea9fa8f1c261073ec83adecd92847afd5a9161b79aa145e7520ef1574321cc0d72b1218a9b220f7ae82424dfacc07658c4130405ef252497713cc4533086e16085a35d74508a46d4b2b31a793c579069c1f1303bf2fa6e6c8a07bded150038fa7caa3d04b842ca0c1cfe1431f5732998ec203e8c379b031b00273bad8d8e548f1008bf00d373799db917bed79a4dfb271b8acbb2b158d59c93e7a52be0af543a5c6982defa991a26a90bd68bdfcf22c1f327babec54731ccb4411e4cb9b04ce95719a85f833ba103d94df466d14491d66c41cfa1381a0295a903cdacda0b6c69f57f210d9d73065c63f5055809a04f6a8a2724e757621655701823471918848f339c9bba1042ff3f4e3eac2967a829361bc4b087981809c7d33b4b5c987bed420d4a00f6eb49c31ed2265bf91df00d0aff582624d0b3b65976ae969c838e62c197bdd3490d6c68ce1abe4ee217773d26390705894a007e453e767f85f60eecdf4b97c8f46c6b179e49006e49270fdaea565c5a0bbe9b751101e51500efd5f73581bb08dbd4dc27481d20b3bbe2a25d44dfea313593fe4217ef099aa10be51b641c5bf451f18f1110d7e5a486bfdd414e49037ea61e7dfee57ea6293d62ffba75e6e65eb22ef85f61911a3f7a41095be593e04c078516d5fdb403971f2ec98e9d0a37f7dfc845ca9ad3e623e920330de0c503ffc787a2a10ba75249150a011fe03daf6d3dfffcd30d843b1877ee7071cdfe9d4f95abcece176ebc07a664d693118e2868ffe5efb789e86603c13a25280eca24c9cdc5ae3fa2fdacd9a74f1364470f8c89962a6c086133e596203c6a3d9bdd039cfa9bad11fb1ca6b37c11743527c6e1f9c8ea513e477f1c441109710c4670ac4e6296b25369ad3b57b16af41d4d9c77e6f62ece155d3526c5c2c1652ebb4886c1f701f9749984e173e441c302e3e73d5f81bfd9d2f5ca0982d6f99b4edd564d97e74c5ffc9b1895d3b987f7d8bef9870736e9e98a1ae492d81fb08c98a7962572954e31145f89ccc7cc0995986ced52e1207bffb48e1573db316c2af0aa28d6e9a9379ee15d8279120499756e6a4947e1fa61a2c94b177dde28e42cc31207f76e338430c9884fa287d1273b59c8e7a7fdd3d04cd2a8656322d8eaf5ac00535dc9a019e784608cb612ddcca78e1d8dec316640cc0ba2980305e2479e7dee6f3473e1f841c1787a562db038c0fa703778bdac3c9bec603ac8cf1a243bab51eb766992e0f4181282cb78dd8df7b3199171a33aac59d02690093474a277fe1da5c39bb7aae4278c0cccc248502326c6781ccfce6469c88e57d3c48b5c7eea3bebedc7a9813e1f116b4a8f78e5e57b99741e41035263fe469b86defbc961e22e1b5393c6d25efa8b00fa93c8f4a7c11a639e0047727679327f3c88a96f66da78561e87741ebd17a397af15e617888f0d051c28db3948aeb94326ffd1e2dbc3b76dc7ee00785f8747f240ba41289fa1a9f965aa9c2ce4915aa28e1dc9da8321eda934af83e9a64a87acfc8351a27893b6374b3c92e5e3815747b0a03211d98754218cb3b908e2d7b2f5e1180fe4667fba9edc7172ddcc4e45b492cd1c21a98ef90e870e687b0bb25b1d416e33f0b84c397953764f81987d0178858cb302b5067e3d5a3e69e8ecfbcdd26ab0838806bf0ea92f5ac623b2465a71a3ecfeb28ebf04c915166b7b7665e4340a4fd5ff91a6b01de4b5b1fbbf859f2daf5c98eaf12cec45c381d7b5a5cdab81f23849efe7ae7ea50249c194e8bc30b1c5bc542e22630aa024960241e610fe14f321c96c714ac1b6b69f474ef1b2e1ad1a860e826565e55b9d03743b36e3c64e16e086c9ba9abc3f75fed7ea02796cdaca5f6bcdc04638cf6bfaf9ce41431b27695a265e73ef0e3f8a542a829d345ffa872eef7b9222bb8d20f47430c74103d05ab43aa87f44d19b0386155bd22def30d409fc3ba77986b20c10f6a2a6549de83b63f5577a7275a00b5adfb54eb317be3f1959299cb89f9743f48f3605f90ab78b63585b91d3936a6fc07f35f48f93d1d74df72205f42e421c105207e52ac0b19f5424beacfef67c86c2530668d69fad04247410aae29227877696a614d2076aa68ce9909d0bbd5de8fd2e3085cb5eb5b566dac1ee05544241b9f3a6bc74c9fc740d0c7855e8dc2670f3fa6c097467d1d87e7d4857ad35ae7d6021866d021e2c3c936bf3fdfeda049ca056d8397c7f4c2d11aae8abe8b510d23bd136e58d79666d9354138fdaaad6d0b26c704873c357af13ca8c39ec462dc7ff73e89941cc0f0f6e45780ba028d8b5fc2ebcdf81852ad02c96156b37b2998a03fe74e3191f2fea15319cdd5172eb5da83cda3401f72b05043e7878681baa508f4385ffd560144191bbd1bc53f0ead3d6da73b85d40ba57be7432e2e5f4201e29c9610ca78474e9e6315da1c0930bb48fee1f552ade527fbb75cd4da50d7d8aee3e5eb9c3f3e11c37152c5de45ce69ed6f82e24164b8df75a8f9e961b49189c51e61a2c539ec86539eee180fdae839c07dca6ec16e66ce872c09b3759b1f23cdb6f70d1eda87221ad7e0eee08cb1a632f5be00b0c30cd88d57d5d1fea449d857456fba6e5fe7185760191972a8eb75a93cfb9f3153f3f22c2c177769a7bcf6cd2f352804687b67879803bd7faa2fccd0f4d649b7beee6951ef0aaddf1fbc5db2a3764a0a6d09b0a57f551b02876279762ee01ed50f3ea8f56e3f2e31520dde656767d1e4f2861862b63b26787a8a5ff7b11e1b95fd0e742310d4ef477e111df4807a1b4bc2d9b6f9266f377b381f7a733859b8ffcd7587ee622d8d727739f1baa329474f3131ab67512ef40c34619d76aa48c12d08233fb7560b1e5fd7ba0da2d0dfd272ecdd6f050b520712a86b9d81b87daa9c02575165d5bf4d6ae40cb93ef0ec1d0adc885c00c316d992ed638b48fe2d747719aac9795be29f180305291fad570b31377d65a71661a68dd482d9ab3a5dcc7049ab3d85f37f096eb6ccf714d398c2dbc11b44d2f3b175f53c0ebc2673ffdc7e8185f35f5c1d7e90ca9205cee95bb66b9a72a7a0111eea9b7f59866310270e01ff3fdadb53fa039663948626899d38e67b6617de46973cc8decf09053c7bef1e1a7d77450b89d9eaeb56fa47263ab22866ee05587a918ef1c4f960d0e04e7223ae6fec706a7d22a294c0bfba6a869b5af2cc16eb08200294913d047588467956b1f191ff5ed8b585b6d97a81befa46272e5c4c4b7471d05d5e84f77b4a1c55b68e9259464839706664ba5e2a27d94812e350e5c47bbfdb569b9f45b810e64ecafff484035da7f13a7ab6127f3ee9b9b3b53b6e4acc11c0d4e66ce298928f986fea06f30e910fc36b1f5e47f80ced13065cd00edc640b8ed456e09d64df325a31428f9270dca73701145fdc731d810ea705a390db304b0dfb4260d4fb8cfa1c896873000f75e31d8ed557b0dbc2da956de917874af46d6cac81e93db32228ce8cea6d9243f5be00d485c59c384a6470578982050f48c8f9741aa827ff2d7ff26116d03fe46328709eae22bc04472a58df3d5f155bc5758fba050e46ee9a795b9a899bb1851a265154a27f927bed6a2b7becca64583a7551200006c12b9fca903325a27f5d2053b95e6e6c8977e565681890358b8fb58fa4a885df2d9683d0d905887b3f57e2092252808d59e8d16825800cab6bd53251a425ac083cbcb7f006c1e6e4e2b455ea71989ef41fc3687502754d490bfe60a8227bd6ace00065b789255dbe35e49bb16662d1102f8e50fc4d36b99e905587b64a14649f98da9092082841cf1cfccdcf6310f07b707242882b53f6de1a16612c70e201aef2eb299f5adf19269d7ac9fddc237978fe114be5048f982f3095f56bb33cd341fc002816d2f1ed8cd1612cb769c4061077114ad3eb8ce3be7041034db3fff83485dc3b453c580f083a6955d91be34e9b34d07bc36fd700a17a081c46ff3023ab74dee7dc7845e9540f6fd204603c770a5df76651f2f7213b0ae9feaf558e57df3d69c6579906887cb5f5fce82249794589981d1f3bcbc1af563777e4adb39f84f2d23f4aced7719eaabaade7d75aff1699fbb6fe17351e233057262637c02d866f59dfce2b9117a69f5427d11e872634d707d9adda6c763372b1946707f20226c840649fb74d2b3d91fdfd78e0c4da770ec7b45a55bd63b019d90e8e94498dd31412f1eae8156ae9ecbb263497804049a70fd84c95a7bf1803018648d2330406edcd53a616471f2a901d4d2c7cd78cbfb5199136cdd8957e5801bc3ab2bc24eb1bf40b675d53ffe3cdf63410cc9947a90058a6c0b3257f96532ed6b2859dcc8c4e56f93a505a44a2e57fb61d2b74f5bfd3cf33582401c7fe634838db888ae4aef97b6758c309d7611f6e026f4e03a103d384842f36c6659dd87b6b8c923747b024140178b9b5678334706dd949402321f0d04c6ab6ab91d5e6e5300f17e761c04239c647314cd78d8050baef84a63ca70e54bf37e6bbc6a32654d3dc89945653cb5ae8b2a362e7a59b54bac6c9987f5c1f99a89a1fc3f89712c44fa1ae8ccd0733c6c7cb1c4c9246647fb38027334d9d968c880460256e76e84d5348a07e3d204a0cc75161e355f50c9eb2fcbbb34333953ec9a0dcdfd5bf8027c38740d167258a55bb995f0fa7b26b25d11f4ba337a55d6e7c36bb54221a0a2f12a502ce484a9429e7f1afcc5c0d111d2cb2e5ff16ba9d9a4bfdc9e8798538daeb795a0ec6e1b00bd6065a018ea95f900f929f9eab5bb0445f42e5a6c847b212abc65f363836d00ed9b08745de9ff72e54876fe0c28c809fe7714fba56d18b40c75d096cfba7f0e8acb4a0a00fa145c8f9904b9ee1bfb7a88bb94e5287e2777f00006ddc757a00d4bc483e6f387c99233d061602d9efebe87a147e75124ded0349687a591d723e4ee4776191529351c0bc26fc9da36702eab4eef03a6fc2ad9a95fb5054b9ace77", 0x1000}], 0x2, &(0x7f00000046c0)}}], 0x4, 0x40) syz_open_procfs(0x0, 0x0) 03:05:16 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xaa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:16 executing program 7: clock_gettime(0x0, 0x0) socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d0001000000000400000000040000000c000c"], 0x20}], 0x1}, 0x0) 03:05:17 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x7000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:05:33 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xb) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000040)={0x2, 'syzkaller0\x00', {0x10001}, 0x7}) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r2 = pidfd_getfd(0xffffffffffffffff, r1, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x6, 0xba, [0x8]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x12, 0xbb, [0x3d, 0x3f, 0xeda, 0x100, 0x9, 0x841, 0x400]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x80) syz_open_procfs(0x0, 0x0) 03:05:33 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x801c581f, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:05:33 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x8000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:05:33 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xab, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:33 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000005c0)={0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000050500)={0x0, 0x0, "a39e30bcd9cd2bef3ba6da5ccf13ad3d01dfc7ff5ca5e8720cefc76c509b7b37b5d619cfb78370537fc2b039507a4de846a6bdf0dcdd8d61acb3ad113e6cc5f3d78fa203743f6b213bb4a35748a21da67aa061c1aafd4e2005dbf3c5f90cb2ba3bb3db765db199c2d90a927e9e7d920476cb376ba44eba8ee841b51d109262faccc090acb529e2b2fc2ff38c043bd4a28188d68385c428825eda67c26eb81c3495bb01148d54799431df8e063ddfc566b739b946e7962d2cb73832963ea2b71c56d1165fae6cff6cccc3360cbab5d6e65edaad42db4ac3904d73da75b824aec190c4c47f2dbe89f0b353c11ebfe45e47ddc6a80116357916d881350ff9d143d4", "6ed14c6089716b98fcc089bae4f6e1a4613fee779387f400f2ab69d0c193b3576fd8a8e6e487c44ab000f37ee4be9cd718add070321797fcffa835eeddf14091052167350e334b528c713367717fc7ca69df998efb4722bb5b262a191f7e8bd4d01035b80813e311ebc4282a8fa2a5f3adb8fa57fb15b4b5fe5911c2efe0b00431fe8a613dca64c926b6bc601062ca67594f381737d432ea7539a3a5efd18917b9eb6fad7d7724cf9457eb7af17ee04fdaa0199ee200884b704944ecd640ce2c7220f2a3c9e252439227586bad92a1efdb30306baac589fe3e18c2514c6536c02947698fbe8c07fdb8beeab9d2578c5066ac84e479b453759906bbfd0e48e0d2ebd20a34f46c3717a8a915870c1de1744e475bc74613607113bd321a9575f5e38d289bebfe993383228866eb7f9c2804a60824b7721eeeca072656781636b37ce5fce1f310bd7301010f0e40bd98341997ea886cc8a258acbb3602660a0fb083a4370b89caa1227f8b6ed4681bff458a3175f8a7c4f7da4f61873f5fe066bb74ab30294dd6bdc5ed0579a7f909969da0e00e8bec0ef0787508937cb037a004cedb98ba5a52eb77893218564a1f90324bc1b63a8fb3596ae9c8a109a5b6a45957ac8b3adb77ed9307eaeedc4862a1783ad0c1da818b0b976f53258a52386e224ea40512e267dab8160279ed64d3d43cba46ed6feced99f4ca6b71db1e4f8e58a1ddbb251816584359b378cc22b4480126ba81ff36eb2c9ece554a6031dedd344123bb47c89309496d2cc9941979702337bfd8ec2c397274a93b4637287b4461a8316591156bc6df0d89eb859d56dcdfb4931a76f8cb92f282fbd252e2a37102a3eae34b11dd343a556c45f1e65debb412c293af9e10bea1142af53f95fbce56b462d95bdd2f89428b505505241e7c3dd3227ba05c656ebac5963b6784ea4927a2c1484499205a4304e73bfaee30ff6a6ead7526b6a275a7d3b05d3176c8aa64025bf66f42a3966a56aef0cb99475b980610a7e235f02ba29260fbb1cc2813a6aa395b23184bf0d4bd2610859bb402d57b9ddd1c49b799c42e4fa61edd365cecf5a5b59bed631168882256ebcc9d30dd3342f75908199ea4b3a3f765a26383747446ac25c8183e6f31f5aeb60ec480cc10715326f28d1d088886ee1be07faf314d7f2967aab9416f2d6726ff097f0894c854b5490bcabf3c781345e893e536afca869d4e6a6403a99a2c105a5f0085e650eb46ab92253ea54e129f5f865c52cf423a5e7ead374342c39d91e0bf3124d2fcbc8791cefb1e5349b2a6ce1b5ad1f923d0036fb119d96fbcd4a57b251d1f62bf8d49b40d3b7806ff3be9a204fde0820fa6b8fef057c4f4324184c64d750d349578549e343a7ee6ccdded50abff02d0433739f5b9f3b619a80b07f5ba62c6b386b8c4483209c366dd51a2c1bd3bb9d1b01357386f352f23f746a6f03e6d68a7adace0454f46cefb30292cfba171f68789bf7dd2d0f5ada68fa27f40c843dbbd4535212eb0d4b0aec3578001ee7ce6ce711584368ecc46330b017352eeb5bb69773aee155543ad0cda9e43444f97d8a972837ace60640d18eff1e0689ddce75d694c85d43a9603d1ffe58c42393d34c6090c320f3e9c6facd117a6b9d9f7808a8f1a268ab81fabec7e0ad5b95b0392cd04614e9cfc95db2cdd34374324f83a858c3d46fc3b430b5b6b8e27871e961fc24da3d85b924276ce73452cd000f0b2f245a255560faff9d91f28811ac21bcbc2976ed332cebe7c0a3621e3126e283dd6f2bfd7955a27ae7bafe4738bdf038a6975cffd5e698c4dc74d194b90f1bda6287e263a0ddae4dc02d355781cb8e8d16b03a41b22e8e5b025a921f5c543fd09fd9730a1b2c3fc983f068b534b69dbe985f6a1593a7aa0a86ed4d4dd1bb5f151626b4f32cded28917582b12050894aa1b00f2dd6dc7866ab362e318a0fe27f750bec69dc82e7ff08c1bce75782cb20505ba416714eed780635c7ae9b9a06b90944375d33249d5ca4f732c03387388828cd0ab881d143f98fd854a40ade3963985a22baab5967bbd2543f231dcb295ba8050c2a8bb1603feda6877be98688a37d70ad944e6b81d1e8c5e013a5b22c52c0f42da321038e53f1bd77b008404ce6eec87e1effa22eed11c5bcdcefff6c3f2160a6f62f88ae33976a50546098a9fe6649f7bf840b99e1934c0337bb508ed13fb5ce37252a659ed80f44581bc591c61d66e35742505c67cc7d039771a0c545cd4d35d0265ba67915414b0e800dae2f8f703ebbe98b433d0686bf77959b566fc20276c387a1021d4b88bc29a25ebef1f24f5cef7325224762dc605a2c2c81d906feca693cad7895a598633b2720c6a7de9691c54422229d27ca8c48af8a16ec877b5abb93c2f1e48faff8a613213df3f2a008f8cdd714f105697798e95976110d0bde9c880bbd74d4c246208cbba710b8115292ffc5476410ed8b14bd22c3bd6a867ddfa38d07f07ebadc87cc7eaaacdd4f0e542ed9233a406fc74c6a6443deb3f32accbbfc380919effaf32014f8a7c5ae9dedf26bccba8f02f977dc7f2fc8c0b4ecd01a174d10af07912f07bb4041c48458248e34d95e78f737c572dde15d88b4d5b78a110ed971029ee7a9dfc8031cc00d0c66808355f5c526be9a6011389904403c1952189005549f0a088658fd984128b0d16185df1f1fdd34455a478f5cf5f378125c0bd36c0cfd551f6f298bd79e2f6c1cffaa11d4ac23b68790fcb02dd537eaffbec3cb0bfc9f6963657b684ef3ca8c8981ea8259126119f69c6bdfa401ceded5463dc027339a01a8cbd8eb1cfa75bb1f700bc53690a99da257dbf86c5d28c3e0ed3e4e99d89b26afc3dccd02a1e4b00440e9abe7b07a100e0506d27ae708902572d3b2139514d22ba3c8dc39d6add62522b70a5d591318be4a6fa0acd2d9299e53aab961177ee3fe6523ac396e483a3b9ce935d5901a37e2340e0135f2287a271c88cb1cefa83f05bec4d02606d3d559b8fe209e2ddf8ee6161fea64c3b63c9515b41abf451a8657435e788190c3c447b334abdd088c5a5b975897b367784dda36005def6377f9fad72164f63f4d36c86fc3d75070a46ef6e5b5f7d80c6f55c8c379c05320baa3c435c08b216c90217643fcca51cb733404bad43e6ac4b6522d8c9e360b153b0377b58d5d2e01f14104f78ea09c878ec72d29a4dfeae763b1699805b05e9accd0be69ffba8efe236ce6038a651825204ab1c6b063495c5d7772f624795be0568d314cf8f97382e0d5673a63d91c8a2dfe2ba1b5d5e7187235e1e3978bcca3799fd3655b28b2fe64d8efe6b7bba7ec2c3c06c1228d33b64eebc8428c67efb217e7b58ce1ec50444656544b56c83be43b13a4499d78c350d38ed192c11710982100a3dfbee49802b0a9a761cf431db9bcf705860c1f2c6d60dedc95c3e4b26f3894169bd81d1c0b8b0682b49579552629e9d6dc35a919ccf6d747d74834daef574d4dbfe8d1b7e518d5d64b186e8679de5404d56d599061a9a9738ed3021ef1d57cbb5cb76c7f937587b4b26bbe55e94a805ebf44ea532179039d0fcafaad99ddae3757b47b7d1a537fb113a9da5c81505460ba192d8fc5e9232ba9cf9661b88f84b02c2eff5613e9e7f95d787e8bbdf94d299d2b9cfb4161b51ca5fa8b0cb78cd5ca048cd1d05cd391a6eca9cd1c75411cf7af5dc785dac245c52e3551934213dbffe28f242f1766522cb1ee731769c226ecbc5e5bd458d46cc927fd6a5d50b666b66c25d74e7026f9b1889c1f7123b0df4a12806ab6712b4ffc521b305b9b9cba5d2833458d74a89b7bc5ca9875cda61ac8259d0d0f4586b3230a80b168fe662ea89bac5bb0eca1508f46f7e662ba7e3e646ca94c956e22aeea8a66d7b3a1003698624defe95426f05ca839b10baa4b301314f46ad3f8e150bdb4105b22cce245587f243b2aa057427261e71b6b5108d393ed4e8d87ec701b432ad4fdfb1625158920463a991fe65f6628742161d5ec933f846b99c40c66167397938393c6c17102b7fa599dec8265adaa4697139b7eb9ff6fe476b9330d3c2aac9d0767e845ff85f669ecc5a847a94950944d76b48dc4a2b045d8818c8fd948502a4a536ef7f373e5b5d2deb42e3ca62d001af48a4ee2086c420cefc1a608dc481469c3eac38445a53b32691b4a1b36b40dc21d87d7a27c7fb667fbdc5f70de072cba4a8db45ba6aa11ed52559cdafe7ad2bc95a4110a7845136fab847b72e2515e077f83ba211d2251424f4518ca10bace8491709806bda482795d4a330285208dec20433e62ccec3111765fff6305532d65814bb6b9218d293d0821779f1aba96c20ac29f55927cbe0673a0c246675b995a77da6b29ebf779d79c42c95aee3a2b92123752a8f0f6f1ea2c39941ac9df56e86cde471f3047a14d7b17f0207578a5f330f049b611b3eb62900cb3bf50d386f988b83ca6ba9e24f8b1aecc735318e7f60506393df1d1b09cec6a748836c1cfb6074dbc21909e82b0133f6a4be2a1b80dd1806019e6943e1268c3534cf5861630df0406ba33a36dc10d2c600f496b05a1053063d7840ca4e57e612e8b22cc7b44240cb4a1180506e54627c16502fce4300c4c0ac8769d1c61dfd27d2cfb7f70cf2b306304349d8d08b37b95151c2bea2a1f2d2bf62ef0e910ee05e6aec750b802b9c65d078769fa4157fd12226e85049663e87a5e54cde8da2aa97106e511a1f87c880003c23cc95475954eacd1cd334dfb7710038c39e7632cc233260328eb363d5e6866bce561c5e20d8951cfd93a78b54f23a09f5483cbedd35a62815c93104439c4dca35f41734e0028f6ea24d18110aecec6c601d8bd17980e329cc73948cbf29a78c25c6a74a95280e720c945637dc8bebfd88bf8209d96a418f52838cba8503a5f88cb0bf74676007df8928d7e1924048bb19c8f326955d6a960ddb97c5593f50688cae526720d3b77dc4d16cfb21b002786cdd7e49a756368930316d9bb5b2e1234b9a90b2285da5a7410e933baeeb4a9aa6fd0f723fd96cbca29ee08b2f7cfa875e557e4ec4d76c4b6f40a038f6e2204b299574c96f3d7119c41419a3a74f3f2a4673d945ea51c54574319207c36aa1d26147e189a8e605e66a051c4be947dcda70fb344ae5fc5b94690140b7a7cc03452eef6d824e2718fa5fd3ebcc36c08452dc9928bed6572741d171e9ed3e38f57596266b41311478f52837f485b7bd8b9be40d87500e1f3fc6cc75a4b801e9b8a6fb44797ae3d6d4ac776b2b141c5e8ef067ad974378db61a909b1c69bcf2064b13742d9c03fa3550507f8c163755cbbf2ad59441e136c929c247d4bf828fd1e6d73867d190e6967138ac031e1c6e3c90c5087eea2305c046094b11e75a1b7415a772cb12cf75d2"}) r6 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r6, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000001040)={r4, 0x401}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) fsmount(0xffffffffffffffff, 0x1, 0x71) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:05:33 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, 0x0, 0x0) 03:05:33 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xfffff000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:05:33 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 49) [ 1876.386110] blktrace: Concurrent blktraces are not allowed on sg0 03:05:33 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1876.401155] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. 03:05:33 executing program 4: r0 = epoll_create(0x9) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)) ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000040)={0x80, 0x407, 0x1}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1876.413147] FAULT_INJECTION: forcing a failure. [ 1876.413147] name failslab, interval 1, probability 0, space 0, times 0 [ 1876.415860] CPU: 1 PID: 10262 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1876.417640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1876.420012] Call Trace: [ 1876.420569] [ 1876.421036] dump_stack_lvl+0x8b/0xb3 [ 1876.421868] should_fail.cold+0x5/0xa [ 1876.422706] ? create_object.isra.0+0x3a/0xa20 [ 1876.423683] should_failslab+0x5/0x10 [ 1876.424493] kmem_cache_alloc+0x5b/0x480 [ 1876.425377] create_object.isra.0+0x3a/0xa20 [ 1876.426309] ? kasan_unpoison+0x23/0x50 [ 1876.427174] kmem_cache_alloc+0x239/0x480 [ 1876.428074] __kernfs_new_node+0xd4/0x8b0 [ 1876.428966] ? kernfs_add_one+0x3c6/0x550 [ 1876.429854] ? kernfs_path_from_node+0x60/0x60 [ 1876.430847] ? lock_is_held_type+0xd7/0x130 [ 1876.431776] ? up_write+0x148/0x460 [ 1876.432546] ? kernfs_activate+0x1c4/0x240 [ 1876.433462] kernfs_new_node+0x93/0x120 [ 1876.434326] __kernfs_create_file+0x51/0x350 [ 1876.435280] sysfs_add_file_mode_ns+0x218/0x430 [ 1876.436268] ? component_del+0x4c0/0x4c0 [ 1876.437141] sysfs_merge_group+0x196/0x310 [ 1876.438039] ? sysfs_update_group+0x30/0x30 [ 1876.438962] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1876.440132] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1876.441300] ? kernfs_put+0x31/0x50 [ 1876.442081] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1876.443274] dpm_sysfs_add+0x241/0x290 [ 1876.444110] device_add+0x9a9/0x1e60 [ 1876.444907] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1876.446062] ? kfree+0x217/0x410 [ 1876.446814] device_create_groups_vargs+0x203/0x280 [ 1876.447874] device_create+0xdc/0x110 [ 1876.448680] ? device_create_groups_vargs+0x280/0x280 [ 1876.449763] ? queue_work_node+0x350/0x350 [ 1876.450676] ? init_timer_key+0xd1/0x110 [ 1876.451551] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1876.452515] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1876.453538] ? init_timer_key+0x81/0x110 [ 1876.454406] mac80211_hwsim_new_radio+0x382/0x4900 [ 1876.455465] ? lock_is_held_type+0xd7/0x130 [ 1876.456390] ? hwsim_virtio_rx_work+0x360/0x360 [ 1876.457369] ? lock_release+0x3b2/0x750 [ 1876.458209] ? __kmalloc+0x25b/0x440 [ 1876.459023] hwsim_new_radio_nl+0x9ab/0x1050 [ 1876.459953] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1876.461055] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1876.462235] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1876.463655] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1876.465061] genl_family_rcv_msg_doit+0x22d/0x330 [ 1876.466100] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1876.467528] ? mutex_lock_io_nested+0x1310/0x1310 [ 1876.468569] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1876.469754] ? cap_capable+0x1eb/0x250 [ 1876.470641] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1876.471823] ? ns_capable+0xd9/0x100 [ 1876.472641] genl_rcv_msg+0x33c/0x5a0 [ 1876.473449] ? genl_get_cmd+0x480/0x480 [ 1876.474301] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1876.475405] ? lock_release+0x750/0x750 [ 1876.476273] netlink_rcv_skb+0x14b/0x430 [ 1876.477145] ? genl_get_cmd+0x480/0x480 [ 1876.477993] ? netlink_ack+0xa80/0xa80 [ 1876.478841] ? netlink_deliver_tap+0x1b2/0xc30 [ 1876.479824] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1876.480894] ? is_vmalloc_addr+0x7b/0xb0 [ 1876.481775] genl_rcv+0x24/0x40 [ 1876.482482] netlink_unicast+0x54a/0x800 [ 1876.483405] ? netlink_attachskb+0x880/0x880 [ 1876.484334] ? is_vmalloc_addr+0x7b/0xb0 [ 1876.485227] netlink_sendmsg+0x904/0xe00 [ 1876.486106] ? netlink_unicast+0x800/0x800 [ 1876.487041] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1876.488232] ? netlink_unicast+0x800/0x800 [ 1876.489139] sock_sendmsg+0x150/0x190 [ 1876.489963] ____sys_sendmsg+0x703/0x870 [ 1876.490862] ? kernel_sendmsg+0x50/0x50 [ 1876.491725] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1876.492704] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1876.493839] ? lock_release+0x3b2/0x750 [ 1876.494736] ___sys_sendmsg+0xf3/0x170 [ 1876.495568] ? sendmsg_copy_msghdr+0x160/0x160 [ 1876.496554] ? lock_release+0x3b2/0x750 [ 1876.497415] ? lock_downgrade+0x6d0/0x6d0 [ 1876.498326] ? lock_release+0x3b2/0x750 [ 1876.499170] ? ksys_write+0x20c/0x250 [ 1876.499972] ? lock_downgrade+0x6d0/0x6d0 [ 1876.500855] ? __fget_files+0x287/0x470 [ 1876.501714] ? __fget_light+0xea/0x270 [ 1876.502540] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1876.503730] __sys_sendmsg+0xe5/0x1b0 [ 1876.504532] ? __sys_sendmsg_sock+0x30/0x30 [ 1876.505428] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1876.506632] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1876.507727] do_syscall_64+0x3b/0x90 [ 1876.508515] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1876.509597] RIP: 0033:0x7f406f897b19 [ 1876.510381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1876.514215] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1876.515814] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1876.517309] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1876.518810] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1876.520304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1876.521787] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1876.523302] [ 1876.536212] blktrace: Concurrent blktraces are not allowed on sg0 03:05:33 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ip6_vti0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:05:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:48 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, 0x0, 0x0) 03:05:48 executing program 0: syncfs(0xffffffffffffffff) r0 = open(&(0x7f0000000080)='./file1\x00', 0x10400, 0x4) setsockopt$inet6_tcp_buf(r0, 0x6, 0xe, &(0x7f0000000140)="b7277a63eb3f5b5eed52f2419d847f01a397f26c5c61a3c790790fdf3601437384b15d5f2f38b901894d0e220314db932124cdd2273dea555d76a13c15407d9e0b09e08fcbaf22ad092e585f49903af700e069e2daee10355af3f99efb12280d3257d2e805f7636e4c8cd0cdd6dbc93623dc873ff0d21245286fcf71a1a957f8f4e23b672e7b69487e", 0x89) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:05:48 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xffffff7f, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:05:48 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 50) 03:05:48 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0xc0045878, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:05:48 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'ip6gretap0\x00'}) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r1, 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000100)='./file0\x00', r3, r2) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000100)='./file0\x00', r5, r4) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000100)='./file0\x00', r7, r6) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000100)='./file0\x00', r9, r8) fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f0000000280)={{}, {0x1, 0x4}, [{}, {0x2, 0x5}, {0x2, 0x4, 0xee00}, {0x2, 0x6, r1}, {0x2, 0x4, 0xee01}], {0x4, 0x6}, [{0x8, 0x2, r2}, {0x8, 0x1}, {0x8, 0x0, r4}, {0x8, 0x5, 0xee00}, {0x8, 0x6, 0xffffffffffffffff}, {0x8, 0x4, r6}, {0x8, 0x4, r8}], {0x10, 0x1}, {0x20, 0x4}}, 0x84, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x80000) syz_open_procfs(0x0, 0x0) 03:05:48 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x8800000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) [ 1891.504112] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1891.505483] FAULT_INJECTION: forcing a failure. [ 1891.505483] name failslab, interval 1, probability 0, space 0, times 0 [ 1891.506730] CPU: 1 PID: 10292 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1891.507613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1891.508792] Call Trace: [ 1891.509068] [ 1891.509304] dump_stack_lvl+0x8b/0xb3 [ 1891.509726] should_fail.cold+0x5/0xa [ 1891.510131] ? create_object.isra.0+0x3a/0xa20 [ 1891.510625] should_failslab+0x5/0x10 [ 1891.511037] kmem_cache_alloc+0x5b/0x480 [ 1891.511474] create_object.isra.0+0x3a/0xa20 [ 1891.511934] ? kasan_unpoison+0x23/0x50 [ 1891.512356] kmem_cache_alloc+0x239/0x480 [ 1891.512804] __kernfs_new_node+0xd4/0x8b0 [ 1891.513246] ? kernfs_add_one+0x3c6/0x550 [ 1891.513687] ? kernfs_path_from_node+0x60/0x60 [ 1891.514179] ? lock_is_held_type+0xd7/0x130 [ 1891.514647] ? up_write+0x148/0x460 [ 1891.515049] ? kernfs_activate+0x1c4/0x240 [ 1891.515505] kernfs_new_node+0x93/0x120 [ 1891.515934] __kernfs_create_file+0x51/0x350 [ 1891.516397] sysfs_add_file_mode_ns+0x218/0x430 [ 1891.516886] ? component_del+0x4c0/0x4c0 [ 1891.517321] sysfs_merge_group+0x196/0x310 [ 1891.517781] ? sysfs_update_group+0x30/0x30 [ 1891.518231] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1891.518815] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1891.519415] ? kernfs_put+0x31/0x50 [ 1891.519818] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1891.520405] dpm_sysfs_add+0x241/0x290 [ 1891.520822] device_add+0x9a9/0x1e60 [ 1891.521229] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1891.521808] ? kfree+0x217/0x410 [ 1891.522175] device_create_groups_vargs+0x203/0x280 [ 1891.522699] device_create+0xdc/0x110 [ 1891.523112] ? device_create_groups_vargs+0x280/0x280 [ 1891.523648] ? queue_work_node+0x350/0x350 [ 1891.524094] ? init_timer_key+0xd1/0x110 [ 1891.524534] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1891.525014] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1891.525517] ? init_timer_key+0x81/0x110 [ 1891.525951] mac80211_hwsim_new_radio+0x382/0x4900 [ 1891.526480] ? lock_is_held_type+0xd7/0x130 [ 1891.526967] ? hwsim_virtio_rx_work+0x360/0x360 [ 1891.527450] ? lock_release+0x3b2/0x750 [ 1891.527873] ? __kmalloc+0x25b/0x440 [ 1891.528287] hwsim_new_radio_nl+0x9ab/0x1050 [ 1891.528760] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1891.529339] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1891.529914] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1891.530598] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1891.531279] genl_family_rcv_msg_doit+0x22d/0x330 [ 1891.531788] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1891.532481] ? mutex_lock_io_nested+0x1310/0x1310 [ 1891.532994] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1891.533577] ? cap_capable+0x1eb/0x250 [ 1891.534004] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1891.534581] ? ns_capable+0xd9/0x100 [ 1891.535006] genl_rcv_msg+0x33c/0x5a0 [ 1891.535415] ? genl_get_cmd+0x480/0x480 [ 1891.535846] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1891.536382] ? lock_release+0x750/0x750 [ 1891.536810] netlink_rcv_skb+0x14b/0x430 [ 1891.537234] ? genl_get_cmd+0x480/0x480 [ 1891.537663] ? netlink_ack+0xa80/0xa80 [ 1891.538078] ? netlink_deliver_tap+0x1b2/0xc30 [ 1891.538565] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1891.539094] ? is_vmalloc_addr+0x7b/0xb0 [ 1891.539524] genl_rcv+0x24/0x40 [ 1891.539875] netlink_unicast+0x54a/0x800 [ 1891.540300] ? netlink_attachskb+0x880/0x880 [ 1891.540759] ? is_vmalloc_addr+0x7b/0xb0 [ 1891.541189] netlink_sendmsg+0x904/0xe00 [ 1891.541616] ? netlink_unicast+0x800/0x800 [ 1891.542059] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1891.542632] ? netlink_unicast+0x800/0x800 [ 1891.543087] blktrace: Concurrent blktraces are not allowed on sg0 [ 1891.543094] sock_sendmsg+0x150/0x190 [ 1891.543119] ____sys_sendmsg+0x703/0x870 [ 1891.545356] ? kernel_sendmsg+0x50/0x50 [ 1891.545787] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1891.546262] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1891.546816] ? lock_release+0x3b2/0x750 [ 1891.547242] ___sys_sendmsg+0xf3/0x170 [ 1891.547647] ? sendmsg_copy_msghdr+0x160/0x160 [ 1891.548121] ? lock_release+0x3b2/0x750 [ 1891.548544] ? lock_downgrade+0x6d0/0x6d0 [ 1891.548994] ? lock_release+0x3b2/0x750 [ 1891.549421] ? ksys_write+0x20c/0x250 [ 1891.549830] ? lock_downgrade+0x6d0/0x6d0 [ 1891.550276] ? __fget_files+0x287/0x470 [ 1891.550705] ? __fget_light+0xea/0x270 [ 1891.551135] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1891.551727] __sys_sendmsg+0xe5/0x1b0 [ 1891.552125] ? __sys_sendmsg_sock+0x30/0x30 [ 1891.552576] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1891.553175] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1891.553729] do_syscall_64+0x3b/0x90 [ 1891.554123] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1891.554660] RIP: 0033:0x7f406f897b19 [ 1891.555074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1891.557160] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1891.557972] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1891.558388] blktrace: Concurrent blktraces are not allowed on sg0 [ 1891.558717] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1891.558728] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1891.558737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 03:05:48 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, 0x0, 0x0) [ 1891.558745] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1891.558769] 03:05:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:48 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x18000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:05:48 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, 0x0}, 0x0) 03:05:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xaf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:48 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xffffff9e, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:05:48 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, 0x0}, 0x0) 03:05:48 executing program 0: syncfs(0xffffffffffffffff) r0 = epoll_create(0x9) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)) sendmsg$nl_netfilter(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="500100000e07010128bd7000ffdbdf250c00000448000180486213013f225ef1c443f1a049524a78e5068997e49082cd7169282ea542f21b3f1ebfb9512fb499cda4fbc69a6cbb428964e7fec2975fd4da1c1a5145bc8a5c4306505e0400570001f15900800115356dd6e2fa3d25e4138fa98b574c44e88c79d4bc841882edd214d73f5d8f201207f256d38264dca2b23a4df5baedbff5c02dc87f98f7048da605a24c290220e397225b2007bac4cef5bd6b35c0b7061731899fe3c25c22fcafcb8360085f4143a710cc0026cb53d03beee6797f3b849ca8c0dca30d5b6a54f17c4c88932dd76d67aa94b8a90aa6a02c9279edf20dbef520c7ed7e0b41070727dfb06e2a59923f2650bcdea14389775c1c7b0324a0dba066fa7cee293d8332b512b43cefc6da7b6dfe4a6295db473d7d130346156226d32eb111bd05935ea55882550a9899"], 0x150}, 0x1, 0x0, 0x0, 0x4}, 0x20048000) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r2 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0) epoll_create(0xffffffff) r3 = epoll_create(0x9) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000440)) epoll_pwait(r3, &(0x7f0000000300)=[{}, {}, {}], 0x1555555555555427, 0x5, &(0x7f0000000380)={[0x7fffffff]}, 0x4d) 03:05:48 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:05:48 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0xc0045878, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:05:48 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, 0x0}, 0x0) 03:05:49 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1891.848752] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1806 sclass=netlink_route_socket pid=10337 comm=syz-executor.0 [ 1891.854528] blktrace: Concurrent blktraces are not allowed on sg0 03:05:49 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 51) 03:05:49 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)}, 0x0) [ 1891.916667] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1806 sclass=netlink_route_socket pid=10344 comm=syz-executor.0 03:05:49 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xfffffff0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1891.978070] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1891.993141] FAULT_INJECTION: forcing a failure. [ 1891.993141] name failslab, interval 1, probability 0, space 0, times 0 [ 1891.994363] CPU: 1 PID: 10353 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1891.995260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1891.996457] Call Trace: [ 1891.996729] [ 1891.996966] dump_stack_lvl+0x8b/0xb3 [ 1891.997378] should_fail.cold+0x5/0xa [ 1891.997794] ? __kernfs_new_node+0xd4/0x8b0 [ 1891.998256] should_failslab+0x5/0x10 [ 1891.998662] kmem_cache_alloc+0x5b/0x480 [ 1891.999113] __kernfs_new_node+0xd4/0x8b0 [ 1891.999557] ? kernfs_path_from_node+0x60/0x60 [ 1892.000053] ? lock_acquire+0x1b2/0x530 [ 1892.000482] ? lock_release+0x750/0x750 [ 1892.000920] ? lock_is_held_type+0xd7/0x130 [ 1892.001370] ? find_held_lock+0x2c/0x110 [ 1892.001807] kernfs_new_node+0x93/0x120 [ 1892.002240] __kernfs_create_file+0x51/0x350 [ 1892.002712] sysfs_add_file_mode_ns+0x218/0x430 [ 1892.003204] ? component_del+0x4c0/0x4c0 [ 1892.003652] sysfs_merge_group+0x196/0x310 [ 1892.004092] ? sysfs_update_group+0x30/0x30 [ 1892.004547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1892.005135] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1892.005717] ? kernfs_put+0x31/0x50 [ 1892.006101] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1892.006688] dpm_sysfs_add+0x241/0x290 [ 1892.007111] device_add+0x9a9/0x1e60 [ 1892.007514] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1892.008088] ? kfree+0x217/0x410 [ 1892.008460] device_create_groups_vargs+0x203/0x280 [ 1892.008983] device_create+0xdc/0x110 [ 1892.009388] ? device_create_groups_vargs+0x280/0x280 [ 1892.009932] ? queue_work_node+0x350/0x350 [ 1892.010383] ? init_timer_key+0xd1/0x110 [ 1892.010832] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1892.011318] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1892.011828] ? init_timer_key+0x81/0x110 [ 1892.012269] mac80211_hwsim_new_radio+0x382/0x4900 [ 1892.012795] ? lock_is_held_type+0xd7/0x130 [ 1892.013259] ? hwsim_virtio_rx_work+0x360/0x360 [ 1892.013750] ? lock_release+0x3b2/0x750 [ 1892.014175] ? __kmalloc+0x25b/0x440 [ 1892.014584] hwsim_new_radio_nl+0x9ab/0x1050 [ 1892.015050] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1892.015596] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1892.016178] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1892.016881] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1892.017568] genl_family_rcv_msg_doit+0x22d/0x330 [ 1892.018068] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1892.018752] ? mutex_lock_io_nested+0x1310/0x1310 [ 1892.019258] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1892.019853] ? cap_capable+0x1eb/0x250 [ 1892.020274] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1892.020876] ? ns_capable+0xd9/0x100 [ 1892.021290] genl_rcv_msg+0x33c/0x5a0 [ 1892.021700] ? genl_get_cmd+0x480/0x480 [ 1892.022120] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1892.022659] ? lock_release+0x750/0x750 [ 1892.023108] netlink_rcv_skb+0x14b/0x430 [ 1892.023544] ? genl_get_cmd+0x480/0x480 [ 1892.023973] ? netlink_ack+0xa80/0xa80 [ 1892.024400] ? netlink_deliver_tap+0x1b2/0xc30 [ 1892.024900] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1892.025444] ? is_vmalloc_addr+0x7b/0xb0 [ 1892.025878] genl_rcv+0x24/0x40 [ 1892.026225] netlink_unicast+0x54a/0x800 [ 1892.026662] ? netlink_attachskb+0x880/0x880 [ 1892.027135] ? is_vmalloc_addr+0x7b/0xb0 [ 1892.027588] netlink_sendmsg+0x904/0xe00 [ 1892.028033] ? netlink_unicast+0x800/0x800 [ 1892.028495] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1892.029093] ? netlink_unicast+0x800/0x800 [ 1892.029553] sock_sendmsg+0x150/0x190 [ 1892.029969] ____sys_sendmsg+0x703/0x870 [ 1892.030404] ? kernel_sendmsg+0x50/0x50 [ 1892.030850] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1892.031336] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1892.031905] ? lock_release+0x3b2/0x750 [ 1892.032335] ___sys_sendmsg+0xf3/0x170 [ 1892.032748] ? sendmsg_copy_msghdr+0x160/0x160 [ 1892.033231] ? lock_release+0x3b2/0x750 [ 1892.033656] ? lock_downgrade+0x6d0/0x6d0 [ 1892.034100] ? lock_release+0x3b2/0x750 [ 1892.034527] ? ksys_write+0x20c/0x250 [ 1892.034949] ? lock_downgrade+0x6d0/0x6d0 [ 1892.035391] ? __fget_files+0x287/0x470 [ 1892.035836] ? __fget_light+0xea/0x270 [ 1892.036255] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1892.036842] __sys_sendmsg+0xe5/0x1b0 [ 1892.037246] ? __sys_sendmsg_sock+0x30/0x30 [ 1892.037696] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1892.038288] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1892.038854] do_syscall_64+0x3b/0x90 [ 1892.039253] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1892.039794] RIP: 0033:0x7f406f897b19 [ 1892.040184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1892.042124] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1892.042955] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1892.043697] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1892.044454] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1892.045200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1892.045943] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1892.046708] 03:06:03 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 52) 03:06:03 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0xc0189436, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:06:03 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 03:06:03 executing program 4: socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'ipvlan1\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) [ 1905.872009] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. 03:06:03 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:06:03 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:03 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:03 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) openat(r0, &(0x7f0000000080)='./file1\x00', 0x202004, 0x0) [ 1905.876205] FAULT_INJECTION: forcing a failure. [ 1905.876205] name failslab, interval 1, probability 0, space 0, times 0 [ 1905.877519] CPU: 1 PID: 10368 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1905.878402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1905.879637] Call Trace: [ 1905.879912] [ 1905.880148] dump_stack_lvl+0x8b/0xb3 [ 1905.880558] should_fail.cold+0x5/0xa [ 1905.880966] ? __kernfs_new_node+0xd4/0x8b0 [ 1905.881456] should_failslab+0x5/0x10 [ 1905.881875] kmem_cache_alloc+0x5b/0x480 [ 1905.882308] __kernfs_new_node+0xd4/0x8b0 [ 1905.882761] ? kernfs_add_one+0x3c6/0x550 [ 1905.883215] ? kernfs_path_from_node+0x60/0x60 [ 1905.883711] ? lock_is_held_type+0xd7/0x130 [ 1905.884165] ? up_write+0x148/0x460 [ 1905.884557] ? kernfs_activate+0x1c4/0x240 [ 1905.885014] kernfs_new_node+0x93/0x120 [ 1905.885443] __kernfs_create_file+0x51/0x350 [ 1905.885921] sysfs_add_file_mode_ns+0x218/0x430 [ 1905.886421] ? component_del+0x4c0/0x4c0 [ 1905.886880] sysfs_merge_group+0x196/0x310 [ 1905.887348] ? sysfs_update_group+0x30/0x30 [ 1905.887803] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1905.888381] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1905.888959] ? kernfs_put+0x31/0x50 [ 1905.889352] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1905.889938] dpm_sysfs_add+0x241/0x290 [ 1905.890356] device_add+0x9a9/0x1e60 [ 1905.890760] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1905.891333] ? kfree+0x217/0x410 [ 1905.891702] device_create_groups_vargs+0x203/0x280 [ 1905.892222] device_create+0xdc/0x110 [ 1905.892620] ? device_create_groups_vargs+0x280/0x280 [ 1905.893162] ? queue_work_node+0x350/0x350 [ 1905.893613] ? init_timer_key+0xd1/0x110 [ 1905.894045] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1905.894526] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1905.895038] ? init_timer_key+0x81/0x110 [ 1905.895477] mac80211_hwsim_new_radio+0x382/0x4900 [ 1905.896010] ? lock_is_held_type+0xd7/0x130 [ 1905.896479] ? hwsim_virtio_rx_work+0x360/0x360 [ 1905.896977] ? lock_release+0x3b2/0x750 [ 1905.897401] ? __kmalloc+0x25b/0x440 [ 1905.897800] hwsim_new_radio_nl+0x9ab/0x1050 [ 1905.898261] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1905.898814] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1905.899429] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1905.900131] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1905.900824] genl_family_rcv_msg_doit+0x22d/0x330 [ 1905.901326] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1905.902022] ? mutex_lock_io_nested+0x1310/0x1310 [ 1905.902541] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1905.903127] ? cap_capable+0x1eb/0x250 [ 1905.903548] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1905.904134] ? ns_capable+0xd9/0x100 [ 1905.904569] genl_rcv_msg+0x33c/0x5a0 [ 1905.904969] ? genl_get_cmd+0x480/0x480 [ 1905.905403] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1905.905943] ? lock_release+0x750/0x750 [ 1905.906384] netlink_rcv_skb+0x14b/0x430 [ 1905.906820] ? genl_get_cmd+0x480/0x480 [ 1905.907262] ? netlink_ack+0xa80/0xa80 [ 1905.907692] ? netlink_deliver_tap+0x1b2/0xc30 [ 1905.908190] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1905.908741] ? is_vmalloc_addr+0x7b/0xb0 [ 1905.909176] genl_rcv+0x24/0x40 [ 1905.909536] netlink_unicast+0x54a/0x800 [ 1905.909964] ? netlink_attachskb+0x880/0x880 [ 1905.910434] ? is_vmalloc_addr+0x7b/0xb0 [ 1905.910876] netlink_sendmsg+0x904/0xe00 [ 1905.911335] ? netlink_unicast+0x800/0x800 [ 1905.911798] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1905.912403] ? netlink_unicast+0x800/0x800 [ 1905.912863] sock_sendmsg+0x150/0x190 [ 1905.913282] ____sys_sendmsg+0x703/0x870 [ 1905.913735] ? kernel_sendmsg+0x50/0x50 [ 1905.914172] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1905.914667] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1905.915252] ? lock_release+0x3b2/0x750 [ 1905.915695] ___sys_sendmsg+0xf3/0x170 [ 1905.916112] ? sendmsg_copy_msghdr+0x160/0x160 [ 1905.916619] ? lock_release+0x3b2/0x750 [ 1905.917059] ? lock_downgrade+0x6d0/0x6d0 [ 1905.917510] ? lock_release+0x3b2/0x750 [ 1905.917945] ? ksys_write+0x20c/0x250 [ 1905.918369] ? lock_downgrade+0x6d0/0x6d0 [ 1905.918831] ? __fget_files+0x287/0x470 [ 1905.919300] ? __fget_light+0xea/0x270 [ 1905.919725] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1905.920333] __sys_sendmsg+0xe5/0x1b0 [ 1905.920738] ? __sys_sendmsg_sock+0x30/0x30 [ 1905.921209] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1905.921816] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1905.922385] do_syscall_64+0x3b/0x90 [ 1905.922797] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1905.923358] RIP: 0033:0x7f406f897b19 [ 1905.923761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1905.925755] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1905.926574] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1905.927343] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1905.928115] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1905.928876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1905.929646] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1905.930432] 03:06:03 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 03:06:03 executing program 0: syncfs(0xffffffffffffffff) r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) socketpair(0x1a, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f0000000400)=0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000140)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r3 = dup(r0) ioctl$BLKPG(r3, 0x1269, &(0x7f0000000080)={0x7cc6, 0x1, 0x81, &(0x7f0000000340)="1a2870c81858f54dd69f0c4dd1b51a991d0235d29998bb7ebd220c0fad45238033f6dd97e8e3760387b9b68e6ffa9554fd978300041f5fedc1c49c684e133649ca036dbf9771258d5dd316f72c961962a59c1ee0de6488f8b505863e3b9de0a291000b5659e62e8db02acf3f6d904469f5e5d6760b4cc2b8f13c06bcf25a3947e2"}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) [ 1906.085168] blktrace: Concurrent blktraces are not allowed on sg0 03:06:19 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:06:19 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:19 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x25000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:06:19 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x20}], 0x1}, 0x0) 03:06:19 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 53) 03:06:19 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:19 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0xc020660b, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:06:19 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000440)) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file1\x00']) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x600100, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000700)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@empty}}, &(0x7f0000000800)=0xe8) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) r4 = fork() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x12) ptrace$setopts(0x4206, r4, 0x100000000001, 0x44) ptrace(0x4208, r4) ptrace(0x10, r4) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000840)=[{&(0x7f0000004a00)={0x11e4, 0x2a, 0x2, 0x70bd2b, 0x25dfdbfe, "", [@generic="b6bdffb3dff7179387c7e9c38bb113e2bb8e44aba4de7f72cd8a70331fa8946e4f86ea730500a191acc564a817b951", @typed={0x8, 0x3a, 0x0, 0x0, @fd=r1}, @nested={0x1187, 0x64, 0x0, 0x1, [@generic="52efb9d31c11586dcc0de13ea155911b550d039845a4a0b2262cb737d81e458e21141a14ed7c8e47c0993ae1af6820ae42295f9b035a1e5f2cd6c66433fbb948bd81717b92321d984715f7ad9894aae9095526e991d7c87d1df833595e090a15e201e60521c5161cad3201da9ac27023f69e6095853d", @generic="6d7766e958738f56d29a50b4ffd36c0ce3337b0aeb050e6ddf17f2280f44114d00c1977fefb55a416bf5bb328110de", @generic="7eff8d1b41ceb40c7eca57de217c41235d954b3bfbf2b06d974094a46c146e2b9f9cde63a0b9fa69c8021f5be70c0601c9236a67c03ca834a3bbf9875ec157cc106af88fd3d36eb176ad58ed27a62443c97949b3fd6e4b7c098a5bdaf4a26a3cdbc19cb4c7091d5c97dd11587b8fd4b2ce3680055ddb166cf29446b61048354ec7ddb95a829caf8cf02ee79519e282c0ad81435eb6f4e080545957d7f1eb8e20556d86e5e3818e6feb07f6880d1fb94d36469337bacaf514d9ea8e5664acce6d507222bcf24249c1f43e1bd59f80f1d6db108e609fc69ad3209f8e86953a", @generic="666f40e4066021577f34c63d7387d008be81c6b5ff8a797244622d54f03694b6aeb92736572663721ef0514b197a153b0fedc3ad7efbcd4f8f79c8349bbc9708f5ed2d0d488515ff1c9d84bee50be2656a6538e6098adbff64af2330947b85a2b968ef1f9f7c11aeddec20739723c89d6f612b26f8e855ea5464b6f4c047d5e486ec00af660cf9b10f0331cc9cef761d46bf35aa6222ba03edf5b3e01edd34a3d9f85deb8636a379d6b10c7a680748ad5c89f40a6e3b729dc3ceb4ce925fd0ca2a71447c684003f8d74151d88f1c98186c968094e7a8c4f69361006d06d87636cf6d47d3f5e5fd92c806cedb06ccaf3e3c39c3282ae38e94983db7ebc3e23289a67615305ed859ac5a19cd60513c7d5bd8c2c802630bf3fd6af640b829268d222ae0c935c106b10627306c5b57696aa930b1687f6b7c068258f8b2e6fc81e92ff7dc1d4be314758eb1d79f97e39a25fdfcda2fa91aecd01433f3baa896ccc7ef4396bf45d6869f9926ef90605ee071d53cbb59e39fe08dcacab3d824bbc616581864fc52c69acbdcc7ee92657229bfb87a787c54304b6fddfa3e22f430727d34c645830e9d3e36c7ab822bc8855c31e1172c6ef1e63e9cba40bd69987e1f6dcf9fcf9b305e76ae1f4972170895f69146f2ee274a5ddcd59a203d797353f516f414ab3bd0b730cba4ba0419c498ae60405630dea22d54d74ae23182598162d713f472e758176887b0430f7c74032563165897f4f4dc8661368ba50f9307656cb770384d789a767b053ee20af69a1daa4d42014b31f751a6af5274bd12fea6daabde082bafbef90cdf5ac18f924be486bfc67b6a55a0a6dedf1f8070b6c4514f8c6d3cbf36093c444f48f9302e3066d585710a4cbed050f8e4fc54448096f3961f8e64f2b10a0252acba1bfff19ed1022545db127b4d93e95a5690222e220a32b4a5a786c5d9454a8c7b7ffd070013d8e89aff2b8d99793d9a77cfb2c0440bfeeb4a074c0d6ef7ec7aa6613000bb47bcdc31cbf69319b36102840067d84f6bdb1832f39d8d57578de49e51091662c9125cb349559ef27233b9996de438a2cd523a39b31b64d9d1cdadfceeabeb61c910339de87c56938a054a7ff7de0fd4d3f08d889d145d35e07e3978dc7d9faf9f7ed84df1cd35215e6d0e663f4f10cf115379bb8ad44017f4e46eb52150c3deaee416e4a23155934d8da41d12ad53757d6d2d36dcacc82df95338f9ede1c1f341ad274f353e2241fc3aae4688b25a54bd8800663a3f0dc58156201568b09cea019cc6d1f6e35d2d1185aba46c02fb728800f9026327f590c3219b32f52706c847072e8fd450a1b2a95a7d7f352793d4c7021c7e5945021338126489082f11a0b5e03aa6a4eaebedfcc2b62e7e85ecc7d29fd5412d1dbd2ee49029f11666da010f235590af47ced9c6358822c0463989dffdd9a23657f3dc2939df3bc5366a94d3ae6966a7a502a2768c0d6b65862a0ace99af033819dacd42a94fbd96ff7305661ae37bb0e872390a7b9e76f14fd094c693928489c18465ec0327138003e8bf3051aaa9992d0294ee3fc6a0377bd126b5c2d988ccfa48bd1bfdd1b39987b078d894c6c52ad0894f8f30dedd0880e8265ff91d609caed999bc017890507f4c77ff0bcb01b16b375f6b31a994d27bae42c4ac7bcffca6a25739f0e06d34ff4edff947c7756cb8c79c6ea2411ca2aceb5717d4746b4e0b5addf6f9a277af6457faaa4d7427cb1815530c1d0fb8ce88c50537d56f9f9855f5ee40a97cd22d7023bec9f8e4b053a96b50183fe6b9134588e434c3c9fc177520142352b0071fc8464c62c898d9cdc4f16c1ac3b1aeee867a7593bef971b2b414f98ff1336e9c664271c7abca7af9cb328e2e442e50256f4fdfe17e4dd6193e3fc9c7ee19f07f08b299a72346dbda27b4f698a69d95f7b9a6b5116a8b5ec5fd06d4629c3bb54c22dd9b36e95fc105228ed2c3667dc891a85c8468661d63d9870569cec9a8ba5ba72f87a438460e2dd1cf3806cb68b7e0604e5dcb79c656d5f2832c43dae6cbe496595d26db901d00513aefe5dd0ef21a8775cc4d277da42135e6c0efa69b2efd639f2d043f24a9a9714c5617a53f2b290ab91583aab3af67d9dd97a92c3278686a73c6a1fea66583f6820673eb4de9d529e3acbfc3fa47d848392e71b372dce01a0dd0eb62539e4db827c96ea1d1e62fb39c0e4f7f47f11ed0d7297e7e4db9dd00263055ce659d5b9ea210bc461fb2f4892e15109cecf898b7fa171e583645b6ff705e03360ffc1de81706fe4f10d937b991929780c57d33cd03de3077e163cc624e79647bd13203c79f7d607007a03c762dab34e6ec97dbdfefd17c132314c805aec29e4be1cd4b4bc10fe46c409a0a2b3cf61b37bdcfd0b236bc3b2edee9bbc8207eaf76235f83d887716b097a1e46b6bc0f1f00645d18490f55edb691a87aca004d6113eca874ab8475f1ce84a3afe68aff26229fc057820a095890368faa7582b8204fab651b9e3849c853c004f317ac37731dcda30c254dbcf7535982e92309dcf3873867009fe5a7d0b3cf1488cc7225a560cda1a9a7961ec21018814a87ad465cc3a612093423e3478e371b42a3055e06c46dfdf3518ce2b939194d221747f70df44d3fa1030712560511498a3fe4a522cc3326723efc3a58af5730a17d05f35a2f59934124391ea2e225cfe947d8e1385eec84e718c12f6e94dea3077ee7f457fe61e6630d6d1e15ab63498318e58f40eb22fb0c8b1589fefe5dc0a2bcc5e319621397f785a9cf62d9c4d6a2617e31e93ad4e85c8aace90da6bec6412451f3f97ec1697fa71cd2bb6a7f2351d64f68b47e77c6307a15523f9989df4bde6e2f386c31cc9227ba11d4c04816f0f8d34d32e6a581589ecb7c23af1ea59a4d75d313043bcef546153299054673095ef05604712b5a9ce660d44e6be1cd7828f97665c90a7713f5feadc4013b418b039c30f10f730dece7cbcd0f7906a086b569a75cac2af1f4765700ce0722ee7706c407bb073c2588db3279c5c8e1f264970fd007766b81de99086adc2a9586e33e8c5472a1217863194eb89def9c02cf10772daf9efb482289297d758e46d32c3593f79043f7fa9d5e248c764bf01a49f476e8c650e840e3239114d90fd79479334e5d63dedf4665fb63da46433c9039f0dbe2acba6dd8b0fc070d591447fb3d6ecf85d9e5169c486f7899e5de7e47280098edb4954cc212f28afabf7f33930a87d58966f53c027ec8e3f63fb3aa04df107783c456452959df0f36859ecd655b575c94d377615418049b03e92baec03e09ac516af01aa006215c51a3d20f90b303271f98048961fa1eff563efa91e6b70ebcbc7f9c758eac24309420d07efab832eddcc42a4f371641324f53278a0b1280e3b88ef46f3cc46d83022c95dd6abed6bdb430d518142874b8cb7bf4abdf0d9084e81819b42bac87fc9647d40bdfa5d56e7df21d9bef99af6ce3b68edc69ea742da1ecde8399fda5707b9288957a592d9999b5fa765a7ee05ee9c3303f79127f27a88dbd72216b9f1905bc6c1325d711d21440993f54f0712b76a238b84e7a246227843bcc7aaab68d8e444928025f0e8fd9d9d691584d277b89f81d40d550d06beeeb798d3487289845cf038a4c655e4261bd983ea1b406c81cdd44650e89ad4a551395e0e0fb34d7566d684eff978d7260d0e2b74b1a1b749bea2cb15b6f21325f8ccad11b89b52fd317861082de8b5beea2251ecd2d77a154433f7619472d0601e100f8447d2c74cc559a9b946a02d7e72ab94e0b222542d16e0e625692b84d227d3a4d2b0a26227ccdb73637e2aac176f88c26a01377540c0f4d7592940f7cca2a1d0e8f65f1af3bebd97d536faf7be8a828030b74301e3644747afa1268fda10f207b55f4864b3a1359b723b79ed4994aaf35d53bba58b6f5596fe3354f3f81b23ce161de1aefa104e80be5830e1bf36b7b356ad8cf4304da346371f6d6f65629c117757cdf3b5498cfb1b9099e2dcecdcbc0f32feb02de890c94c33d4140ef1c2a71ef9dbc142231243fa27c5932243b2a32294f74cdbd35ecaf77ff2f7b27f61ca5c93da515341b1ec0bce244aa9855c9cc50e46cac6f87c18af092560e2044e84e78ac3cad26f310a5d170a4c1d97842541049192f5df7035bd99e165342d84459542d7e76e5a47e9f1659bad7e627079c4849097d61765e9dee459e6640126e1ad2c5430b75dd8e472dc482ec41f57a5525d19840036375e58fd3526709dc1765c879f7334bcb21de39d0cf1d2e772834a3caad51c62fbf38c5b33c87ecb3ffdae15d38519f8b013815b8a4cd329f4e2c7b114bfda530e052f659b0af07d1ee143310484ad58c6faebc9f8f70ab509f1c9555dbc8ff85d848c4393047ba8c3fed2c9248f1be4b9d316cd40f5681885b7f6261c932b65aea73b9c6df81b75f08a4dce0dd0211065def0f858f0955fe8775f2f0b82e0d515bf4108d4d339611e2fd53787cb27c73110ef04ed5b7ccb98389037f75598b6b581f2f7fbbf9d56e59225045206f9dc64503f267107624248f8f7470a21a611256d90f378b1964b0f92325fe79dd94e887e07c79a18d0965313b474a66974eb453a78f5aca83cd41edbfd3524664969dfe094f92ab3a91c32b2387edbbc9a15a2e7871f11df29a68c4533fcaed291e7e65f71b6f75b27f79da9fed59b14460ed0093cc25356ef74faede916cc086e87fad33c2a5d5985730d5fa89632e7f8e49076ac0259d3180cbcbf5101ba015dc583cfb00630dca9269c11528e6eafee617ba8067bb139108be6abd5d7c506a379f66cff7c7e2d3ec3395737cab23e1dc456acfe5e67be6321715fdf2d22c0dc7dd0315fdafba1c0061d1d52c3f7a5b3c8807d54b328fc4d3f72a7227bf93978bafabfb9c89b1e035ffa18372c412dda58a75bd0321e3386d41c958cd1a85d63680d312bc54e2236e2d7c490892abe86456737873d388c1d1f1b4a9e884f88d8a5f5a2518331ca4fc0f96fe08ec82a35c9af9d8a765e5ed12d51d7f510664a16d1ff944d12bc9031aa2050d9d49474ea07d1c543cbad5b5c4ed93ad6531642622ef352e584f11766372a5d4af29adc3ea5d643d07150cdf756f959d7381967a4bb028403a9042cba8a8006fbfbd6d67459c9102af3ceafa7d9144a3726037898ae84fcf390b88453056eae5cea979f69a17f25c29a777eaa4db47c883c5f5f96e4cf4266f75562736d233aa53cd9a2b939f26c74f2ef675a93f4efd68753039a7d9b973a95a88114d2f768cd3f0f14af2752365c27b0a693f3ea37d6350c723e403798542932a3836f5b6bc49864993279174e39f09877835512ad0c28545275b766463c7488b547a557ab7285dde83f9e37f89a4d32df2135532e743295c1f69a19deb40b8dc0912a16591eff321c6b4c3f8097c5c452db313c52a0c1626dc36285d98cede47df1bf629dbf7ccc9b3db7597c48922d2dfb851327826f58e4461e867b3cfb34f9da2a0931d8b2f4a38d47a2899325883dd336dfb3f39ace78be6ab93ac7124ee6973573132fc23a598778a7c1cf46e7a8095df347c528e306175474bb401fe40cf1a79d5d12cb245844275b6b44c0ca6d6f302c744c6f3e37784cf9a262a5cf888df6a5477e452741751615a212fbdec90cfb7ecd408245a29ea58451a2da44ef69cd5b120288732a4694ed35e6bbe795d4f4bf2a98e769310712aa772935a2688da0727570f3de081af634baf96560d5e4ca5c8a276bcf56933a4de1b1256b363f1b4d8a5"]}, @typed={0x14, 0x72, 0x0, 0x0, @ipv6=@remote}]}, 0x11e4}, {&(0x7f0000000380)={0x10, 0x2f, 0x4, 0x70bd25, 0x25dfdbfd}, 0x10}, {&(0x7f00000023c0)={0x2638, 0x1b, 0x200, 0x70bd28, 0x25dfdbfd, "", [@generic="89c7c0b01a1759cad5db01c82c29ab1502d344f34ee78b078425cb1f6d4193467cebe6081031010ffd2339b9a98606ff6cc331563c5e706132db26c2df2a939599eef5d9a35a821cfd4a365f9a4274e49da338eee3503ff505ae9094ebfd37", @nested={0x7e, 0x16, 0x0, 0x1, [@generic="65fa5bfb3fa54f234823dfc371b8c32aa887ca1f61705a5a5ff14d4f697b8aa55b0a64b636ae95ef3ea321ae773ebd186180e4cff17ddeac2789ddde4af5c6a614303914608ab097127012417713b6e1f384c020d66b68c28f9ffd4c4c8ca5a24e714035d879473e8d8fd9d86997e065e705d597848d3754c3c9"]}, @typed={0x2a, 0x18, 0x0, 0x0, @binary="0cefcbf88e4fb09c50060864df822c01cca2a1a07dacd1a104e990b03b91b92450ee225b58c2"}, @nested={0x1091, 0x68, 0x0, 0x1, [@generic="44303ca2c82536d77bbdeeb26b0011c84a445e939baaed6326e4aab5e5c8be9cc29ee4ffa3e723fa3ee316858377e33fe90e742ae70ff6e5fada9cde5f1db1f31910e9300da2576eb16fdec750c5ed4c4601c256ca99b35c7bd25bd13ba80184a24c16893168205963a6941b487a6c464e9a50822970ccba4a0f37266facbdf639f69bd4a5", @typed={0x8, 0x87, 0x0, 0x0, @pid}, @generic="418c567e4f2f28e0220a95f45aaef2c96e33ff052ff958aef5b7c00e899447c353f0c85562a501b673a9033401cf791ccf35f9c2817ab0afcae1c2f7fc38041974e51478621c1afbc89b8d7a6fe8a22ce23fd6f57f989ad7c39bcf3af2cb31d8a4285a70a596807874eda590397b3d54fdc7035dbc7365dd978ddf8beeb071891afedcc0a34dfc277e03fe98039df0308275ea6acac5d55f28bf04a770d3abb013ce70ab3de5dee5d336fe0fd81374695ebed91ea025431188c907c0b6652095d682618ff0a9beaeb493a59a7c7c55df76d0fd00dd6edcfa844016da4fce56e9f04d0789d8f69735f66665165ffea5fdbb8e05edc3295dd0e77b882730f1880242632fc7ef0b17cbce278267747f92a4deef1dea6a4c67fb1a84959254be020eca67228addde86207c83113f99ca11d7265a36370d13820712d15874016465b2d7a2bb3df2be1d79d401b83eb4ebeb701985ad5fbdc1afb5a6b6feb45e199d88f5a1db999464983dbee7950d1d0950b4508767437f19c068886ad3a06bd5599c72afbb1d6ea6a37280eefb90facd78c24f074b23c265a4c7c13260796b5e6f2cd884f98cb7e04f07c84918674e05eff32b7f15be468d6808569ff1491e103ae3161bb413153cfae87e905a1f4ff2fabb8308f2ae9318c519304ea87d3337794f129a92a784ec696aaac92e1c3e470c5ffab795abaa43b8466906e590f4fb1e6c2cffd4243f75275f17f718d6eefaf230620927afda88bdd72c765517304c713dd6bf5f4a331d54bc2aecc432e72eb12bdc9a96911c13682a543ca6b2743553c3b7513e35014760109a605ef07ae8aa7eab3ff783e0d9f0a0c34e91e79163c42cfc7004fc8ee6a1d2c03baa586251e30cbbf4a60a93ed128df57ef61ea165cca4a518ddcae880cf34118b9ed56fe4f129d26b713d971e556d5343e5f8c8ffe6eda86480ad3fdc616d624faccf610e8a526bae7a792452b713a297840b337fdd931c86f0ba55c706dcf6fb302ac45b6438ab197871867a1a91755d1b49cfc17b14b95fc996fb9040441d2ee7ab1b2367fbc4fc055c6d594b922aae719fefe9f81f2e6b63d29189288b7d6715bda468657c2b051e754a8287af281eb7ce3c0f90c8b2c49818599936716bd110d194852be80dd4c03db91018d8fd40c713013e18a178e4246f88b4495f90ba5305b019320f51bc3e015e5e17488b23878ee103eaede1da07e78ff7a5bfc746b505662307a31c1a5a6f49f6e1bc5756cdfe16645fae73dd7e84e91a0d8f1007bd90e9b23cf3fedc4feadd6b88e2066affa039d596c8cc8da863fbb4982a6e0b819ae3b36f007355c33e6fef92072361030be9ff977ff447470eddbd8f75fb38a5a11583342e1b83ca6fd4162f8e46ca9b9b001ef8d7e76637e71729ed9b8070ee16174883ca1c04838bfba05701767da852098b503f80be89bc3dbc6114db4216bfa4dfdd249f4329a95ff9917e2b6eb034cedf4c7b98e01933b1456a0540833d06c036cb13d1a5722c301fb267c0134f44090dd53e829f7b4529227bc2a22c5c065b0d9d13590d8fceb240fab266764b4800cf865e0e26e17d7786be2e3fa4f97689d3334df6088ae2704cced1351c5de651d861de637b648e8d9db20ca91b89b52dc8903b490a6f9b98514462cbb7b932c53c76f3443c1251313e7b2342645a7a88e4534108c411883deb555b7900f312fda7e06c707852512411c25342cdba655ccd0b52749a51dbfbf04a85f4f1574707e227da46f84eb2f0a44a4119e59f0b80f248cb4259a3cf056d9740de6668b715fe352b2e9db2c2685d0dba50234d096194ddbbeefa38ae0ff4cf03ab5f4e493e8172f9aa8ffe7f7065d5887a5c9975903217f89511519faeccd6df635bcc0dc73c4b84739b3b6ebc7164d096a7be6a6870099a3b87fce99f75b4a57013cb4cf0532ccb7ebce02057dbcc781a7b33efb1654cb1642c9b2c00ff35e74df7723586199ce6128f21e47ba6be3aa345eef26c7dc06eb224b91e9ea576b04d712e8af3456909206d79f74fe1b1d51c1fbc6a4bf84cc8b0823d70b049860746caf23c7d73d1351c10aba080e2aa1da12e055a36054bfc86cbe79c4706cd19a910ccd1cabc7b7f30f21f3bf5097f5b8cb28140f943d525b696e32b1e798651ac1986d9e116ba1458ebbc9f849d98064c60004b6b85fea981f2db21b2fb64301c542f3708f814d1033608156b9e6acb3c510163cc73af8e7d74ffd395a0f31c5216f899948909ff5eccf869c89c6757505272e3564b076889f627370f1473db4e3efac8f6b8b08958c44439a5008990e887d26f2bcd77cb0fa8653f1ae959f8e7cbb001cefde1e4917d604d716a04756a8afd336c512c6e8c85bb52042e0e7e4df28af70041bb420e2e69e340196718dcaa7789979159c217af3b2c384a94174b6767bd39d2575aef92ffb5f66e78c6ab40417b10b1c1c73ea7f21bed4fb4e039ff15573297e4af78eb597439fa12763432c5f9995af8c489a08eb78c396b4b1245e4477d70371962c8e814699a9cc9b506930ebd3558c3d86a74fa8bd9f911064073fef34bf26f21d4430033744ea7fed7b98b04144b886c55110406b5245fbc93980845f44df686cb27f077e0e10d02f222788bdc544c58029cfed65fdc46bdb90988e18c7736053bb98f941ccfc4fe9b485b5dd3749e849172532e750435ef36d111f19ec6225b0e27d6a5ef71d45580404034e6f676f6e31d0f1a484a68d13798c570b7d6a009c7f378c368fea5250c5df26809dbf7ca0a180858f5bed82ca7f767ddc35dd87ff7d0920705c2ae937e5718238584bc878abeffb42c55c5bd1e76c794ac98d3565f8b6ec2ab89572628f181d4f30696d3310af819b0ab60e762bcb93f036418320398dd993e0e886acfaf303fc939e89b9f39985ef0a2e394a74311828f6a75d3840bf4dd36f69a400c9aaa043f48783a08708b06008df8b8caa9844780937b7b8b90060d8510b0123ed3924c1b1a048d69f64669fd318e2788cc038f46f1ad3715a2209c6f6629a6be05750de035f928e15d6c8bf84dec182ed3515472a577d58da7ddf199404086f19a9e85a12c43975ae1bd76990cc4ea4d1ad4c93ee55443ee4ce5ab81a09bba431bee10771f5f9630ff038c36444ce320d553aa199334bb0e44be08e285a760fe162334558f6c80e437ea7b61fea97943802616046a163ae8d8306ab9a2c050ba52e219c11a245812b1909dd129d749b020f1c2903615c53c144a1281c9870a5fec544a99c67bc76d2fd0272d5559f0d18ce9039724287a9b543006d6b64d23d52353c34356a81cc6a0f8449116309a5563cd42e8eec064947daa861977c12b7dc443de40441c1b09431c4079d023f6f785510283347ccd757e60e006c7e695ba978938e80ac917ac0f2df995806c691abdf9c0ff4f56cd6ce190e0daa04bc4d2b9d7659ffb12cce691ad9316f8fdd31efae092d397b30ebf4a589d58a70eb70dc6a6b11e8b3e57dfed234588c75d54c4ccfd7a88ad249b50c0931f5cfa43e82c7c33271fb818c52e6172330c1775dd311008c2fb78ea7aa8bbdcdaed35532aba83b50d0c7a60f957f7f278b52173f7e980c299ef6124ec4c8a74f89b764fe4a7a288fb9e870020dd446d40d159f52f02c6ca17a771457298ff36d6eadce8d848eaaf6f8753acb3399b085d5c9b746c9a9db8005b17ad08a83463a4cde83c588cd737c0487fc2f16e8d975a31795f24e73604464358761fb3e7dc5b4e023bf2a628c51b3c6bd01b070ddc5182e95b8ed8cc1a18a25ddd4e23a0ed63f030c07803c4c23908788a5f3ef8e8916ed358166d560157f81b769d5ced9f32a4c60b3ca7b146fbacd7251d0505b356cfe7ce97831056eda2cbc253f9ff8992abb16e1c5a39daddb081d606f9bc4b8c6c481271bb7dd0a5cc968da56c0b530b744d9e6777cf95a9ee3e0f455b663276e6b120a1458f4df3f361be4f463ca2741950dcb712d79139b94ff854eb4f17ab3ce85a6fb9fa4da18fd3420e649b4d4fc678b9f44625fb1fa714f22aa9827b97d493552b596e01b3da9e8e948b6906c1ff1cec2fbe7cb6791b7f70bfb938d134cda532ec797d99c8f75e45ff06b99f1923b984be113b819d0cbe20e44f840e0ab0a8f30c7e8f2b5d3f64e66c703813b308d00d30b22b905d6f4b79a3ee1be57e7920ca16dcd106aa28c9dd1fdde87e010830fed6dab035419c153780e1792d1903c7bc03c2f9b4ca3028a59a9c66e5b91db67c892e0c483ef76ce36e6327f91f12181a89da53fad92d074f42e8899c262cb80ce42a93e270a1de6373361a9f69047221bc6158616841a24dce8fb4048b1df5682d67ec406b7e31b99d3d69822a3c77a5a084105219e7deea48147e6f73a57fd087ebec216c59a7987170d6cf5a663c56eb044ee7f697918f9be5865d68cd27be10af0e7b0e2e3b98e58b7ee2bbe37313d5af8016a6db3f6bbc4a2e316dab1d89da8f0179384ff87e224473fa717319e88684db53290f5231b8e4855af9e698813bf72effb3b1eb171f087995704f7c3ca7ce6a2ceb751d5322d851bfb267b57956ed14914f2aeaba4cad7443b07a6754e60ddff7789a1335eb68bdd47b1b3eb9622b8714f0360044ada779b768a3784454554825eb9bd5ba060f508ae94fd3901e4d9c8c0252b8668d3ad01b0bf985ce7a3a2ceadb8b187cc060d64d432f10aec96ea8530e4066c053d3430ad372eb8deb3ebdd9e3374185b39dc6fc2ddcaa93ffd95eee029bbde4e305600adcbbb8f18c04bc92ee03e74c057dc3e244a804a3cdba9af8d635a7d6eb0117fc441aeec9039ffd016f70ec8ade222ef2fb0bbf2b26ad40b9cff5d494560c61da6d55058d42d4dca3080b9207e2be91c2c0e92d0d2fab80fbfa3d027cdb3b5f1d2f8c3cc4daa9f9e1d9523f7fa3880e3b958c3babfb2484e4476ae5dc0d5aaa868d589aa2f2d487dc89ad6fe9c0064d8e676afe2666218e7d0336baf7847076c885240e4b38f257e553541c6db4e5bb2cbf38b0a9f780e5a695361579a822f4cf040919ea6cef5447b4cc30d84475b9d1233bf85ba92a706e87f1c3985d398eef500aec1370c222728337e6005db9b9fd2789ee74bcf886fcd04f1bb0e8da96e50f45f6346d52d3381b09eaffcc6da2873794c89d1b1fe72c33cd675a831f1c2de7b7c9c105261c0339798275669f06a2193a831c30efe06980a02a89c748a4582e72b05faf36005aa0addf1da8d57bd480ed268c792ff649fdb0a40377b98eec29fc3f18127d9376938ccc9d616198c8eb574b4c73e825081014ea240b216bca1e08a0105a7b3a2ac087d6a2273b8b1831abe17431f44dbf2b812c922d3400be01805384aa4275b78c566873dc0acb6fae1da5494367f10a963f6b3b752e7a2b7b3c75587761acd11cb28a3751fae2a737ba8370d88081a4719f867c85b9b96a4b8b90de688821e8089a26ae001b0e0a0b8fc44f3ef8d612a9847b93a8d67122a0a0ce42ca051e7198a60921c039657f35e3d614810adfd68ad470783a9c88ad81bc6342d8480ac3b84b4927bb596c5f5cf766922fad792a449f39d649a9aad91404c76f5aeec9c3a0c225dd278e45d235d806b0390d2403f55d91c32209e0579038deb39135c2e54de4fcaa803a9cd3942da00dd2ac7569ab3a63b79f785ddde3da204fec70ea9578fc9fc946391366d6dd33c6be9b35091f941b2dae8815f96e373824490e9756cbbd880f51bff6c1a72e8d82302b3d70f58ed243ae3c28fafceae180f33c49ca5dd5bf0f"]}, @nested={0x10ee, 0x68, 0x0, 0x1, [@generic="8f97", @generic="6f00d15d76455f5c0a51e0884783d24720d549b1f6fff605251fc392ab1e77e3932e1adbfd4195de2a66c5f130786303315b514ac5c3b0abb3a8ad1fb243b5096a894fcd4304d65194a2bbadb4edf46dace879180c6d48b791b47be4a7614a49bd6a490ad6555220fd612aa0979002a7d16202798367e1ea9a12bb720eb8bd74", @generic="0d74020c45400de05d5e31c49117ec58d6fad27961f6b2b43f80ca9c68838a5defa533efb0afe32eb0c957", @typed={0x8, 0x91, 0x0, 0x0, @ipv4=@private=0xa010101}, @generic="b7ffb1c4022a5c96e794c4b154405894066fc100c8dfab1fbee7469f00c3a1d1fcc12c33a44704135248365568194559de47facb302f4e871857c842ecb627067b12a4b6d21e14b11be1458e6a931f888c7e73b67c849048a028ce5c3875ae927b87366eb5e9e791b1d4641e6432a0746ad201665ef38f7f6dd0a9c2276f81c86632e570ad255d40250cbfa5c4857ac2332937326da75fb937785780958f31bf2cdb29e5c36f54544d2f9849cf2c64c981ddbd486d0124487230454388865382401cdd32471e3ca937ee408e7ee2e3d0157d5898faba7112d44f9baf43dd3c1942fcdcfbda37fcc47af0f01f53ad1af44e1d05f973017e307bded5523f08907a2d5b80adf557bdc71adf3776f022c1eb3348c3d3cde282eccec64755e61725a6790319423a65b2404d5ef4194c752d4d0b5f79cbac0225e7ee729723c553aebd567d114004439624654c1e86dd21c0479a963f533ee81783e853068f9d02e9ea46158dc475724538762eabfe8776e5a3214ecae5aadee4e47c9254585baefdfe4a2ae1c5ebc8044736544126be6d64bdcaf6c9786d2d955d11828304042190cca3bb71bb05b4c73403e86f57779bb55083bf86485da703826e282dd9dfad57ca8f720d36ac70327f9abdf508f3343afc305fcf20e75088c5f804324465cf76868bc232468c68665a8bec5b09f7fa6ff19427a43d4523f4670e85c7467174aa7c1eefb495fc1ad3e133f5623d332aa3a236a069386b69abd5f3275339833663cecc91a7f5985efa6e45a5c11acf480dd85bb884e4dfa3e83d9e3d042808fc24107cbc29d071c7793c4ee5c3d7ef9fbfe460dde4232c97856faba32f1c44d3f777464c5a427e9b7efe17ad045acff596f05a081556a42192041fbcceabc22947e2654d816f2daff2362db3e7bd71a007db4544f512f539501c9ffe962ddce674dfd06fac9c9682dfb03f5711ed9824a91c4a1672ed3f96fc685dd144a7cc252d31d7b92d3c324539b456d246920c8022c29d90d96c2a3cf09f50447f1d7874fca02e16d07c464590aed2b8aaf6c9df91a9afc3f5a0edeb219dd2e36df19829ba9bcdbe0d68ad99784197a6ce9772d53d2b59dc382197216346117838ebc387ade3bf13d2b156a713e2c433b6d11c6706784c2429a1af0971cebee15404f70c624fd537b35e1bdb67632e8e5c58d523f0732d81b59cd2f0f8f51b233703e07f1aec3fe08ada7ae95f9f4ee21a203e06be2bc00a20282400884dc55f02eb72f59c10f4744a50bb5661e06314d51a21ef775342de192e725297e0a9c4d6ad11205e5d595685fa558b5db669be85744e9d2d0e7610c3eb85ae05c80445e6aeef810ff031d7dbe76084ce739608d0cc1db2c84e7fa29fd81b162ab547ab2aa140097e6cec7f56c5342e8326f4926a3e8adc31c797f88e3ea9dca2a23055bdaf175aab3565207efa55b5202486413ae48c4d793d5a54066a0fb01be669c480ad45caa0cd9e6713e492c9a0fd0307812b1ffe83de438e34ba02df6d0be7f6781ba092ed923a7e6bb60a1563fdbb19ea4cfe67fdf6777a74f8810f4376e8f5d5cdcc7f9f0f62e117b1b7a5d12bea7e616b2e8322508ca918f64325bf52c7a21c9e56a1d48bbc67ffb8871f6ecdf3867ad2347fcef7c8785829f3a394ff1d673cde174600f30f6baf8af6eb8ee5c56d9cc54dd005be3b3e7ab192dbfb095999dac9474514735bd052418604ad1d7509a0b6a4867269f8462d7f09f388ee2f64b393f565942d9c0012cc880d4d57682f689c4248e5c4b0e2914cfe844b23258bbf4724febc0237439425c0898de1fa414355d3c176f54bd80ebd91521d7df6cbe9070ab97e51f7889138b0486572b9b0568c2d678c3e5e78d33e218269f1418325faa01c9fb1f4130a7bff938d40c391ed42fa323c9d55301f59a22bb336e0280b8275b902cab584e22292f951da1cb68d47a30aaaf9ec9b03aed21aebe3a4236925f2dc67e1635f5a6f9d560884867d7438055d1a20afe609afc1f9ee2caf488a72de96cfa32e7cd673055a06c28e7ac0110108b92d75c407817aeee1aa09fd707c4567bd449ec618f49bf17a4aec74b918d00671d57e7bf977410f52727c78f412ac409667dd4296e8d66ad3eb02057fd5836cb8d60cb52e841e1fedf61b3edc79bda0a63f1a36dce7d75c3ab5e1aaff0ee4510d3212fa2f1ad3c6519127e0f033d7e2b1a7cc27bf6e425fc5b385c79707bad308fdf49661ac4fdafdac1de4529796acd478bdb43d086da5a95e83abc1afd7d2e436aa8352b357a235be968140049ca667a2bed42b740ec2503a781b0d97d0eff75d1fbbeff1d2aee0bb9e9d64d21244d74960ff7f96787317eeeb254e882375baaa6f981a5c4f0b62ef7bfe9915cbf3ef559f1b9d13c525f6a946999489d9dc8d461da374588348d1efb863488c90a0171c0f8d76bf264b19cc286a689fff67b849edb7bc5c1a5b4342ec081210baa4912d3c7e338196b0dd45f8f74a28927a375fe0366c898c6a69f1533ee4971b8360c742bb3f2470ad05b363b8042a49c25fe17d95e76fc2d365944ebc744654f9c56903643bb61e80e3c79ac79794b9494ca9eefaa6c861cb4ef418395a8d6c4e01a4fe0663e9b99c3166db868194df7b70855a4f003c8cb9c8cee943f2e6ae93d41b7a3ea9123de4832fffd9d614c5129cb37acc91bcc62b3f4705622317504e40eee6b0f49f3937209a6bf529923a9e8235c1343ea119e16559711020efa5c227afbe79131aefdc4b26816841944708904485be743f3f785cd7d2511c0a43dba742cbffc50651d423eda645abeb963a9904b8133b49d9112ebdef928f5a7b67491ca948275ab222dfc9c06041186dd4c54114462df57a84dd8c8d836929bf611e66dbb7a971e4932df86c134fe59fd5b1d68c493db91351580eb0d4344a920607fda7958983603d1d510808d4444cc5cf44e4fcdb7dc570f2603f8fda43d550b129ec84e37c3335b750fa970eddfa24250d592d8a8209a6934da5b8ff3f3585ba8bbb3736d898c76eaa78e851d738bcc5e615a9597cd98e75aa10ef0cadf677ba68da3a3ad41c8bdfc50f9d69ddea594c3485475c447937e43e7fbd8dbf3e0f163feaff3cab46c23fe90433c0f7c189f9d133102d6abc259ae2a7c16ddd3aafaa4e18b032830290b3d4f2dfe9ecf93a39c6febaf198b4328fc28b0a18bd2f6e84fa0437aab3bcf1001ae33e1bb3d03611b8b4c4a5766515125bc759750d0b5d29645cb159f21b702e2426220d42054ca83c09500f2cbab582e55bb4a0df86b7f2c163020863052c1d8179187334b24a50f5b563f1a3dea37f0a5a1b188fe8def30cc2187d722da2b6eb588ab86cbe0daf915f580e6fe79d270b8ede2f2a615bec67c99952fb2f0e5af605aae2490194673720a3a6f8acfe5bbc66ec2fa5d1fe25c94a515f77fdbd561072a884c6f74220a96381039ca06a80f7ff692ad62cebfe4a3be93115e1aa9ebfc400526c3bae94718eeb3bc8650f91282cf71a6e8b95a57310dc236a4f40559abc7dd633f0d662251baa6cf8ae41d7b83616f63a3b3a281f76f3592acfd5ccfbb7b49d525bb2a3452e42d9c495224a722a032dc076f8e5d032c8df9452b13b93c308edbd159ca2ae23d1f1986b77470076422c501eac8e733ccf576101dda3292a07a0371a20bbaad49f4be27534e90c130973ef9bfb67fa3ddcbda4c6be6c406b9b338663ae1f0752ef0df8f70b2f436ec1b477cedc738b4809caf2031495931fdec4ceff123278b10653654c881d0aca3af4755008920ecda9260636c95063c43b317c6aa0420ac526ce25e8ef1e969f4ceb5a17a86c0d2d46fe36d157ba7a8f0d4725fa52f95777c56b3abc74f84378c43f87f2f53950a9c5c4d390d3b90a117ecf522b517bba1c6959fcf9c5eb658ac82bcdaaab3f3d60557f88848d07e655a0f3e193876eae66d237d362b4134bb84474db6272f18d446aee1f87d50b4fa6eafbee4a6fca18e060329cbaed93e25531e6286cc0ebbb5f5554f3281e4c3adf5f2f268a57738c2e2d670c9390a02e3443c5d0a59e1abfe27f5308d4764ecc4b2ebc4325adb41cbfe25223bad8193499e1a83fe38c137cb9abe22868252f55657b04b9c377187ddb573585a886faf148bfbd4a85f1d3957aba6a58916a0996233e6ea6c0a1fd4772bf4d04aab6d3ab7eddca1a5a5dac04224399fcc79edb762057b9a967c73acc653cb6e5d3f9634959be37a880e7bac2f1cac09b48176bfded5b0d411b592d59f450be70d2eb9020f74023a050501ac60c7ce156b950d55d0e0e8f220fcb54a3be63f21ff304850650807620cd91d2a99797e8197e0073d84c0ab1af8af7e480788033532e18fe3747c0598683efe2daf403cb82dc0f874f602b64d6ffcfe60665cb4e033500d78251d6996a60b377e97f875837e15f8b57e3d195218248e34901bb43e82a1fe978d078ee323b0a7de7e49e77a5d4f56bdd3d879ebedb863b364dab444da0b025a59792cc226651eb544d32b936634caf25f9e8f7d76b409ba835c69ddf8c7b771c9f962d0aa2279b3b232f6413c317f63f47b2642ec87965fef42f3b9007f6e24a37d5ce8786db5282d5302eb9fa698c82271d8c37bbb25f6bc9442f0d2366213637e2d05e4aad67fb031a57f439234e555c28bc8e41925ae0ecdaa1c946d8e674aaf969a6cb7cd882e9bc9ac477ae7f141498a67172c6e94a6f03d2a58e7643ec9c8c92a4a5c3478d453c54c326e8220fb5171384d7ffaafe444d00c547c87511188bf80e823e0c465be554d2913ce72d2244b82df2cf62debcb75bbaebf5ab449c58adf89374d628b4efdacabd366e8f62cb6639a205235e47173a319368d8c00e24af0b7ec6419a8ba29e6d6ceceb0505c7b8567adade1981b43e4cc7037ae368beb99c7685007e2788ce7156db48c24a5cd953b757435a1e76521eebdc4c8f20f0f147bbdbf51faad658a4b5374c47c63b8e92fe9e592eda0bb5d73ff55ad442e56812288f48da26339cc0772cfc4475a68990ff48f5daba501f01aa0dcecd32274216eced977d2385d76868214e07cc63a3d06e05493ebe9fa26dbddaf8d9d34c4126582c89da14309e1bbcf9743147aacdaefdd31d3bdd03ad26afb6091950d9b764d5f1c5b67a26a4ba151c258320a8ae08d9d6e1caa94e0448d7164337ad996585bec579fa76a5d0d9bb5fcef74f4e0737ef77f54ea8e84309e2bc6db650bc52ea2984e01762139916411ab839eb73fbaeda64cca666daa5d46e436e3cdc9e321909f1c35ea1daec20ac535b5eb5fedf3ce45ace01396b70f9903f53183a398f155d353e28f9951c271456ba8a17beaecdcdf61143caef24f954dbdce4da925ef5e4e9f3a66093421923ee1a53bd39bdd353c4387da0c312293cef499cdba3b02cb89b8319091f64e218a04c157f96550a9051ec8bad5f15df5f4a6b86dc9aeb2aabc0881e6eed589cd64a5d20f66083fcd9b898521e433ec181de30ac141708175b65ce205634f8e649fd0c65410c68f8f730d1b2911bf0ea92fb91d07d894f7984b158cb8643127cf6572b57d0530ad74ba70fe9fd484a5e50ff4b6a84e1f2adfb36043b8bfcac6af205cb23cd644029e9d383256562d8e0deb62cd1c4e3817dede6ab288bbbad37115570918194cb24e96cd08015fc94d7155798f7b662f673b1bb8383f114352e2fffceb6e4a073311b8093863f33c7af90ed17c9aec6ca2d930e919de6695c90e540e1e2ab92e8d8cfc303755a9fe0091c9ed1821177d5335953425f", @generic="680484b194f9b5f66883fcf6a18f5c3e4fbf65306c0570de10e5867196620504cb16ac9231c16b2de9c804ef622a24c49792311f9f"]}, @generic="92bf85bb04b6ee7e22a5529da80860503f89717535a3f418ca3e8c842354e68eadf5", @nested={0x1af, 0x23, 0x0, 0x1, [@typed={0xd, 0x51, 0x0, 0x0, @str='/dev/sg#\x00'}, @generic="117a6204d482241a9b630758c4309215518fef801972e23f38235b20fc1f1cfd85c8161bae8afe4b091ceefd043a4d7973ec5b54cfb154779003844d548d1e2ae61a8ae962664626e6d65037e44fe745be9ae5eba60a2b6b351e18ea9db61f72368a9cb5fb98f599d84908ca4826023caa75a49260b5f7778c3dcbd3547cbd80ddacf2ca9321a44f46bf8c5d77fd8780f1b3ba8e28557ccb7768c5a8589cecce88ca539e", @generic="37ac8452a67aef472bb43dac06f7ca3b8586fe59a6f3906cc4206011d3bbab4ff66c3de886ac84ddd8c332c570c49f338398e440a5371afe4803c961a3e36949a8d6584e44412d4ad5e28eb4a6d21a5a554d48e4a37766dff81e4b067e06ec5e04c3c5881ab30e275e270d541a9d27a168585de5e5887045aa1d69eb554e39c916371f6d582d616028657ec046ed601c1a3bf4aeea8ed5b7d7c8ec710cad9a38988a0cf9db79ac5d7235be6532f94c638f7045264f824ed3c9376b951cf0e29528179f101db6c08383b36074703920fe5872b928bef719ebe6be27638b3d8941b225c34e2044e5fd524c02955e9b14", @typed={0x8, 0x50, 0x0, 0x0, @ipv4=@empty}]}, @generic="97c5760e818d41b9e5d432486322fe5b1440bd439e0ef5e1d1bb9794b0a4e217e49988d53bffacf830d4d73005efd6755a87582e9654aef78c18b324a6a3b801e9c557cb13b33e6c4d5e9a85f9a6e72617b374ae33bab4f2743a17687c6059195e9035a9284a2508140b6d691682c95b57ba3a531486d0d39a76ad5dac5c6d0f4c63082ec3e25225c93c94d7ab3f4cda1485236beee44cba654ff3e298859e94008fedec09d8", @generic="3ffcc405614a5a63e80c77506eec97c23ab41d66fff3789dea801563255927ecae8ed221ce4c72c00c3cd2be094cc97c22fa376c087460b62df844925ed2197b323d9200d2b5aa11a3ad6210e36cd6ecf7c5e23a1d773455b934ddb572835b500b803c167bae1991347b", @generic="18dd6fe16d27e23c6c06265c66c08048849a7432718f0c3ce1adeb3815465619ab9fc3c4f67c804caf63d3d184dfae88086985b46d2fef1d0b7ea9416143999c7d920a0f828abca62a3acd91a3bcd9e7f861f96c0452ee035fb3c05121a26d48ab37dcd0b6bd6082c0b2e1043f172bd7b996445e16e1e04441adb4837e0677c6acb4c9ada6de8082979b1e55b36e41d073006037694e38e5ce833777f6cce428243804712c5bc9c927d37517f733d6787c41b260615586"]}, 0x2638}, {&(0x7f00000003c0)={0x94, 0x35, 0x2, 0x70bd2d, 0x25dfdbfe, "", [@generic="1751a7fc234b4503b01c5b4a442628cd752b8adfaf868a4f0bd445a1d209e5432871ab629d83d80807a7edde197740ed15652d1bbf3747f5ff1935188c4da9026c8055f595c51d7651a73e6fe726b1bbb341320030cd2f1e1398a21b40fe5ed92d1d646b8447c94138c925ed6ddf965fb4c0f0c3a3432050e3d0db5663673c58e6adbb"]}, 0x94}, {&(0x7f0000000480)={0x18, 0x24, 0x800, 0x70bd28, 0x25dfdbfc, "", [@nested={0x8, 0xf, 0x0, 0x1, [@typed={0x4, 0xc}]}]}, 0x18}, {&(0x7f0000001040)={0x1378, 0x31, 0x8, 0x70bd28, 0x25dfdbfb, "", [@nested={0x2c7, 0x39, 0x0, 0x1, [@typed={0x12, 0x3a, 0x0, 0x0, @binary="b2f3cea93c65551da812a7598211"}, @typed={0xc, 0x95, 0x0, 0x0, @u64=0xfffffffffffffffb}, @typed={0x8, 0x24, 0x0, 0x0, @fd}, @generic="dd640dbd03aa286523008803ed6c2d0114cac806120fe4b19fdbcb741ab40866ff94af48e06e74f5b6acc3bd6109b07958eb1a6344bc85f7dc11d37b922ef705790738c340134b9598c03e7ba7f6aa4d803d795fd375306e0954d8beb6d19be9b8c645d5643a2319c1289be04b55894e6a3dfc8e200ef2d97e057b628e7c764dba05a0012f81085b9accecbe19e15e744353fa1d2871d99016ef6cd450e82e37493d0995eef046aea27541f24fddcf2157bc543fca8fea0e45bf7d350f8e67c241", @typed={0x8, 0x4c, 0x0, 0x0, @uid=r2}, @generic="be7e14e7d96f4764a7629c2387667499d882ed7cecb2bfad331c9847834ee38866f87d677538a34b2d409ccebdd007b375066f4841e49018af86451232f294f83690efb7416240f2094c359976271f928db864792f4de573e0e2952df6e2064ce223ea59d1e8619d34590fbcb821c3849ab07a627b9bab48ed1c0016331aac98eb744d55f5c25f04519207a492b0a9a89e4cc109b5db72beb97f40b5a23370b2baec88f78ac536991f148f7b4c2483174fd9d53ac974fbbfdd20e65ada8690f1de82b6c5ad0117009788e095c71c1f65e6c95602f25b49c17dd60ac39c807f640dbaef837ec67c372f7ae67c0171bf9415c9a31746f6319cd4aa", @generic="369579c1624825ceaffe6965f3e5427c0da44bfe34d61d24d7e7bc0cde2b590cf07c15be268be03c2e4bf54f9a01f0f47f4110b91bd6eb03482ff28f7af59a279fa2e287dc9a2eae7d6877e295f2905380e462e3492e1ec264d68dbea9ffc3d9f3dc140da8943615a53d53ad74537694fbb86616c6e6b78b04b66586f173113c530773adacaf4853", @typed={0x8, 0x51, 0x0, 0x0, @uid=0xee01}, @generic="f1271417e2aebb1f86b3b150f8522fff907659ea4226f9b5b782c6360648244f4fb7b6d946c47344a71be26cece450f43374c7591c03ddc7c7c86d2d999ac67b", @typed={0x8, 0x7d, 0x0, 0x0, @uid=r3}]}, @generic="d0c4f64430c14b8de82b20e7313fb799ca6033f456ac8a483315fb3662c540275dfd3501c2879cd5d6876269cc2a42203ecd7dfe3b04f5d9c2e8e5dbc81850bd4434bba15d343dac9409d7bd6c7facf255cf99d7a51c0bfc76a51902fe2e0bf4aef986c5f6b3a6074261d6f5a549aa7107d6ba32356429823e730cf3638d43b62c7e618c6f15f853a44d2fdd2bfae47d2c0a3a1791b23ce11916819b41e86d75ed48c53aa57aa4089e030d7127c8fadf64be75c330782142871221d15a1fe74ad3a72325ebad2279a22080d302a19434bee5f13f3b7293487af5dbc7541d5a5c2de9051132036fc337cd71811fdbd1b6093ed23ce69bfa5344735408cb1c3c4be3fa711c52798ea75c2d4f7a98ea9911b0c74a5b37108549dc8d933ff629afd1244836b4fb50e9b695ede51b6ce0d2e48ccb809d12b63d02b3ea654b211a555aab75df40f664ee9a3f5d9141f946b521f438dfd5d876b3901d8b2a4af7a6a33a84f6a305d78ae411e0fd82ecfb1ec73019ff85a31bd6d03eb4492967e0ae43e02ea8ee44f95cea9c369305ff375285c0843794deeb403129f577aa56cd5c29c1324efff1673e7ae9da8586c9d8b3c1d0aa26277dbaba7a679bfd8b71167a64f5f1adc5a7634d386b6bc6ea02fd7185ec45ae0fd3c376190429e2af32ec1437728f4f667241a448c68a74febd90dfd8b318c3d53a2d82fcc0f9be2bac270206f8c5afb0a02b404ccef86a8948b3ae02d79fe36a95957975591a4950c917a9430be372560d720f79111b85a27cd084b802fc1566c7dc47bbba6469fde783d43dca9611b741859f14b8feacd4e7fe8542bbed86d68d9fe1972a63ac22a530f7c085e5ea7d0f9623039bbb3d725b89ae406d9bb8eaf9b162d21826db33e5b23c46252d4e00482ab7aca7c517b2f59222ce81aeaba62a49ef36ad851b6ecd178710caf43fd8f21229ecc633cc3417d57a4f7f90cb26a40d733af18ef38885f7e3a770c931ec1d3061c2bcc872f330bbc1ec6bcbacdffb0b8dd076df77b94e904027b26ba73b7ee8bbc9bd5259bfdb2cd091647cc966f7247d8561dc0b0f40a5fe55c5fbddfe7bb5d28a9ac4072f537422e16ab73a73e1184c83d4e0193be3689af8d57fc3095643b8f317799b1c526aacde01f1d4b2917f0658f406f64cf6992be1e6ec022698cb4c0bf387d6ea1cc2548a4708694d9ddd7ff3592b53b5a0033ad125b65fa229072e88f357b327bb90c908714d2f45b5201b6de0294e7d6885397f65b5d16ce5499a1868060cf6a0c58520d2f0adec13fe68ba5f912b62d310e77d7af78eec9c8f3789750a165d6813cda90402d414b168c6b909515e162bbe78b5d37534d0fe2ff2841bee11df84a3bf14c1704fd407f401a07705f1dad3dffea21a13baf0d958f629070ae477f1a11501ace9ff8527be19e5bf35fdaf8c385692c3b37cbbce369e6760e763d5e8f367ce00ec225bb9362f3926984f7846ced818d2177de2d62f51b8ee9bcb1c3854ee873e848e97cccc5dbc1df929cd0866a11e6d505747f436c7cce26905b4dcd672def9aac13d541ac70d04b2b382121ec84d50f7b90978de2a4eebc4b59b684e0511710921f438a27c87a33ca77c3f65d3d5ece4a43db8c49a2c8865cbcb4ded3e3b7c7a1c99492c05547dd103f37a74034fb7e3a8ef71b31320b80b6512605953a36a00cd1c8c7d2662ed212dbb8d5fd4538eee80e4abd56b627446c3b9a0dafee6508c5f2e8260020aabf622f792c0e9e541107097ffbfa0a8668eb7e76cf6ad8050c6bae439c88ea4ae2378b28f79b1dff6ebc2f29850abe0198b6914850787d5228fda21c942718ff5536fe8cdcc9bd79731d8408c1bf8ec01998b803308ba44e47ef778ee6300c79866541aac797ca0f2e5bf0d7f88961a0e76b804fad9f7069b37b74f6c71bc29a9ed79455ada2c37d9d7a93df326a562d10be207f7350032048a6a9a22c561ff2e05ff98040346db9134137738f09694013e59fae7eb43d4c6c09636bdbf1c8e337fb1c26578ce24277fa1b4649637f8dc53bc20b5cfff4b57203145ccf1a66c4c0cc105169b2a7959caa3f623bb061ab9a149e84b576746a0be343504c6424c8bc3c32c3fd95a649b21f845781c796a10b8edc2bd17e0bbd5effc84956779003a91f18bf854742877deb35774715204aec580e0c65c22b5e2ca00745a5f0ab43177a295d2febc5b4a575fd850bbc68c7e0733f38c8ce05c47e606e0358dbc70f1f3735f5f31aad5589e6fd0d1e48d07d17ddd46bbc27a2889f26be6cc996e55500b26453c506bbbb918f386850ad91c100dc26139c1a82c24fc326273235fccfa218329d5d04dd34a816c41c9737e509afa2138edf28a855f20cbe04495adb38d2a0c6260890ab1251d088a6c848cfef738338e98d757c7cfe9bcf5cf2ca33baa90d6cf3f7e1c4f421129aa23f73f923001a829541cad9b837bbfdb999f43aa56611e884e1e2c532a45fcedf99ff3cbb1578f11197d15d6deb8bb41727d71f73c14ab6837c066979f7dde6e37a888320c9fa452e44bf7de2944fa3fd49ad34026dc800e409bafb1a462aeab49c6c17ffbf430426fd1e40ce7aa85e23953c67283a0fec5b37572226db87d059fd63622fea9dbe0550db2fb9b1283a8995f883c2a4a2f6cbf6da271134ce40337787987e1b920ab4dc4268e4a9439bcc8f79acf6f7ff5902ed498405efc3dbf7e6c0f616585a1b7319015315141f95aa5c93b16b6ee14ceb269927d6a1e2d4b68dab0bc29462f073b588fa6e9dc6c74fc28ae35ec717e8d68c50f319e7827af1b758e75478d97ce043fb120daadab4c6f85f66e983099ac2c9bf73ed096f2f7cc2f3444e8b05b057491f3f214c17bb9ac162d274a6219f48ae7a23d55806c1fd7aa764e4af9346137360bbeb7d0c3ab5fde15d43ecda5baed0fc551a9cc3b1dfadbb48de26fc5cb65a7e15070d998b3718b124d43bf20701cc935802edff0fefeb3bdd72b7163bbdc943147116a3d136c19d670b4f034d434ca3629d94e69f719eb643701ab2bf5c9e123843b14c03f63422cabfe834ef2a9091f71e5aa6c8a788f8319d6a273811c0e31e02764dc724d3add0055d8e401e9dc656dd0c012ca3f33d10d939434d0912d921c6fd505fae5d63000c84f8c6c58a61349bedc63f27fd644be42afd3b74f11f1332dd1db9ad27b418896cbb66c9e5112fba147ef75bfeed59069b969879eb720565e9c76378c79e3c26ff512bc8e7e4318101c4ce73e3914255f7ef0b2cce1af712612753c4c7be621de21c873df53864ecfe17be7a29e7146d5e6f6fad69aab48cc68a8d4bd3d850bee00f713ea92fb0c956cc791536557c3a4d2d13aed32a01438e921627c70aafaebd6d99a7c422bd1c5f0d874bcf54be310584219202ba85f6ed48e3e92ed2c8b1482b96b917993c8e7eabf090524c1289f2fc6bec48d16061b6b8ca6dd3f0107b9d46726f78e319e99a5697c48845cdcaa31b93a0f9bd700805369ab2ac86ffb57c301f43e339ea66954d93d725f5e12b9e8fbda307e355dddf8992be91aa5b43d383f018ce8524f2f6a905907e1dda70e3882e8fcb483643d9ba2943ffb058b7f7e881cf131348a758ce8df113d350d099efc4d141e252cf57d914910ec6e0197de0c5977db124dea4dc291b2daf02dae75efcdb3917361fc7b2eeb6c980d09776e932395cdd97bdebf5f7404f1826ebc4a066ba5dd8410ce102673a8818ca126bec75c21906ff694a509f90df2bff5f31f3810d18701e3a2889b3753d1c98ab0b6133028e57c522ca9f2881a477a0efad94e1e1372ca04a17f9e3195187104e8c09fe387fa0d45e60b698a599a162c791d9044ba29d64209d6b8d6951ff411ccdf05ed0446c5b14fea4b82978f0071a683b9cad661b8daba2a933c7f9f0a5c9508dba4e350ef1a074a8212ba6d337b57b0ba5c10bdc879b30cddde93e4e23280f33a6cc4612153255065e1c710089820b44e1949834ea45f7b87ceb6423dfd5d950b54f42867e4095870101f55aab1b06a955b6b690e401fc5e8940cf46387f865e28e1ec58d15a8ebf1eed9412876c3e1f632dbb524381855f6ecede7b4f163ce0795eae8f6952c1af865acbca6ec201770933dd002960809e25574f3149d16bc93186458d6d1c51d6f3dd6c4189e70a7b0e9cbd42d49bad47eb0c69f53690ef2ed38b00e7f60716911f196ecdc16d7b9fa8d15280e462f086ee5fb0495010352b80c87e6fa9c32e14b75cbe003056a0ef82518ada53386dd29dd6fc31a14f45fef4a44692a9fc47a33996041c8aa8b5cc69f32fa560b8593f05f51bc75ed50bfd7b2ea415c621e1d882662f0c08c63392e4a079c62a2a78efb90aa370b605b21a88d4ce729b7f939b8fa2d1454f7e5586f3bd2298544dca3835a2ac40ae8eaef6b2143bdb83eabb01ff076ea9b71bf7b4dde42a22acab04a7f30e9decda7f44bfde76310409ac50034082923f4bd905f1c1cb31015eb12be6309511bbe3eca2c71e86f501eece4ca9b94306521c313068946a9d8b9d24cf308dcd6e4ce8f0d04ca45b7a44f0c081a4982a2480e0fb3155e9216351e4d7197dcb972228e02d49e151c1d841ea3eb38017cd8baf989203c63899488c99c24cd199e46946ab3bc7d3e210a9500d2dd78664324ead115ee427e03bc0e6dcc1f63abc9b1d245b06b2b3f4e9a403f3d17ef1e4afa67e9ee0ae10391dbc1846539d7f31e4557018c6b69263390cd4eb28cf210931faaa9b2e314eb7eef04c1e4e18d7538993870ea00c1fd538bc2448d8f5eb53ec75d406199a54b7cdf0c366c4b888eb3d5591d1b64fae7124064f54f1b152c4740f177ed5c4365466ab2b59f154dceeb4a672051529bb410441bf41e4483ce835efccd6ea86088dc517e913eb2cc5fa78993ec1928f594a80b36ed62bd3de1e11dfe5a91700336a6fbdcdd6861fe073769563a71ddbbaa497b0ccb4b6769fc8976190faf1a453253ed1f1b27adcd8e766fec571045b354c8e26a5a8eb9940bf0635e32db5a6c6709f538dfbaa65b282ce37853e007db7b2f123c6ede35305542b68de91c6a66b85576a8866e4685d4194e8f69ec41c2ed8a78d55db647844cbffe485c6c9b648e3fe13600d48fb5d080563abe9d12d35e30e819a4865e1526d67961e3fc46c7612f4de2cdca207fbe07fa3d4b9120705736bd3b6e558ad3aef0a395e580549344efaea3069cdd17a6d67f4c51d30f04d0b22e946aaed9ce47fcff9f5f06a9c2d7863aca5fd0c2c8ddf84768e4b85e1382cc990abc3ceed2bdd6922405ac9575d3d74a36019dac3d6ecac0eba64fdd6dea9ab63b76a2699606315a5e13cbd1f9d75d5990f8de09cb724ea53457d9dc8b2ea1a40b0cfff14862bfdb91af6b16cffafea09b3da681c170e1d432ee40df25b21fae4545e7d5f0ddca75f18707f5666d91653189df7612eac7644590bebb7f83d6d9954c72a74801acd447188a29a54c8113417182846123935369fc18e9da8699d5e108dd4df6f9f56b284facdf90d61b3e56e5c3e909dfd8a9bf124f278615fb708d20e4b93ec9b86fe32c5572240232f841a1a72c7df2f448a52251ea7bc6d5bcfd55928feeaac68028fe35e7fa83c0b7f0784c3b4e07e13570895fc8a71663497f57ef2f7806a55688c97e5da99061d8d07707c47d85922faf406aa67c88143b40851cb2d985aebc37d9039242b4554c6bdb8cef388151997bb06666850a1c784daf3c61d84ed14a73a2003964677f20354abfcc51f0eb53c8abd860ab7706358dfdfbe4", @generic="e02fc45e4316cbaefc8baea6e6dd274720b06264c2a0afe89e307cf149739b60e173f4aa03eed370f6f4bcf94036be71982c585e3d7d6d2eec6dd02b17905187f18645578551e47bd2b49bae397523dc6dbe0856875ac0e857ad341af43f4b966592dc7cb5dfdb8ca4f7fb676a8e581748d8d06d1860ae7a0755f8e92c793cf03da411beb678baa70bbdd2e4485f", @typed={0x7, 0x96, 0x0, 0x0, @str='*[\x00'}, @typed={0x8, 0x87, 0x0, 0x0, @ipv4=@empty}]}, 0x1378}], 0x6}, 0x4000) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:06:19 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x2, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1922.446595] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1922.456810] FAULT_INJECTION: forcing a failure. [ 1922.456810] name failslab, interval 1, probability 0, space 0, times 0 [ 1922.458134] CPU: 0 PID: 10401 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1922.459013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1922.460216] Call Trace: [ 1922.460494] [ 1922.460737] dump_stack_lvl+0x8b/0xb3 [ 1922.461159] should_fail.cold+0x5/0xa [ 1922.461577] ? create_object.isra.0+0x3a/0xa20 [ 1922.462073] should_failslab+0x5/0x10 [ 1922.462486] kmem_cache_alloc+0x5b/0x480 [ 1922.462928] create_object.isra.0+0x3a/0xa20 [ 1922.463407] ? kasan_unpoison+0x23/0x50 [ 1922.463833] kmem_cache_alloc+0x239/0x480 [ 1922.464275] __kernfs_new_node+0xd4/0x8b0 [ 1922.464719] ? kernfs_add_one+0x3c6/0x550 [ 1922.465168] ? kernfs_path_from_node+0x60/0x60 [ 1922.465659] ? lock_is_held_type+0xd7/0x130 [ 1922.465954] blktrace: Concurrent blktraces are not allowed on sg0 [ 1922.466124] ? up_write+0x148/0x460 [ 1922.467848] ? kernfs_activate+0x1c4/0x240 [ 1922.468306] kernfs_new_node+0x93/0x120 [ 1922.468730] __kernfs_create_file+0x51/0x350 [ 1922.469206] sysfs_add_file_mode_ns+0x218/0x430 [ 1922.469710] ? component_del+0x4c0/0x4c0 [ 1922.470139] sysfs_merge_group+0x196/0x310 [ 1922.470593] ? sysfs_update_group+0x30/0x30 [ 1922.471054] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1922.471657] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1922.472246] ? kernfs_put+0x31/0x50 [ 1922.472634] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1922.473223] dpm_sysfs_add+0x241/0x290 [ 1922.473636] device_add+0x9a9/0x1e60 [ 1922.474049] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1922.474625] ? kfree+0x217/0x410 [ 1922.474990] device_create_groups_vargs+0x203/0x280 [ 1922.475525] device_create+0xdc/0x110 [ 1922.475927] ? device_create_groups_vargs+0x280/0x280 [ 1922.476467] ? queue_work_node+0x350/0x350 [ 1922.476913] ? init_timer_key+0xd1/0x110 [ 1922.477339] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1922.477823] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1922.478336] ? init_timer_key+0x81/0x110 [ 1922.478766] mac80211_hwsim_new_radio+0x382/0x4900 [ 1922.479294] ? lock_is_held_type+0xd7/0x130 [ 1922.479777] ? hwsim_virtio_rx_work+0x360/0x360 [ 1922.480258] ? lock_release+0x3b2/0x750 [ 1922.480678] ? __kmalloc+0x25b/0x440 [ 1922.481078] hwsim_new_radio_nl+0x9ab/0x1050 [ 1922.481542] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1922.482094] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1922.482673] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1922.483373] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1922.484067] genl_family_rcv_msg_doit+0x22d/0x330 [ 1922.484565] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1922.485267] ? mutex_lock_io_nested+0x1310/0x1310 [ 1922.485773] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1922.486359] ? cap_capable+0x1eb/0x250 [ 1922.486788] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1922.487389] ? ns_capable+0xd9/0x100 [ 1922.487789] genl_rcv_msg+0x33c/0x5a0 [ 1922.488186] ? genl_get_cmd+0x480/0x480 [ 1922.488611] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1922.489151] ? lock_release+0x750/0x750 [ 1922.489581] ? io_schedule_timeout+0x140/0x140 [ 1922.490079] netlink_rcv_skb+0x14b/0x430 [ 1922.490509] ? genl_get_cmd+0x480/0x480 [ 1922.490943] ? netlink_ack+0xa80/0xa80 [ 1922.491377] ? netlink_deliver_tap+0x1b2/0xc30 [ 1922.491863] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1922.492388] ? is_vmalloc_addr+0x7b/0xb0 [ 1922.492829] genl_rcv+0x24/0x40 [ 1922.493181] netlink_unicast+0x54a/0x800 [ 1922.493608] ? netlink_attachskb+0x880/0x880 [ 1922.494071] ? is_vmalloc_addr+0x7b/0xb0 [ 1922.494507] netlink_sendmsg+0x904/0xe00 [ 1922.494932] ? netlink_unicast+0x800/0x800 [ 1922.495399] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1922.495974] ? netlink_unicast+0x800/0x800 [ 1922.496414] sock_sendmsg+0x150/0x190 [ 1922.496834] ____sys_sendmsg+0x703/0x870 [ 1922.497267] ? kernel_sendmsg+0x50/0x50 [ 1922.497692] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1922.498172] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1922.498731] ? lock_release+0x3b2/0x750 [ 1922.499156] ___sys_sendmsg+0xf3/0x170 [ 1922.499571] ? sendmsg_copy_msghdr+0x160/0x160 [ 1922.500045] ? lock_release+0x3b2/0x750 [ 1922.500458] ? lock_downgrade+0x6d0/0x6d0 [ 1922.500900] ? lock_release+0x3b2/0x750 [ 1922.501314] ? ksys_write+0x20c/0x250 [ 1922.501716] ? lock_downgrade+0x6d0/0x6d0 [ 1922.502167] ? __fget_files+0x287/0x470 [ 1922.502597] ? __fget_light+0xea/0x270 [ 1922.503006] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1922.503596] __sys_sendmsg+0xe5/0x1b0 [ 1922.503993] ? __sys_sendmsg_sock+0x30/0x30 [ 1922.504439] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1922.505029] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1922.505596] do_syscall_64+0x3b/0x90 [ 1922.505996] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1922.506535] RIP: 0033:0x7f406f897b19 [ 1922.506921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1922.508859] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1922.509643] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1922.510375] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1922.511129] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1922.511879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1922.512633] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1922.513389] 03:06:19 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1922.568891] blktrace: Concurrent blktraces are not allowed on sg0 03:06:19 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000080)={'veth0\x00', {0x2, 0x0, @remote}}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)) 03:06:19 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x20}], 0x1}, 0x0) 03:06:34 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000040)) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) syz_open_procfs(0x0, 0x0) 03:06:34 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:34 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:34 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, r0, 0x0) ptrace(0x10, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r1) perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x81, 0x20, 0x5, 0x5, 0x0, 0x3, 0x80044, 0xb, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6ec9, 0xff}, 0x100, 0xcbf, 0x77, 0x7, 0x8000, 0xffffff44, 0x5, 0x0, 0x80}, 0x0, 0xb, r1, 0x3) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105241, 0x0) syncfs(r4) ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f0000000180)={'ip6erspan0\x00'}) sendfile(r0, r2, 0x0, 0x3) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000140)={0xaf, 0x8, 0x2b, 0x3, 0x9}) accept$unix(r5, 0x0, &(0x7f0000000240)) 03:06:34 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x64000000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:06:34 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) 03:06:34 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 54) 03:06:34 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x20}], 0x1}, 0x0) 03:06:34 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1937.551453] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1937.553108] FAULT_INJECTION: forcing a failure. [ 1937.553108] name failslab, interval 1, probability 0, space 0, times 0 [ 1937.554482] CPU: 1 PID: 10453 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1937.555350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1937.556556] Call Trace: [ 1937.556826] [ 1937.557070] dump_stack_lvl+0x8b/0xb3 [ 1937.557487] should_fail.cold+0x5/0xa [ 1937.557893] ? __kernfs_new_node+0xd4/0x8b0 [ 1937.558349] should_failslab+0x5/0x10 [ 1937.558753] kmem_cache_alloc+0x5b/0x480 [ 1937.559187] __kernfs_new_node+0xd4/0x8b0 [ 1937.559646] ? kernfs_add_one+0x3c6/0x550 [ 1937.560091] ? kernfs_path_from_node+0x60/0x60 [ 1937.560588] ? lock_is_held_type+0xd7/0x130 [ 1937.561054] ? up_write+0x148/0x460 [ 1937.561446] ? kernfs_activate+0x1c4/0x240 [ 1937.561926] kernfs_new_node+0x93/0x120 [ 1937.562355] __kernfs_create_file+0x51/0x350 [ 1937.562843] sysfs_add_file_mode_ns+0x218/0x430 [ 1937.563344] ? component_del+0x4c0/0x4c0 [ 1937.563825] sysfs_merge_group+0x196/0x310 [ 1937.564282] ? sysfs_update_group+0x30/0x30 [ 1937.564767] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.565354] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1937.565963] ? kernfs_put+0x31/0x50 [ 1937.566350] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1937.566966] dpm_sysfs_add+0x241/0x290 [ 1937.567385] device_add+0x9a9/0x1e60 [ 1937.567806] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1937.568409] ? kfree+0x217/0x410 [ 1937.568797] device_create_groups_vargs+0x203/0x280 [ 1937.569337] device_create+0xdc/0x110 [ 1937.569772] ? device_create_groups_vargs+0x280/0x280 [ 1937.570326] ? queue_work_node+0x350/0x350 [ 1937.570794] ? init_timer_key+0xd1/0x110 [ 1937.571256] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1937.571774] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1937.572313] ? init_timer_key+0x81/0x110 [ 1937.572764] mac80211_hwsim_new_radio+0x382/0x4900 [ 1937.573299] ? lock_is_held_type+0xd7/0x130 [ 1937.573776] ? hwsim_virtio_rx_work+0x360/0x360 [ 1937.574290] ? lock_release+0x3b2/0x750 [ 1937.574731] ? __kmalloc+0x25b/0x440 [ 1937.575154] hwsim_new_radio_nl+0x9ab/0x1050 [ 1937.575653] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1937.576216] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.576812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1937.577535] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1937.578250] genl_family_rcv_msg_doit+0x22d/0x330 [ 1937.578780] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1937.579520] ? mutex_lock_io_nested+0x1310/0x1310 [ 1937.580047] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.580648] ? cap_capable+0x1eb/0x250 [ 1937.581084] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.581686] ? ns_capable+0xd9/0x100 [ 1937.582100] genl_rcv_msg+0x33c/0x5a0 [ 1937.582529] ? genl_get_cmd+0x480/0x480 [ 1937.582961] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1937.583539] ? lock_release+0x750/0x750 [ 1937.583988] netlink_rcv_skb+0x14b/0x430 [ 1937.584436] ? genl_get_cmd+0x480/0x480 [ 1937.584866] ? netlink_ack+0xa80/0xa80 [ 1937.585295] ? netlink_deliver_tap+0x1b2/0xc30 [ 1937.585807] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1937.586348] ? is_vmalloc_addr+0x7b/0xb0 [ 1937.586781] genl_rcv+0x24/0x40 [ 1937.587148] netlink_unicast+0x54a/0x800 [ 1937.587585] ? netlink_attachskb+0x880/0x880 [ 1937.588066] ? is_vmalloc_addr+0x7b/0xb0 [ 1937.588506] netlink_sendmsg+0x904/0xe00 [ 1937.588948] ? netlink_unicast+0x800/0x800 [ 1937.589399] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.589993] ? netlink_unicast+0x800/0x800 [ 1937.590442] sock_sendmsg+0x150/0x190 [ 1937.590870] ____sys_sendmsg+0x703/0x870 [ 1937.591302] ? kernel_sendmsg+0x50/0x50 [ 1937.591756] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1937.592252] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1937.592828] ? lock_release+0x3b2/0x750 [ 1937.593254] ___sys_sendmsg+0xf3/0x170 [ 1937.593801] ? sendmsg_copy_msghdr+0x160/0x160 [ 1937.594362] ? lock_release+0x3b2/0x750 [ 1937.594931] ? lock_downgrade+0x6d0/0x6d0 [ 1937.595381] ? lock_release+0x3b2/0x750 [ 1937.595944] ? ksys_write+0x20c/0x250 [ 1937.596403] ? lock_downgrade+0x6d0/0x6d0 [ 1937.596945] ? __fget_files+0x287/0x470 [ 1937.597396] ? __fget_light+0xea/0x270 [ 1937.597843] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1937.598540] __sys_sendmsg+0xe5/0x1b0 [ 1937.599067] ? __sys_sendmsg_sock+0x30/0x30 [ 1937.599677] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.600267] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1937.600929] do_syscall_64+0x3b/0x90 [ 1937.601500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1937.602182] RIP: 0033:0x7f406f897b19 [ 1937.602582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1937.604838] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1937.605633] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1937.606397] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1937.607154] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1937.607925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1937.608691] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1937.609483] 03:06:34 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x4, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:34 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = syz_open_procfs(0x0, 0x0) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@empty}, &(0x7f0000000080)=0x14) 03:06:34 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[], 0x20}], 0x1}, 0x0) 03:06:34 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:34 executing program 0: syncfs(0xffffffffffffffff) r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0x1) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) r5 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0) r6 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000001780)={{r6}, r4, 0x0, @inherit={0x68, &(0x7f0000001500)=ANY=[@ANYBLOB="01000000000000000400000000000000800000000000000000000000000000000f0bd5a14e91fcde3765b81d61360bbdde525b8c000000000000030000f706000000000000004000000000000000090e000000000000c34e1893c6385300000000a234de98abf3914c64e7eae74f7c4b7520a8bb00725646c000000000000000000000000000a882e261a45dc341e679cfe76c3f9104baa13266c1ce8e03e060d869cbfe3808484c5ba61a80bc3188ad53d890d7c3283fcd6da056b5e8ed36fddbf1b1a80e32e9cd9871bd96326965ec46ea9e86449e0fa99abb9b293b8ab0942b4737ebea83e407089fb8b3d4cb88097cf131009dd949f8304d3e002b14bd76517904cf781dbf05e0ecbcaf43267c1a96f957713c7b000000"]}, @name="2bc90a2932e7ba1173b6aae7638c8ef377a798514970051b6abaa351aac185788068cf00ff621f6e1a7ee3aeec2cbd47f0a4774e53f4821c5ad0596e3d2fee68894d2939335a175540a9c59d7227e50d25b23b78dab1908d4fd00a628fe4cfe00caf40e46c935212d3a5cdd6cad38545be967c089076b9cb3796d3be78a1bc8a29f555176a2a85315fd0e7519d92055167dd73535a00f886b61fcced6ad641539ea0dc00dac18fbdb0b4727a19c6299f7d6bb405868f9034828522e7a7bb7c7d4d42526c61ca41a09f3c606ae6f2c4080d5badf4cf133ce83df8e57c28c4554b6fc9f55ca8afa1631d5fe2fe38d5fde8f9a6fdd0d5819a8e633f39c9bc12dc5df9ab450e35e68b6b04a9d9b88fd05c3e5965bed9f381f508b9a82b679a501566fa3f01edf92e1d775ddc288a2ea78c4daafff778167e7ecb1f18ffdb138b130cec8695391822ee99c6781628ccedd2b44d82face60231679117a717a1c95bd9a18a51fdfe2de29a5b90578f42844114750b8d4b597647ce32a52c4d07e62ba95a1a7f4403a748520bd8f9dc2876503b3ad18cfda87f01563c06e224773ac9a21e9bb30f0caac4a4b459266d2eee8026bca59617f214292c04f9a22fb53ed0131b17e5244b484ebebcfd5ade18f62bf6cb9fa847f173f502776ccae5f9b946ad8a3e471f4e248de9a15ae84628bba1a5db4e4037945d23437199346a6d7df715cd862a4a3ae1a583137ebd990f90682c540cf45b91bf7cff42570bd4b26f939809620ef89bb2ef1c03f0037513cb1e239aa092753831f7e7123af5410094728040d71de66a925e9178a0b28754323da85e511ac61ab4f20d2b96f1f49acc65afd7e57ac2cb61a34892fbb61d406aa883441b0f76950e8fa94605c5722b5adbc91af1fb8d317b7d297610d00b0fc3ca9ab3a19f54735bd90dff016fddbf175cd8d00d75203349f46550d850c956e58bac0d324340aa25a3a9a1b50f4f5b7bec80e1a0a3ecd13735465651c70edced832bfc72d87e3bb6d4f2282a39426824cece8620f12eeaa9c71aff75e1d4cf1a1e6d1b61637ccf4dacf95bae19bee39cd0db8fd91e5de3ad590e4ec8c0e5f6c017feec88c682b323e4fdab659d2804b7683d008923ba7835c986f3185dba43deb0246db4314bf9df7172fb8247d5f1592fc52029f65d00225839bd006ae8ce6072f21aa0b42b4e744b34d56c3d4e5881f80d3312a1fe14837bb257c9327af1a0804b4633c309faeab22ee325b23fb251b108373439ef0976d5f577089e786ca42fa6790a797cf529583f1af61e9143c10489631cf520d6923565758073ecac8c42a1b0ffaa5b3264a1857cf7e00282b2cf3d265f20416e9cbfff3a093441d3ac80518c6eebfd5318f567eb82aecef4f896dd466bb6ec257408d0db120651b8c85ff990132e99adfbfff321e1aa591f88cc2cf8de60701783f25142720b48ad73b38d8125e100620cd95df7f0f87614d6d32306d1bd11caf1d2a1fb0643a62e30ae23cca8c1253e6d3840e3be0e57639a8c4a52b4d38f6087c922cdd3d8709192fefb1360519aba2365c9c2f16ac866c576408844faef0cf4075ea392f53ceeb0ae5c1a276e43bd9172ce0953ade4ea953889ad453c6ebcea06b61ee69ad5fad0755bb8c9b96211015de8207c599f1cdf24608d96f0e41f43bad0dfdd8d62c3716962ea8dd31fe5d8af60fc67750eb9023c1a873bb275bcd5bd44813305206d3b36035835c5c54fee3606050f7b6f9cbf759b5387ec2d78c0427b88cb8dbe92bf935a8ed5b02a37fe81f7e23affb56915a13007153351e3a25140db72ab014e9b34c96f4c1f1a95cb3da41651c166b489f4a52e2502b237a7532fbfbf0fd563a7f2df95ef5fe8c89ff40adc2448abdaecff3454bdd7bbcef58837c6d592cd718207a7abc62192cd1d7124c0e792bc1d627e8ed431ce45480321b49293d761887ec452c95ec7ae12f1e1a2b440bb09f446edaed53de1d679871875e6670df1b3aab9a64dee81264e3e5cf23866cc9c2f2a95a585bf26b994693b1af88b5527ff9fd14f0131b23f585a88903d1d1bd5f4cb8eac859c8bf793518af72a2ee276bf394d724e5a35bd607f04906a4362c7722e436d378214df3c25e3bd1e9387d813bc65eea5dd04e146d10f6d61975cd18fa7490667740696cc6d53f77856279c41bbb7522fb17065b68537de48bb852db40dc85b288f8d7da755ba77ad5a93a50344db81040a1255db3d1f4ea25e8e04de0a75393b5ccb755cc160df1cd27601643ae69f47734785a7bef8aa19712ea2563daf00761c364926cf7eb396cc20403fd0efffa4b5322042116129a59b09fc386b91db34766082afe593dcb8f7f6e93a927aaa5796531043b1d80c23f4be718c4fe50c5b116df1ae17612ad610d75e2f2e15b915e749e0ecfa330e1c5353cbfd65d059840c10cf235fb93c233259fa86a31798c3e3d03989162f845ad803dd0be7c2fac77ac8f29767252376f5196d97f779fc36f0f425d09a1e0439682294b7382ce37596b1143501a1df3aef0a2052f91a33844a83ec6f6bce405efd64d09e7dc64e8de2273d4b63d9b9015debe258ea112080ee44dd6bdd5bbf8728ba305478d02f08f0378b261db8980a301d10b47155041efb76f363dec9430a0c97ef17056aeda48ac52b28090fc42cc4727d3d8af70e4c8526dc04546385156832e4ca24760e14a77779d7953110d8a5607d943b4b37ba846f391293e0600101a3c1d639d6cf683f422205dbf99ed1b6c2200393e780c28cb43b0f1f3c220268cce4b0adbce9ead42c81f40eaed591f3c4ec3ab1c8a9a85baa23b115027d7cee4c4e417451ecd6b5ca49c0918c05eb68c9c777b59e10e948a11730e4596d8a439148883d9d0fab5daa889f1ba5069f9e90222488873e1537c6097ebd91defc56c50efbd1959fc00032274dea52f87f41641419ebf014a8c39f87ac4ff433fc74156e10ac5758a2a5cd81034f9a6a530ef0cdfcba67760c0dd17e5c258b1a3f67019cc80d77cc7815824360c7d631a931a8d99ade678a9f14f08bb05fd7487fa1e2268b05e61f9dda02ce21cedc10dfa90d3629a5a57a18370d42b6e6e3e37f66aa4e78197476848609bc0a83630d42770307fcbcc92e42bfb4f9e0fe8613100059185da2945dad08d5db0a8dd2d2fe32a8fcb5a0ad51af2d046ea355385460abf00d47dc9d0d2018de4a1954e1cb7563c776e0bc2eb98339c60e0b989daffaa9da56075cc1e922474a4f2ea21f2f7e5191b066ade6b2e6f54e8782d219c169e35a8d9804d20b3a35f6f96937e9b51146515ba2137a59739049cb3d6d7eadc0831e700bece6b79f61c626fec1737b3915d1bd658a989e49a6dbae1b1143d3d285a3b806199ddd1cbd22068ffe04b60949976485d2310c170c01f1af3f08353f0e024757611cf57cc6424bef8a18e8966b944b109c26770de2b76eab7d8e533999e951bf09d4be7a5fc223606f7efe138c776ebfdd1d93720b796d9ac3d67d19da662a1d679a7da907eaecf2e0b2b2d7927d96a354b0d0d2c3d4ea3f6e12e83b312773213bbeb20916a6dc03d4660109d1198448830447918f51f0ee09c4f2dd19359db0b78b86e8d55bdbe9f5376f66bcd9ede9eeed9475e682596e6ac421984b46526e2397d1870387329621b7bbc52ecf854f60ae8a66d469a80e7ba566a35d9492c003f0511f4dea0a5cc9736a069a4a862599fdc0003089071b482efdbeca5e69eaf29a43fbe42f6ab9c017e36262a7d8308d47b314e2c6a0c411dcf10cce4883462b62011c49335fec0227877693222c234785b5b90c5dfe8be3ce156cbbc9a4e777f4d91ccb63baae35e7d1623a67e61c168fd0bc4bde2e48eb89be5525294f7c379995b9044eea2561057faeb2b400f874e23992a993ab4cda393254c9c908ac99745ebad581f6a90b8ee29138675118d6a5d6f906696db2e7b7d567b42f91adbd0988dd9b4b5c8451170769d021325a89e5ce46adcf3cca6008476fcfd527807e3c8a9d4bc18cd7313dc26441380bf30b8536fe8b722a87ce862857b53c1751dc6ddea3351e72fcf0372aca7ad4755efebd838ad55be5a2fa796e03e0e041e2f78320174a8fb7a92a779d5f508ac517d1a571393a7ba24cd38171d6bce03fdd129871e90bdc2fd8add6fe475e19fa96c084e591661470cd5abff80a85033e091a0f15278f234cb00f6f072b4e692f3f80163e8fe8798edbf209ba5705e27e0fb9f39c8dee525e1c5da182f7fc89bf11bd33a0a1baf5fe193d96348db0fa0b62156a6f0fe4e5833555c2cf9df914e9a4d310724172442d74276eb88c8a9a265aed851026bb29c9cd31d5db61ef22df6ecb408b945708d6205ace20e1d00a4e99f4f78ed6218ac22d8d12dfd9ed56788c415f1f4e723600faea2968f38bc46937b1cd8e5d955775feeddf8009714974aa6623ff5df5360c8cc1e304340018953cda759658d6a135eada69d02addceca30d08bf90699a3ee127d4c1fd8a5b2e8e8afa33c74b06d01d3f49f56a096422fa08bacff5642b3eaab7e047a5bdbf0e9fe971194238b70613a30b4c682451b38c806da1f55b0964e94defd2dd179b85421c9c40222af53334ee3e57c2d0ede22fb576d188f448f266ff95ebe51307fcfda83be4ff9d51ad1f040c51cc7afdd2d52e7db236b5dd37166f36b2f8b67adfc6199bc3d4db52ce2636c08c0e2f460a64cdace416bf4d972b556e03af08b2e9f06f850f98fd3313e4725ca7ce395d102b38c2e8a3869ccc79c56cf779992f60311f0a019f4d078df1c79dcca916adced3fed88b684b7031a6db6b347442902e731a3fef19a9951ba5d93c95ce46542631f12a8cc4428137b95f311d99ff0055f487d6b2944d8267b2f404fb06110a1b5f46de6a1b7e6dae4d06a1cf70bdcada3fc0e5a403474c5a0dae2a8def520514fd8ac2a9c698f71136ba39ec8b772970e204b36f159e5683f691c7c4c7e5c4ec035d73b0d3c9e51a006d065bc291d3ebb3593c956145b7457d446e7961c6b2b16805f695fa60e45d83cb048cfa1dadde637620cf2b29eaa8370d60a967df486dd8c77d83c15b733f8e47d265fc6d562606040774c2fce42f5d056e9e8278a3a405c4aa902b485d15a6bed5a482deda143182deb3e7f1dfcf22d6f266d60be8c9ad62262e18c390dfd067b3269453b9137dac50daf71be80c04c4382253666f871b2723f8348937f72152bc4ab2cfea3dc5806a17efdceea3108b8c2fbb6f67891a0978cb9ab7ad9116558a9433c3579e967b1fc44471f6cd9d2affa16684551580a200db8457a714262cdf6dcef0db58e2a5e4273731ab55bedc583b9a6863cd7eebc443d9afdd37abcb53c44e23145276fe903bfcda9a03594a62706427b3cef46e2932f98c8362fd5e8c133720d5519bda1e39cdb167f8008f176cb14bd03a5fd117162a348dd4f626df3dc102648b8a75089faeb78ea72ecc9e9435ea4f86db7cd58f690bee4b2ff2f053b18a74a04c40a9aa2d7df67c19b20fa21f80b0b042ae351568c429f63f5988ea1c50eaaee34925fb096b91b61590f3c255da5d1de12990679945b3136273c8e72a065060f7a037bbf6689c1b697ef98a8410df167688690e9e8ba967697c8206c9ebcf98a8240a1718a1459e59b42134aae1912b9d6e07870fb4a29da9095f73e4f7b3c82fbf91198519734cee63c1aeb4"}) r7 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000000040)={"cf17d28182812b7a55267a7aeee3780a", r4, r8, {0x6, 0x400}, {0x1, 0x8}, 0x0, [0x2, 0xfffffffffffffffc, 0x6, 0x3, 0xfffffffffffffffa, 0x10000, 0x9, 0xffffffffffffff6e, 0x8, 0x9, 0x0, 0x7, 0x6, 0x14b, 0x80000000, 0x80000000]}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000001040)={{r0}, r8, 0x14, @inherit={0x48, &(0x7f0000000080)={0x0, 0x0, 0x200000000000000, 0x3, {0x8, 0x4, 0x4, 0x100000001, 0x5}}}, @devid}) [ 1937.730287] blktrace: Concurrent blktraces are not allowed on sg0 [ 1937.739957] blktrace: Concurrent blktraces are not allowed on sg0 03:06:34 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 55) 03:06:34 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x80040000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:06:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = epoll_create(0x9) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000440)) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000100)={0x0, @aes128, 0x0, @desc4}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r3 = syz_open_procfs(0x0, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r3, 0x4008f50a, &(0x7f0000000080)={0x7, 0xfff}) setsockopt$inet_udp_encap(r3, 0x11, 0x64, &(0x7f0000000040)=0x255345764917d817, 0x4) 03:06:35 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[], 0x20}], 0x1}, 0x0) [ 1937.827986] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. 03:06:35 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1937.839335] FAULT_INJECTION: forcing a failure. [ 1937.839335] name failslab, interval 1, probability 0, space 0, times 0 [ 1937.841768] CPU: 1 PID: 10477 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1937.842657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1937.844092] Call Trace: [ 1937.844369] [ 1937.844699] dump_stack_lvl+0x8b/0xb3 [ 1937.845120] should_fail.cold+0x5/0xa [ 1937.845538] ? __kernfs_new_node+0xd4/0x8b0 [ 1937.846088] should_failslab+0x5/0x10 [ 1937.846495] kmem_cache_alloc+0x5b/0x480 [ 1937.847062] __kernfs_new_node+0xd4/0x8b0 [ 1937.847636] ? kernfs_add_one+0x3c6/0x550 [ 1937.848179] ? kernfs_path_from_node+0x60/0x60 [ 1937.848744] ? lock_is_held_type+0xd7/0x130 [ 1937.849296] ? up_write+0x148/0x460 [ 1937.849762] ? kernfs_activate+0x1c4/0x240 [ 1937.850356] kernfs_new_node+0x93/0x120 [ 1937.850907] __kernfs_create_file+0x51/0x350 [ 1937.851499] sysfs_add_file_mode_ns+0x218/0x430 [ 1937.852091] ? component_del+0x4c0/0x4c0 [ 1937.852602] sysfs_merge_group+0x196/0x310 [ 1937.853119] ? sysfs_update_group+0x30/0x30 [ 1937.853718] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.854352] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1937.854954] ? kernfs_put+0x31/0x50 [ 1937.855349] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1937.855982] dpm_sysfs_add+0x241/0x290 [ 1937.856523] device_add+0x9a9/0x1e60 [ 1937.856987] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1937.857678] ? kfree+0x217/0x410 [ 1937.858090] device_create_groups_vargs+0x203/0x280 [ 1937.858748] device_create+0xdc/0x110 [ 1937.859261] ? device_create_groups_vargs+0x280/0x280 [ 1937.859846] ? queue_work_node+0x350/0x350 [ 1937.860393] ? init_timer_key+0xd1/0x110 [ 1937.860950] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1937.861476] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1937.862112] ? init_timer_key+0x81/0x110 [ 1937.862652] mac80211_hwsim_new_radio+0x382/0x4900 [ 1937.863317] ? lock_is_held_type+0xd7/0x130 [ 1937.863935] ? hwsim_virtio_rx_work+0x360/0x360 [ 1937.864448] ? lock_release+0x3b2/0x750 [ 1937.864865] ? __kmalloc+0x25b/0x440 [ 1937.865280] hwsim_new_radio_nl+0x9ab/0x1050 [ 1937.865747] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1937.866309] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.866891] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1937.867635] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1937.868321] genl_family_rcv_msg_doit+0x22d/0x330 [ 1937.868851] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1937.869560] ? mutex_lock_io_nested+0x1310/0x1310 [ 1937.870092] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.870695] ? cap_capable+0x1eb/0x250 [ 1937.871127] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.871739] ? ns_capable+0xd9/0x100 [ 1937.872158] genl_rcv_msg+0x33c/0x5a0 [ 1937.872577] ? genl_get_cmd+0x480/0x480 [ 1937.873008] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1937.873573] ? lock_release+0x750/0x750 [ 1937.874023] netlink_rcv_skb+0x14b/0x430 [ 1937.874464] ? genl_get_cmd+0x480/0x480 [ 1937.874898] ? netlink_ack+0xa80/0xa80 [ 1937.875329] ? netlink_deliver_tap+0x1b2/0xc30 [ 1937.875850] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1937.876406] ? is_vmalloc_addr+0x7b/0xb0 [ 1937.876857] genl_rcv+0x24/0x40 [ 1937.877220] netlink_unicast+0x54a/0x800 [ 1937.877656] ? netlink_attachskb+0x880/0x880 [ 1937.878132] ? is_vmalloc_addr+0x7b/0xb0 [ 1937.878584] netlink_sendmsg+0x904/0xe00 [ 1937.879031] ? netlink_unicast+0x800/0x800 [ 1937.879507] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.880116] ? netlink_unicast+0x800/0x800 [ 1937.880574] sock_sendmsg+0x150/0x190 [ 1937.880996] ____sys_sendmsg+0x703/0x870 [ 1937.881446] ? kernel_sendmsg+0x50/0x50 [ 1937.881878] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1937.882374] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1937.882946] ? lock_release+0x3b2/0x750 [ 1937.883389] ___sys_sendmsg+0xf3/0x170 [ 1937.883825] ? sendmsg_copy_msghdr+0x160/0x160 [ 1937.884312] ? lock_release+0x3b2/0x750 [ 1937.884751] ? lock_downgrade+0x6d0/0x6d0 [ 1937.885216] ? lock_release+0x3b2/0x750 [ 1937.885651] ? ksys_write+0x20c/0x250 [ 1937.886060] ? lock_downgrade+0x6d0/0x6d0 [ 1937.886510] ? __fget_files+0x287/0x470 [ 1937.886946] ? __fget_light+0xea/0x270 [ 1937.887379] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1937.887995] __sys_sendmsg+0xe5/0x1b0 [ 1937.888399] ? __sys_sendmsg_sock+0x30/0x30 [ 1937.888859] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1937.889466] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1937.890023] do_syscall_64+0x3b/0x90 [ 1937.890426] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1937.891000] RIP: 0033:0x7f406f897b19 [ 1937.891392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1937.893349] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1937.894164] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1937.894923] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1937.895700] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1937.896461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1937.897226] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1937.898001] [ 1937.945611] blktrace: Concurrent blktraces are not allowed on sg0 03:06:53 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x8, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:53 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000000c0)) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x448c2, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)=0x10) link(&(0x7f0000000980)='./file1\x00', &(0x7f00000009c0)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x18c02, 0x0) 03:06:53 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[], 0x20}], 0x1}, 0x0) 03:06:53 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x8001, 0x108) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'veth1_to_bond\x00'}) syz_open_procfs(0x0, 0x0) 03:06:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x8cffffff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:06:53 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 56) 03:06:53 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000063a70eef000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1956.061331] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1956.069441] FAULT_INJECTION: forcing a failure. [ 1956.069441] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.071869] CPU: 0 PID: 10500 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1956.073546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1956.075859] Call Trace: [ 1956.076375] [ 1956.076840] dump_stack_lvl+0x8b/0xb3 [ 1956.077652] should_fail.cold+0x5/0xa [ 1956.078458] ? __kernfs_new_node+0xd4/0x8b0 [ 1956.079385] should_failslab+0x5/0x10 [ 1956.080188] kmem_cache_alloc+0x5b/0x480 [ 1956.081022] __kernfs_new_node+0xd4/0x8b0 [ 1956.081862] ? kernfs_add_one+0x3c6/0x550 [ 1956.082702] ? kernfs_path_from_node+0x60/0x60 [ 1956.083626] ? lock_is_held_type+0xd7/0x130 [ 1956.084502] ? up_write+0x148/0x460 [ 1956.085224] ? kernfs_activate+0x1c4/0x240 [ 1956.086089] kernfs_new_node+0x93/0x120 [ 1956.086897] __kernfs_create_file+0x51/0x350 [ 1956.087783] sysfs_add_file_mode_ns+0x218/0x430 [ 1956.088712] ? component_del+0x4c0/0x4c0 [ 1956.089538] sysfs_merge_group+0x196/0x310 [ 1956.090381] ? sysfs_update_group+0x30/0x30 [ 1956.091241] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.092358] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1956.093457] ? kernfs_put+0x31/0x50 [ 1956.094187] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1956.095293] dpm_sysfs_add+0x241/0x290 [ 1956.096089] device_add+0x9a9/0x1e60 [ 1956.096843] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1956.097928] ? kfree+0x217/0x410 [ 1956.098626] device_create_groups_vargs+0x203/0x280 [ 1956.099624] device_create+0xdc/0x110 [ 1956.100397] ? device_create_groups_vargs+0x280/0x280 [ 1956.101415] ? queue_work_node+0x350/0x350 [ 1956.102268] ? init_timer_key+0xd1/0x110 [ 1956.103095] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1956.104012] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1956.104973] ? init_timer_key+0x81/0x110 [ 1956.105789] mac80211_hwsim_new_radio+0x382/0x4900 [ 1956.106767] ? lock_is_held_type+0xd7/0x130 [ 1956.107636] ? hwsim_virtio_rx_work+0x360/0x360 [ 1956.108575] ? lock_release+0x3b2/0x750 [ 1956.109366] ? __kmalloc+0x25b/0x440 [ 1956.110123] hwsim_new_radio_nl+0x9ab/0x1050 [ 1956.111000] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1956.112046] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.113141] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1956.114444] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1956.115738] genl_family_rcv_msg_doit+0x22d/0x330 [ 1956.116717] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1956.118015] ? mutex_lock_io_nested+0x1310/0x1310 [ 1956.118976] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.120077] ? cap_capable+0x1eb/0x250 [ 1956.120875] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.121968] ? ns_capable+0xd9/0x100 [ 1956.122725] genl_rcv_msg+0x33c/0x5a0 [ 1956.123502] ? genl_get_cmd+0x480/0x480 [ 1956.124346] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1956.125387] ? lock_release+0x750/0x750 [ 1956.126190] netlink_rcv_skb+0x14b/0x430 [ 1956.126995] ? genl_get_cmd+0x480/0x480 [ 1956.127812] ? netlink_ack+0xa80/0xa80 [ 1956.128634] ? netlink_deliver_tap+0x1b2/0xc30 [ 1956.129715] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1956.130890] ? is_vmalloc_addr+0x7b/0xb0 [ 1956.131864] genl_rcv+0x24/0x40 [ 1956.132634] netlink_unicast+0x54a/0x800 [ 1956.133592] ? netlink_attachskb+0x880/0x880 [ 1956.134615] ? is_vmalloc_addr+0x7b/0xb0 [ 1956.135587] netlink_sendmsg+0x904/0xe00 [ 1956.136545] ? netlink_unicast+0x800/0x800 [ 1956.137389] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.138485] ? netlink_unicast+0x800/0x800 [ 1956.139321] sock_sendmsg+0x150/0x190 [ 1956.140097] ____sys_sendmsg+0x703/0x870 [ 1956.140911] ? kernel_sendmsg+0x50/0x50 [ 1956.141700] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1956.142599] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1956.143642] ? lock_release+0x3b2/0x750 [ 1956.144452] ___sys_sendmsg+0xf3/0x170 [ 1956.145220] ? sendmsg_copy_msghdr+0x160/0x160 [ 1956.146119] ? lock_release+0x3b2/0x750 [ 1956.146911] ? lock_downgrade+0x6d0/0x6d0 [ 1956.147737] ? lock_release+0x3b2/0x750 [ 1956.148588] ? ksys_write+0x20c/0x250 [ 1956.149345] ? lock_downgrade+0x6d0/0x6d0 [ 1956.150176] ? __fget_files+0x287/0x470 [ 1956.150987] ? __fget_light+0xea/0x270 [ 1956.151778] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1956.152876] __sys_sendmsg+0xe5/0x1b0 [ 1956.153626] ? __sys_sendmsg_sock+0x30/0x30 [ 1956.154469] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.155582] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1956.156612] do_syscall_64+0x3b/0x90 [ 1956.157358] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1956.158370] RIP: 0033:0x7f406f897b19 [ 1956.159098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1956.162713] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1956.164209] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1956.165604] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1956.166997] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1956.168425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1956.169822] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1956.171246] 03:06:53 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB], 0x20}], 0x1}, 0x0) [ 1956.286408] blktrace: Concurrent blktraces are not allowed on sg0 03:06:53 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0xf, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xeffdffff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:06:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 57) 03:06:53 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) r1 = getpgid(0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x2, 0x3c514, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x0, 0x1, 0x0, 0x2}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xa283, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) r4 = syz_open_dev$usbmon(&(0x7f00000015c0), 0x7, 0x4000) r5 = epoll_create(0x9) r6 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r6, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000440)) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r4, &(0x7f0000001600)={r5, r0, 0x5}) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r2, 0x0, 0x3) r7 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'veth1\x00'}) accept$unix(r7, 0x0, &(0x7f0000000240)) 03:06:53 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB], 0x20}], 0x1}, 0x0) [ 1956.474328] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1956.480711] FAULT_INJECTION: forcing a failure. [ 1956.480711] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.483264] CPU: 0 PID: 10533 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1956.485066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1956.487385] Call Trace: [ 1956.487923] [ 1956.488374] dump_stack_lvl+0x8b/0xb3 [ 1956.489141] should_fail.cold+0x5/0xa [ 1956.489904] ? __kernfs_new_node+0xd4/0x8b0 [ 1956.490770] should_failslab+0x5/0x10 [ 1956.491532] kmem_cache_alloc+0x5b/0x480 [ 1956.492364] __kernfs_new_node+0xd4/0x8b0 [ 1956.493202] ? kernfs_add_one+0x3c6/0x550 [ 1956.494033] ? kernfs_path_from_node+0x60/0x60 [ 1956.494961] ? lock_is_held_type+0xd7/0x130 [ 1956.495848] ? up_write+0x148/0x460 [ 1956.496573] ? kernfs_activate+0x1c4/0x240 [ 1956.497430] kernfs_new_node+0x93/0x120 [ 1956.498243] __kernfs_create_file+0x51/0x350 [ 1956.499125] sysfs_add_file_mode_ns+0x218/0x430 [ 1956.500061] ? component_del+0x4c0/0x4c0 [ 1956.500879] sysfs_merge_group+0x196/0x310 [ 1956.501734] ? sysfs_update_group+0x30/0x30 [ 1956.502598] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.503979] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1956.505091] ? kernfs_put+0x31/0x50 [ 1956.505838] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1956.506948] dpm_sysfs_add+0x241/0x290 [ 1956.507736] device_add+0x9a9/0x1e60 [ 1956.508495] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1956.509587] ? kfree+0x217/0x410 [ 1956.510281] device_create_groups_vargs+0x203/0x280 [ 1956.511275] device_create+0xdc/0x110 [ 1956.512047] ? device_create_groups_vargs+0x280/0x280 [ 1956.513067] ? queue_work_node+0x350/0x350 [ 1956.513921] ? init_timer_key+0xd1/0x110 [ 1956.514741] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1956.515649] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1956.516631] ? init_timer_key+0x81/0x110 [ 1956.517448] mac80211_hwsim_new_radio+0x382/0x4900 [ 1956.518432] ? lock_is_held_type+0xd7/0x130 [ 1956.519320] ? hwsim_virtio_rx_work+0x360/0x360 [ 1956.520260] ? lock_release+0x3b2/0x750 [ 1956.521051] ? __kmalloc+0x25b/0x440 [ 1956.521808] hwsim_new_radio_nl+0x9ab/0x1050 [ 1956.522711] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1956.523776] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.524881] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1956.526178] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1956.527484] genl_family_rcv_msg_doit+0x22d/0x330 [ 1956.528457] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1956.529765] ? mutex_lock_io_nested+0x1310/0x1310 [ 1956.530728] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.531851] ? cap_capable+0x1eb/0x250 [ 1956.532655] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.533749] ? ns_capable+0xd9/0x100 [ 1956.534510] genl_rcv_msg+0x33c/0x5a0 [ 1956.535271] ? genl_get_cmd+0x480/0x480 [ 1956.536071] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1956.537102] ? lock_release+0x750/0x750 [ 1956.537911] netlink_rcv_skb+0x14b/0x430 [ 1956.538716] ? genl_get_cmd+0x480/0x480 [ 1956.539510] ? netlink_ack+0xa80/0xa80 [ 1956.540301] ? netlink_deliver_tap+0x1b2/0xc30 [ 1956.541216] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1956.542210] ? is_vmalloc_addr+0x7b/0xb0 [ 1956.543030] genl_rcv+0x24/0x40 [ 1956.543685] netlink_unicast+0x54a/0x800 [ 1956.544511] ? netlink_attachskb+0x880/0x880 [ 1956.545387] ? is_vmalloc_addr+0x7b/0xb0 [ 1956.546210] netlink_sendmsg+0x904/0xe00 [ 1956.547024] ? netlink_unicast+0x800/0x800 [ 1956.547895] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.549002] ? netlink_unicast+0x800/0x800 [ 1956.549842] sock_sendmsg+0x150/0x190 [ 1956.550616] ____sys_sendmsg+0x703/0x870 [ 1956.551429] ? kernel_sendmsg+0x50/0x50 [ 1956.552234] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1956.553134] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1956.554188] ? lock_release+0x3b2/0x750 [ 1956.554992] ___sys_sendmsg+0xf3/0x170 [ 1956.555781] ? sendmsg_copy_msghdr+0x160/0x160 [ 1956.556691] ? lock_release+0x3b2/0x750 [ 1956.557493] ? lock_downgrade+0x6d0/0x6d0 [ 1956.558323] ? lock_release+0x3b2/0x750 [ 1956.559133] ? ksys_write+0x20c/0x250 [ 1956.559901] ? lock_downgrade+0x6d0/0x6d0 [ 1956.560736] ? __fget_files+0x287/0x470 [ 1956.561550] ? __fget_light+0xea/0x270 [ 1956.562329] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1956.563448] __sys_sendmsg+0xe5/0x1b0 [ 1956.564217] ? __sys_sendmsg_sock+0x30/0x30 [ 1956.565246] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1956.566553] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1956.567582] do_syscall_64+0x3b/0x90 [ 1956.568343] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1956.569360] RIP: 0033:0x7f406f897b19 [ 1956.570090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1956.573697] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1956.575204] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1956.576622] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1956.578210] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1956.579606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1956.581013] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1956.582450] 03:06:53 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg2\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000500)={'erspan0\x00', 0x0, 0x10, 0x40, 0x0, 0x33, {{0x1d, 0x4, 0x1, 0x32, 0x74, 0x66, 0x0, 0x7, 0x29, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@rr={0x7, 0xb, 0x60, [@private=0xa010101, @multicast2]}, @end, @lsrr={0x83, 0xb, 0x4d, [@dev={0xac, 0x14, 0x14, 0xd}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_addr={0x44, 0x44, 0x6a, 0x1, 0x9, [{@multicast1, 0x10000}, {@empty, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7b}, {@private=0xa010100, 0xfff}, {@multicast1, 0x1}, {@private=0xa010100, 0x1}, {@private=0xa010100}, {@multicast2}]}, @ra={0x94, 0x4, 0x1}]}}}}}) getpeername$packet(0xffffffffffffffff, &(0x7f00000006c0)={0x11, 0x0, 0x0}, &(0x7f0000000740)=0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001f00)={'batadv_slave_0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000002300)={'batadv0\x00', 0x0}) sendmmsg$inet(r0, &(0x7f00000023c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000100)="2594a65c966a53ac9edb93c5384214fb8a51e047161ab5cc633039909cbe9270dbd8c86d5fea5dce87cee867c023cdb3a6", 0x31}], 0x1, &(0x7f0000000280)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x80}}, @ip_ttl={{0x14, 0x0, 0x2, 0xfffffffd}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}], 0x68}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000400)="ef35613025f31cae030298f591ec5d8f100eca24c8ec85979b331c04be2ab1b2b739c485b5c779660915e0ecf9257259bb2432aabeb92a07954e2a194f0e9bfac382023d81b1d6a002bcd3a0e9966b1a4e63c7625b526a979b7eb27929d3dbda4c", 0x61}, {&(0x7f0000000480)="4ac53d7c283f51674988f5fa31727a63557713c51034455a7ae1b617e89a6faf347c631ee951b61ff1c397b2dff754c38a5fe031b3a881b7b6bf4f62cd60c962b2158daf2b295bf09186cf3e3c0fc292e14747660197be5ab33c28166caf7b624ff57cc5a9e094e284831ab031545c88001503633c3af06e78f02d7e089553", 0x7f}], 0x2, &(0x7f0000002680)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x66}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @loopback, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @rand_addr=0x64010101, @loopback}}}, @ip_retopts={{0xc0, 0x0, 0x7, {[@generic={0x94, 0x6, "600cdf1e"}, @end, @timestamp_addr={0x44, 0x2c, 0xbc, 0x1, 0x7, [{@multicast2, 0x1f}, {@loopback, 0x40}, {@dev={0xac, 0x14, 0x14, 0x14}, 0x1}, {@rand_addr=0x64010101, 0x7}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0x6}]}, @timestamp_addr={0x44, 0xc, 0xa0, 0x1, 0x9, [{@broadcast, 0x3}]}, @rr={0x7, 0x13, 0x8b, [@multicast2, @loopback, @multicast2, @multicast2]}, @cipso={0x86, 0xa, 0x3, [{0x6, 0x4, "a383"}]}, @end, @ssrr={0x89, 0x7, 0x37, [@private=0xa010101]}, @generic={0x44, 0x9, "885587c1ff5837"}, @cipso={0x86, 0x40, 0x2, [{0x2, 0x12, "f9ed8cf44c11b294fc6bd35184b583ab"}, {0x1, 0xb, "33c23b8b72fbe767a5"}, {0x6, 0x12, "af9d8f3034a502c1167052cf31a14747"}, {0x1, 0xb, "1cdad279e1f198a584"}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xffff7fff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_retopts={{0x58, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x34, 0xa7, 0x3, 0xd, [{@private=0xa010100, 0x3}, {@private=0xa010100, 0x7}, {@remote, 0x3}, {@local, 0x3}, {@broadcast, 0xfffffffa}, {@rand_addr=0x64010101, 0xbe}]}, @timestamp_prespec={0x44, 0x14, 0xe2, 0x3, 0x9, [{@empty, 0xfffffff8}, {@multicast1, 0x7}]}]}}}], 0x1b8}}, {{&(0x7f0000000900)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000001e40)=[{&(0x7f0000000940)="c6462f62690d78c1ee8c896b881e81091b1635bc91403dbb2fa32fbc1eeccac55ef7f9f60d7c9a5186ed", 0x2a}, {&(0x7f0000000980)="613ab0703a2e2adf6a63f42179525fdd0e98d4f068078e8b31a4dd887846d323d9c89d766812088dba53f14881e8be35087291e00f1e62abc5ecd45e8e09abf8b31208ab3104d58bc8675317b32e28dee179faedc5241cfff0", 0x59}, {&(0x7f0000000a00)="d95a99e5b4d9a54b66d30bb99bd24663eb301f953378058967a3ea810162f040539e620963f1213f0340baa29d662b12641ffab1ec", 0x35}, {&(0x7f0000000a40)="fc633bb2b2ac485d6b2445929fd290875a8be4e30e6551ad792dc35682abdcae92b3254d2060060595edbe62aeaeb32011a470804eed0ae15ed675e5358c23721a6b54f745d3f07f7e1898bdae67ab4dd2d8332736ab147c6bb8f0488aa15dbdb23563dac3e4305b4cc84831e690d6cff5fe5f7290a9c7e57192f70817fb7279ca2e5d537848ad56eb285be9ad59fc4d3ce979969debb403d517129d0c041b3b801a5af1855f9640d4eb2b0843b0aa3b754f39349a99c4134abc408ab892c56897d45f76ed08995e0f8fa503581ea5d964e5a6447a294eed435253cda0a6be9da3c2390223e33e2cbfe4ffa1b89c97", 0xef}, {&(0x7f0000000b40)="d4835452d616e508bbbb", 0xa}, {&(0x7f0000000b80)="513cb4e1b4db1cc632002722ed269b821521df9270c99be150efad9c7a4569c9196e9b1c3f21f66ace6b8011f826ccc3f519470438b2f7f613fac430a52ca0836bb006213554d0458038abc52e4389a9ac31a9d20f", 0x55}, {&(0x7f0000000c00)="f62bd2050a15b7e2950cd72fbaee41cc610d8ae514f82c0dcfdd64a3f6bf58e475650289e057285fb5b46751aace9321b9b6da6060c83ddf31381e53fff7767a6fcb7be897b8d720437c9e52870e5ed9408c419f301e151f31703cab9a2f418e396f910917d3090ea1356b5db5cfeb20b1e0e516a1c56803ff97c1b3cad9e22a13b16e6cb39c2c0e0ee0f270d8e857b2c63316752d953e1c26afab4ff455142cbf157d1a0813497da714d1b5997028b1652090006fce4e2d87551240aa1b2e337a61", 0xc2}, {&(0x7f0000000d00)="66218847393ede823bedd0baab88935053eab430ed7954b711685a55ff8b1545712b562b9903c8059aa3374ab15dcd94974ddf86ab6aa8bf9c80e2aa9f335cb18e8779a5106c5b84bb166d2e1a7165a5dca63f3c20f0bb3d2040ef458ed0e067bfd4dba08203b1c356c55d7a632464388e0b49705a24e8a098d8747f8f2cbf96edecb0f99d8d1699d2e7f5f988633896ff6425f21cb0c6883322da45f97d8929d27cd3d267d4176f7f5f9cdb02b8c2efa8a9d8049f94ddee5e96d19244d7ee2d9d37e2cd2df4152c128738163c0c57190d99794af75a890ec39c5a87dd45b38231b0799c400a9dd453ec5500ab41865eb8bd85f2f74d055033343cfc21601bb80293b6c45bb5882eb2b58c4309062c5e220cfaed2ce08259ab8ada130cfe5533f6118757f2277c779b4f94193aff2ccde20821c4356d871c5871ba1c526d191316ec9f1c3b8d1f83db62b3e3d1c220824c109c9b84a2dd24209c675cdbb6ebaa0ea6bfadd73c2fdc338a0f5ac5a0c9063483caf4e8873b64ba4cd8583e93ca90d81277f9767c593d70dd59ad2b555a03209698e1a26f9ce4aa95dd21cb8d6e4e4ee2f931ca4b6bb4caff83e8d0de918156e04bb1360acad6c763d502dd8c981a18085f8c6bf03fab82804f886ca437b66b7c681aeb81f30ca38df7049124a310f12ddcf6e949e2986d9ddde7c97d76d29751e2ead8eca5cc15e126c591b4585967c75fba5d5402d43b53e61ce13702e02105934d860f7f6210dcc93db275bac98b311adbe09db86bb05e500d2a822cea7112383703421bd28cc70fa99754073f175faf3595eb06f7450ad6daad53dce7614373f52f7b373bb20fdd140cd7c686a4d557d6d963241912f05612e56e073f95c3d6ac272cf440458ee00ee5dbe53a318aae63f8b08cd607f2978ab60c2861deb89922641f3bf5bd5287f9e08707e88a993ca84efef358fa17c3f89231334bf48d1e1a2285888cf4b94412b9b04650563180ceb4e8ce219b25de392642c526256178bab15490d784f6ffdfb42c3b25a21b7506a8021bc6f498867f67c9bba374171ff8a7afd215bb48e3d66452a7484f6b234abff05b242cb2bc297d53a4010340cbfe4f3b43616b0de62af3cf65a01704d2c0429b3b91ea49f206490a8fc762057c123669ab7c080be52e53de055d9bebaf7941a0166ebee2c8baeb1eb2c0fd9c51a6829b3b3a2c8106f83bc80cde7b1807cfabb7a9e9f03e53e61b3936e9939ec283b75cbdd0a3ec0463113aa2fe501d1ac9d3a3a49090daa71a0e12a9c843534ee3d07fcde447c20fe9f7cf1f3e4e7ed5d4af83a31758703659bb000a53f82735c04a2c2313f462749fae7ddb41f1b43bf6575162bb17031409b382b67bd320266855ef4c896d747e1ccdf0d39d399c5bef360a9100b4dea32b340e2f5bbb3bfd187544e6c55bd1b9520dd6170a856e48e94312649d143e30b3b5f6d4fd289a1c595589c6238802b49ab5156ebd0963cd37ef8ee7c5e1ba9552cf2b86d01c801ebe4236a8df1fe14d832bed1a80f53efc655c1801181ae5f3afabcab19dae7ed58765e66c2c4fe5a7596e43771a875c56affb8570768e129ee72f3da82ee40e668dde2a1abac5ba7c055cd502c21aad7aa2216fc76e2ef4fa2ee63d25141189541d0bef7531579f843f6f1651c027f289e4ced77713ee1d9cbc3dd4b78182c1740550e6be5527358542308287ae2950fe0e246f4635044b74590eb6bc7105c86162234c92a749f712fae599bde80582831e19e1c5547b04ff3428f552b256d2bfbf0f71004f533cd784b33cf7baf4f8e34b17689ce0dd1eca4c8340210c98a4896b6ecb9f59575851e963fc462b2ea969d04223aa6248663bdbdc7a3c941e821d7e8b80666cbce19a497e0a5128ec9286c7c05dfc9c77a560b54de6918f971436a3152f2dbc61febc580252130008d1c89577c00b98de0c0e24ad13457a5a535ba6ea3fe6db83743d91b695ddc032b7cea8291abc0404b8c0c60fec9d64c896c0b10ccceccf7a14224e0deb9ac1ffc00295be225d341420596f5d21d64f5c79990b7f0911a394f515d78549b3329989911fbcf9d0af947a1ca07c676b1a4debd4b56be140ea2209af8694b0b40d8e1f923405c8dc2281f112210c8e61003c5465549ee7c60c168beef7044834a0312ca66f43b28959bf8a959284bd90efe229b82e783b7c914351be78ca5f8213c0d39ae1bcd087b65d6c62046b1a771a4c5412bec08fac18d7c78308ccb01875317a7253891d811a4a5f0ccf57ae650d64e9abfb0ba623576e31f86d8b64f117fee0fe7ab67acc42fb91b1724ed74f3c9b242b1d1e3ee3939a93a6c43a1cd04fde278a4a34d205c79619c70cbd3d66fa40517611ded1f9dbe5523bebb42a6c92a3c4fc1cc90de506b56dc3ce19be884940d548677c2a4eac19bb7ac8b3d43b5eabb3289590f080a0b532dc45152e779740ff176f4ad7b49669117f79767e2a85c8c88ef525324f6ede1d3895c3b9c5c597e23d9e247afa34c1053081375e4f88f3c539342b15fab52ab3482bcbbbc9b662a531f6550208b08f44ccc5150b6cb940e038dd9ebe7181dcb8abcc2f87d087db2135be2d4e78d1ae7066489d28037d9cd0732ba085e4281dd6fcacfd1e626f47f03982c5896cd55621e3bf0b4f685a054834c364a8870176387d7caeac7089bb874b6c4555d3249b4d7a156e95027ee504f56d41c9a02cfad66e823f76b0efd2fba516cb9a3ec1a8306246160e65528dc618366fdb6e7181460788d245ba04a7da68124bf7ca460471c5c6212cbe901b086ac02887c32db827e027dbf84f96b2065913d577cb0415f3c493daf2eea94e0fa8408a07dbb84e29d78f6513e3f21c88799ac21102c983016b45815e7ac5869978fcc081ae0e541b748ea20eadac018dd0b93d3db98eab3f8acd747fed6340f3c4eef025b19d2aabe5482d8026baa51496a3bfdea8938b8b3e3f7de4955fa76e563b860a71f9c3c09173d7fe293fd1022411136792fbb30bcd00f432be939cee5f7c344ee32c5febb4687d9b3f4a84be77adfee139ca5334b147dc30bf315d5668083dcd0c3190fd51e630e6af4ed3f7c3b5fdede277f47dde3b3257ebe169454f2e334cb58820b500baf47c1bc93b38c223dd9333dca279b393edc35cb8e4a5541e8c1839c6d8b6e3149d706859b5462689fe0b1a5ec15fec1a44ab482dbd3c518ee5da3e611ddcff82d041ed2efac420871284e3c10b8a158bb9d1a686b718a543a8a818b73747d0840309a7bb9ace01f4260f2ec8cacee32762de6d595f292261a9bedd6fc187849ffbec162e6357630fc6a5bc1baeaa245bc75805ee82330abbd60e4d87b0c32101f942aa2c41e50c7ab5803e33fff341c9d226861c040b364f270d1dbcaefb3799bcbee82039cee5b57f3dff72712bb1c974ea547f2bbd9b156b6f621583fe00e0cfacb79b5292159656b69fbaa1f746ef0f33634c1e4623643be116ff4ef029dc5995c733d1a2c714b8a0210ca904740b095dd6211270fc26cb6594a91420f562405e4d184030129a74603dd41353cc52a99fef4e5daab467539f38153430e22b90f49b1a2963531c29239be7928023169136937af512fb8f6280f564071213e7d173d64d601f2af13a73ef1d28fd0df1b1c29ac2c3058e297be93de7f0aaf6bf20b2741f60b93df8d874c3f362861b5f92e995653d0c98ee16a15d0a45853a896eab4a2276fccdcdcdd8d8d1891c09a25f740730c6b9e1cdfb648f934e7382e3d780d288a9d5c4748de19cc8fc39c8ac18aa222814febcd6db30da2a1e5674df4a9aa4f994c1615af41403eda1c13e7ec4640c5e0aa8cd9ba0c7af627a326b1dee3873354e435836cccedcc90b1cf11e0e18286422311ffb639bcd80f85e6df1a648a85bdf891dfa070430e7dec568d192008faa6ea93850678192ced26539fc3859eec2452160b15536172c93126b15837cd5045f78928768dfacbc9c923b1793ad00cfb3b736d923955d98debba600ab2e2cbaf2b53db70a7339c7d30c11ab62191b4f09ea8e8d359647fe46dcc43a6b68e0325cb14722d217d6e1cf6108eca07f18902a5e93ab72f96269945a11f35b1432013a1c3f7575e58f101959a10dac062fa1ffc7ae08dc292d5961329be4c245d932b2cc376d336b505e5080d9c4982fd88580770d827b974b88d543b13c374f88272d9e7d3769429bb3b1c3c237c06e904d441623831cdffbaf56bbfc3d437554784085927f44e98b8bc542b5adddf739613208e69e39620e3eacaa27e1dbfbc8d4187a9e896a6a1ab3e6dfa6377e4a9be23d833f8f06063b33c6185549309ca50d0869859b926b36651dbdefc5aa4ab0a6a7278c4a278aeb56c1109d44756ace1240afde013eb73f71b8d41de65ff9466ceb044fb21847484d1a9f5fba4a516779fabd52e22d6eac7c2e2807552e06830995afce71466dfe6861f2789a2234fa0ea325eef62c675e6a7ca742e26731619220650d79e96403b80d274a52cf47c9f2a78df02af119101d0358f1bb9736643aebefc410e2f65eb3e46bdf6bae2e94169119662324d9a1900e0fcd20e78272ff23fa6b4a10411324d0bb6621abc79f560725e31ee8ac724922d89fd3bd16fdfe4e04fa2061e0b287c48eefce58ff204d5fefdec1cf138d2d95218a717b80f55c9579d5939d6d58bc74245d6b9b8aa9a58b0b1fe057b568b66631354382a4d2f450609f516a6f3541810edbfdddd3aed3d7c723f0e6f50be4b42e02448d1ec5ad9b5eaae6066e9e1d3721a6afe6efa3b5152454b733aa151ab3549c98133913ad9a5a6ea718449a3f8e9a3d8ad2030ae38227363750f32a9bfb9c0a0b472303adc5d9ff118c89003c2522a8ed1093ec54485e1d17ed222cd6c51fd2ad6beb97d2dd361b26c0391856f9c8925d247869c0ec33129628b8d72e15ed5880ebc6bfbf7424c4d81d874236eb1f0228351984ac1b6370e130a0522d7e71c91328da699e1eb52dc0481505d47cbebd62189648afca86722d8bb13e02079d5287fd3184a0c56d725a581b9c6270465ec1c103a722fb12b13ed539210a80365b1dd92cd8edbcae8e3cc05265bf71626e79b8d71c127ae3e0e33af5fafa8437bcb8f51635e1dbbe665c53f534b88edc0fde4055f2dd283ae71450212285fcdd5824f982d1e03955b35abe6fdddb33089dcd35b9461c161ff601134eaab7fc7d5fe8d583aab20a0f725ec13c49ebab99e180751536445ca4db3dc8cbfab810420908e65600d8599711355f3570467625da1cfed364918f2f1848946cb5477f011ec163a882fe70baa45904272139218d877bb4e5d462e5631bf0407bf1bede2d016a5a96aca41229dd594533585f54c9c3985af2cd112c0fdf1fd95833092c6e7a54997dd1349f8e965423ea64236ee70900b6924716b92b919634faacaa713d6746443303cb1d675dc180e95ef1c5e75806e57982df13a0cd77e8329c879711362b8fb5d56a17740341c4ed7cbe88730614b7156395d0ba7f356fe022c9d9184e8a5e36b18857fdcd8581a9de96a95a48f4afa3285ceb58360b102725440d684b1f7107ae967db670607049902cc6d77b3cbc845682792dff5854cd20fe19aede6e9e3ac3d1a2078ae1ac67e932d9b6f2eff78a0c16fcad4e44e07550239a13bded561281feecfed7318d2fac44e1bd8cf0c56e8b0426a7f2f54c2ec21cd52c99ce9eb8939a3be474a77940b817e1861a12fe47ebf5032f41cb7c720a1e7e26762f83f1c5aa474735a059f2af2dd2becb9ecd023ebd", 0x1000}, {&(0x7f0000001d00)="be0cfb187a10c667f5c77552bc3b7d04ae1e763197c974669c5fc8e01e2f8d488d61d216dc", 0x25}, {&(0x7f0000001d40)="81e04f17a0954060158ded07184654734fc2d7659ff089a18ff303ef835cdbfb04453cb529024215d8500c43921038da108e0658ad9a083ba2bfa2b35fcd047822208890e50b7a95f65d75e697a67be204f68d1928795e9aab556b43156382907152f1653240df89534e8885afdb288c1ec49118eb0c8a1bdb03ceece61032dbec72c86b456bb0080db3be51832c38e0f2a79c2f971ee300ea8037e7a8c241a661736f2096139806b33196196db6b7ac0ee4d4fcf03f17213d7274f9c859ea8e0169fe1f448c1465a000ecb8804458437503e88354d95f90c90d0f392f2ff0802e474f01ae780c0b29e52e343a0798411cdb9cd8371f566e442a", 0xfa}], 0xa, &(0x7f0000001f40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @rand_addr=0x64010102, @rand_addr=0x64010101}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_retopts={{0x60, 0x0, 0x7, {[@ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x4c, 0xd3, 0x3, 0x7, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x93ef}, {@multicast2}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x120}, {@multicast2, 0x2}, {@loopback, 0x48d}, {@loopback, 0xfffffff9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, {@multicast2, 0x7}, {@dev={0xac, 0x14, 0x14, 0x33}, 0x8}]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xffff}}], 0xb0}}, {{&(0x7f0000002000)={0x2, 0x4e23, @remote}, 0x10, &(0x7f00000022c0)=[{&(0x7f0000002040)="775851fa5533ad4e8f4471341063ad803e7e62e6caf29ac313f15a805194331c94254b49a7a69ff7caf9cea45ba7d37f4bd9868b75141bf2db594515511053930146998884e66f53b0911df8b9541becbbe1459dd25427556a015858a84b0a66a066e0d56e37141b94fde884e2271696dfdddc081e01712289d86300cbd8b0901b56ab463957a78be515b92c1eeec9f2515f760f0a5073b65346eac092d23624d35ba327e8498ded5842f7c004947f283613dee725b001035c852b8ea2f9f60840a7ebadb244fde4e5ee7f6b311244d11c2c69491f6ce9ba3e0c9461885586a7846edc853cdf8a7802996505", 0xec}, {&(0x7f0000002140)="97a23a41f1ad23b478247ccf3f3841329ab87b4614208030d13299198f1a70a9d9ce7c4fdf137dad0be83b99dc7725c72f11afd1544bfc33794d663fe206006f5ca8b3eadd6293b32a12a5fc9c9142b7055b384c4ef6ba80cbfbe80d0366d43c8c", 0x61}, {&(0x7f00000021c0)="35b71c0553539b1154df62165d931d55b4be6867c05b1d32ef721601c113af4bb4d15f762b3dd1705c7eab800025e046db27638e858729d850b84b1c09d3905993c98e31071baf23c9664d1dba7280a6c610b9c87fc27d2c18f4ccdacf66ef3640002069e35b9d6d08f513584b07f747eb5418f80eebea46e5c00c9f1d2f951c990df6f473441f5c40626499057a29f8fc54249a71980386ec88e6c0ec83360569d7ab341e514c6c62bc2bd2d815c27ed3c22337ac42e009ecd3b18758a61617ea7cc30509c3b0c3138d971886803f361bd8441a2aab47d36b0644ae31c6593687db81eaf38e479aaf3365c8990f", 0xee}], 0x3, &(0x7f0000002340)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @remote, @local}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xda}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x20}}, @ip_ttl={{0x14, 0x0, 0x2, 0x800}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3b}}], 0x80}}], 0x4, 0x24040004) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r6 = syz_open_procfs(0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @remote, @broadcast}}}], 0x20}, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r8, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @remote, @broadcast}}}], 0x20}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r6, 0x89fb, &(0x7f0000002540)={'ip6gre0\x00', &(0x7f00000024c0)={'syztnl2\x00', 0x0, 0x2f, 0x9, 0x81, 0x3f, 0x6, @remote, @private1, 0x40, 0x40, 0x401, 0x2}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f00000025c0)={'wg2\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000002640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002600)={&(0x7f0000002840)={0x134, 0x0, 0x20, 0x70bd25, 0x25dfdbfd, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x134}, 0x1, 0x0, 0x0, 0x40000c0}, 0x8804) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000040)={'ip6_vti0\x00', r7, 0x7cdb406e03dd16f1, 0x7f, 0xfb, 0x40000000, 0xe, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, 0x20, 0x1, 0xfffffffd, 0x10000}}) 03:06:53 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0xf0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:06:53 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xba, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:06:53 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB], 0x20}], 0x1}, 0x0) 03:06:53 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1957.024779] cgroup: fork rejected by pids controller in /syz4 03:07:08 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:08 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0x1) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) r5 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0) r6 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r5, 0x5000943f, &(0x7f0000001780)={{r6}, r4, 0x0, @inherit={0x68, &(0x7f0000001500)=ANY=[@ANYBLOB="01000000000000000400000000000000800000000000000000000000000000000f0bd5a14e91fcde3765b81d61360bbdde525b8c000000000000030000f706000000000000004000000000000000090e000000000000c34e1893c6385300000000a234de98abf3914c64e7eae74f7c4b7520a8bb00725646c000000000000000000000000000a882e261a45dc341e679cfe76c3f9104baa13266c1ce8e03e060d869cbfe43ed474c5ba61a80bc3188ad53d890d7c3283fcd6da056b5e8ed36fddbf1b1a80e32e9cd9871bd96326965ec46ea9e86449e0fa99abb9b293b8ab0942b4737ebea83e407089fb8b3d4cb88097cf131009dd949f8304d3e002b14bd76517904cf781dbf05e0ecbcaf43267c1a96f957713c7b000000"]}, @name="2bc90a2932e7ba1173b6aae7638c8ef377a798514970051b6abaa351aac185788068cf00ff621f6e1a7ee3aeec2cbd47f0a4774e53f4821c5ad0596e3d2fee68894d2939335a175540a9c59d7227e50d25b23b78dab1908d4fd00a628fe4cfe00caf40e46c935212d3a5cdd6cad38545be967c089076b9cb3796d3be78a1bc8a29f555176a2a85315fd0e7519d92055167dd73535a00f886b61fcced6ad641539ea0dc00dac18fbdb0b4727a19c6299f7d6bb405868f9034828522e7a7bb7c7d4d42526c61ca41a09f3c606ae6f2c4080d5badf4cf133ce83df8e57c28c4554b6fc9f55ca8afa1631d5fe2fe38d5fde8f9a6fdd0d5819a8e633f39c9bc12dc5df9ab450e35e68b6b04a9d9b88fd05c3e5965bed9f381f508b9a82b679a501566fa3f01edf92e1d775ddc288a2ea78c4daafff778167e7ecb1f18ffdb138b130cec8695391822ee99c6781628ccedd2b44d82face60231679117a717a1c95bd9a18a51fdfe2de29a5b90578f42844114750b8d4b597647ce32a52c4d07e62ba95a1a7f4403a748520bd8f9dc2876503b3ad18cfda87f01563c06e224773ac9a21e9bb30f0caac4a4b459266d2eee8026bca59617f214292c04f9a22fb53ed0131b17e5244b484ebebcfd5ade18f62bf6cb9fa847f173f502776ccae5f9b946ad8a3e471f4e248de9a15ae84628bba1a5db4e4037945d23437199346a6d7df715cd862a4a3ae1a583137ebd990f90682c540cf45b91bf7cff42570bd4b26f939809620ef89bb2ef1c03f0037513cb1e239aa092753831f7e7123af5410094728040d71de66a925e9178a0b28754323da85e511ac61ab4f20d2b96f1f49acc65afd7e57ac2cb61a34892fbb61d406aa883441b0f76950e8fa94605c5722b5adbc91af1fb8d317b7d297610d00b0fc3ca9ab3a19f54735bd90dff016fddbf175cd8d00d75203349f46550d850c956e58bac0d324340aa25a3a9a1b50f4f5b7bec80e1a0a3ecd13735465651c70edced832bfc72d87e3bb6d4f2282a39426824cece8620f12eeaa9c71aff75e1d4cf1a1e6d1b61637ccf4dacf95bae19bee39cd0db8fd91e5de3ad590e4ec8c0e5f6c017feec88c682b323e4fdab659d2804b7683d008923ba7835c986f3185dba43deb0246db4314bf9df7172fb8247d5f1592fc52029f65d00225839bd006ae8ce6072f21aa0b42b4e744b34d56c3d4e5881f80d3312a1fe14837bb257c9327af1a0804b4633c309faeab22ee325b23fb251b108373439ef0976d5f577089e786ca42fa6790a797cf529583f1af61e9143c10489631cf520d6923565758073ecac8c42a1b0ffaa5b3264a1857cf7e00282b2cf3d265f20416e9cbfff3a093441d3ac80518c6eebfd5318f567eb82aecef4f896dd466bb6ec257408d0db120651b8c85ff990132e99adfbfff321e1aa591f88cc2cf8de60701783f25142720b48ad73b38d8125e100620cd95df7f0f87614d6d32306d1bd11caf1d2a1fb0643a62e30ae23cca8c1253e6d3840e3be0e57639a8c4a52b4d38f6087c922cdd3d8709192fefb1360519aba2365c9c2f16ac866c576408844faef0cf4075ea392f53ceeb0ae5c1a276e43bd9172ce0953ade4ea953889ad453c6ebcea06b61ee69ad5fad0755bb8c9b96211015de8207c599f1cdf24608d96f0e41f43bad0dfdd8d62c3716962ea8dd31fe5d8af60fc67750eb9023c1a873bb275bcd5bd44813305206d3b36035835c5c54fee3606050f7b6f9cbf759b5387ec2d78c0427b88cb8dbe92bf935a8ed5b02a37fe81f7e23affb56915a13007153351e3a25140db72ab014e9b34c96f4c1f1a95cb3da41651c166b489f4a52e2502b237a7532fbfbf0fd563a7f2df95ef5fe8c89ff40adc2448abdaecff3454bdd7bbcef58837c6d592cd718207a7abc62192cd1d7124c0e792bc1d627e8ed431ce45480321b49293d761887ec452c95ec7ae12f1e1a2b440bb09f446edaed53de1d679871875e6670df1b3aab9a64dee81264e3e5cf23866cc9c2f2a95a585bf26b994693b1af88b5527ff9fd14f0131b23f585a88903d1d1bd5f4cb8eac859c8bf793518af72a2ee276bf394d724e5a35bd607f04906a4362c7722e436d378214df3c25e3bd1e9387d813bc65eea5dd04e146d10f6d61975cd18fa7490667740696cc6d53f77856279c41bbb7522fb17065b68537de48bb852db40dc85b288f8d7da755ba77ad5a93a50344db81040a1255db3d1f4ea25e8e04de0a75393b5ccb755cc160df1cd27601643ae69f47734785a7bef8aa19712ea2563daf00761c364926cf7eb396cc20403fd0efffa4b5322042116129a59b09fc386b91db34766082afe593dcb8f7f6e93a927aaa5796531043b1d80c23f4be718c4fe50c5b116df1ae17612ad610d75e2f2e15b915e749e0ecfa330e1c5353cbfd65d059840c10cf235fb93c233259fa86a31798c3e3d03989162f845ad803dd0be7c2fac77ac8f29767252376f5196d97f779fc36f0f425d09a1e0439682294b7382ce37596b1143501a1df3aef0a2052f91a33844a83ec6f6bce405efd64d09e7dc64e8de2273d4b63d9b9015debe258ea112080ee44dd6bdd5bbf8728ba305478d02f08f0378b261db8980a301d10b47155041efb76f363dec9430a0c97ef17056aeda48ac52b28090fc42cc4727d3d8af70e4c8526dc04546385156832e4ca24760e14a77779d7953110d8a5607d943b4b37ba846f391293e0600101a3c1d639d6cf683f422205dbf99ed1b6c2200393e780c28cb43b0f1f3c220268cce4b0adbce9ead42c81f40eaed591f3c4ec3ab1c8a9a85baa23b115027d7cee4c4e417451ecd6b5ca49c0918c05eb68c9c777b59e10e948a11730e4596d8a439148883d9d0fab5daa889f1ba5069f9e90222488873e1537c6097ebd91defc56c50efbd1959fc00032274dea52f87f41641419ebf014a8c39f87ac4ff433fc74156e10ac5758a2a5cd81034f9a6a530ef0cdfcba67760c0dd17e5c258b1a3f67019cc80d77cc7815824360c7d631a931a8d99ade678a9f14f08bb05fd7487fa1e2268b05e61f9dda02ce21cedc10dfa90d3629a5a57a18370d42b6e6e3e37f66aa4e78197476848609bc0a83630d42770307fcbcc92e42bfb4f9e0fe8613100059185da2945dad08d5db0a8dd2d2fe32a8fcb5a0ad51af2d046ea355385460abf00d47dc9d0d2018de4a1954e1cb7563c776e0bc2eb98339c60e0b989daffaa9da56075cc1e922474a4f2ea21f2f7e5191b066ade6b2e6f54e8782d219c169e35a8d9804d20b3a35f6f96937e9b51146515ba2137a59739049cb3d6d7eadc0831e700bece6b79f61c626fec1737b3915d1bd658a989e49a6dbae1b1143d3d285a3b806199ddd1cbd22068ffe04b60949976485d2310c170c01f1af3f08353f0e024757611cf57cc6424bef8a18e8966b944b109c26770de2b76eab7d8e533999e951bf09d4be7a5fc223606f7efe138c776ebfdd1d93720b796d9ac3d67d19da662a1d679a7da907eaecf2e0b2b2d7927d96a354b0d0d2c3d4ea3f6e12e83b312773213bbeb20916a6dc03d4660109d1198448830447918f51f0ee09c4f2dd19359db0b78b86e8d55bdbe9f5376f66bcd9ede9eeed9475e682596e6ac421984b46526e2397d1870387329621b7bbc52ecf854f60ae8a66d469a80e7ba566a35d9492c003f0511f4dea0a5cc9736a069a4a862599fdc0003089071b482efdbeca5e69eaf29a43fbe42f6ab9c017e36262a7d8308d47b314e2c6a0c411dcf10cce4883462b62011c49335fec0227877693222c234785b5b90c5dfe8be3ce156cbbc9a4e777f4d91ccb63baae35e7d1623a67e61c168fd0bc4bde2e48eb89be5525294f7c379995b9044eea2561057faeb2b400f874e23992a993ab4cda393254c9c908ac99745ebad581f6a90b8ee29138675118d6a5d6f906696db2e7b7d567b42f91adbd0988dd9b4b5c8451170769d021325a89e5ce46adcf3cca6008476fcfd527807e3c8a9d4bc18cd7313dc26441380bf30b8536fe8b722a87ce862857b53c1751dc6ddea3351e72fcf0372aca7ad4755efebd838ad55be5a2fa796e03e0e041e2f78320174a8fb7a92a779d5f508ac517d1a571393a7ba24cd38171d6bce03fdd129871e90bdc2fd8add6fe475e19fa96c084e591661470cd5abff80a85033e091a0f15278f234cb00f6f072b4e692f3f80163e8fe8798edbf209ba5705e27e0fb9f39c8dee525e1c5da182f7fc89bf11bd33a0a1baf5fe193d96348db0fa0b62156a6f0fe4e5833555c2cf9df914e9a4d310724172442d74276eb88c8a9a265aed851026bb29c9cd31d5db61ef22df6ecb408b945708d6205ace20e1d00a4e99f4f78ed6218ac22d8d12dfd9ed56788c415f1f4e723600faea2968f38bc46937b1cd8e5d955775feeddf8009714974aa6623ff5df5360c8cc1e304340018953cda759658d6a135eada69d02addceca30d08bf90699a3ee127d4c1fd8a5b2e8e8afa33c74b06d01d3f49f56a096422fa08bacff5642b3eaab7e047a5bdbf0e9fe971194238b70613a30b4c682451b38c806da1f55b0964e94defd2dd179b85421c9c40222af53334ee3e57c2d0ede22fb576d188f448f266ff95ebe51307fcfda83be4ff9d51ad1f040c51cc7afdd2d52e7db236b5dd37166f36b2f8b67adfc6199bc3d4db52ce2636c08c0e2f460a64cdace416bf4d972b556e03af08b2e9f06f850f98fd3313e4725ca7ce395d102b38c2e8a3869ccc79c56cf779992f60311f0a019f4d078df1c79dcca916adced3fed88b684b7031a6db6b347442902e731a3fef19a9951ba5d93c95ce46542631f12a8cc4428137b95f311d99ff0055f487d6b2944d8267b2f404fb06110a1b5f46de6a1b7e6dae4d06a1cf70bdcada3fc0e5a403474c5a0dae2a8def520514fd8ac2a9c698f71136ba39ec8b772970e204b36f159e5683f691c7c4c7e5c4ec035d73b0d3c9e51a006d065bc291d3ebb3593c956145b7457d446e7961c6b2b16805f695fa60e45d83cb048cfa1dadde637620cf2b29eaa8370d60a967df486dd8c77d83c15b733f8e47d265fc6d562606040774c2fce42f5d056e9e8278a3a405c4aa902b485d15a6bed5a482deda143182deb3e7f1dfcf22d6f266d60be8c9ad62262e18c390dfd067b3269453b9137dac50daf71be80c04c4382253666f871b2723f8348937f72152bc4ab2cfea3dc5806a17efdceea3108b8c2fbb6f67891a0978cb9ab7ad9116558a9433c3579e967b1fc44471f6cd9d2affa16684551580a200db8457a714262cdf6dcef0db58e2a5e4273731ab55bedc583b9a6863cd7eebc443d9afdd37abcb53c44e23145276fe903bfcda9a03594a62706427b3cef46e2932f98c8362fd5e8c133720d5519bda1e39cdb167f8008f176cb14bd03a5fd117162a348dd4f626df3dc102648b8a75089faeb78ea72ecc9e9435ea4f86db7cd58f690bee4b2ff2f053b18a74a04c40a9aa2d7df67c19b20fa21f80b0b042ae351568c429f63f5988ea1c50eaaee34925fb096b91b61590f3c255da5d1de12990679945b3136273c8e72a065060f7a037bbf6689c1b697ef98a8410df167688690e9e8ba967697c8206c9ebcf98a8240a1718a1459e59b42134aae1912b9d6e07870fb4a29da9095f73e4f7b3c82fbf91198519734cee63c1aeb4"}) r7 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000000040)={"cf17d28182812b7a55267a7aeee3780a", r4, r8, {0x6, 0x400}, {0x1, 0x8}, 0x0, [0x2, 0xfffffffffffffffc, 0x6, 0x3, 0xfffffffffffffffa, 0x10000, 0x9, 0xffffffffffffff6e, 0x8, 0x9, 0x0, 0x7, 0x6, 0x14b, 0x80000000, 0x80000000]}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000140)={"0f41e7efde6b0d50bbd9da8c963e3a48", r0, r8, {0x5}, {0x5, 0x4}, 0x14, [0x7fff, 0x2, 0x80, 0x1, 0x9, 0x6, 0x7582, 0x9, 0x9, 0xa4e2, 0xfffffffffffffffc, 0xabf, 0x9, 0x3, 0x1ff, 0x3]}) 03:07:08 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xf6ffffff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:07:08 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d00010000000004"], 0x20}], 0x1}, 0x0) 03:07:08 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000140)) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:07:08 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 58) 03:07:08 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x300, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:07:08 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @broadcast}}}], 0x20}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @remote, @broadcast}}}], 0x20}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @remote, @broadcast}}}], 0x20}, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$inet(r8, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @remote, @broadcast}}}], 0x20}, 0x0) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000040), 0xc, &(0x7f0000000a40)={&(0x7f0000000380)={0x6c0, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}]}}, {{0x8}, {0x1a8, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7fffffff}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}]}}, {{0x8}, {0x1f8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xffff7fff}}, {0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x7fff, 0x2, 0x2, 0xf70}, {0x3, 0x1, 0x2, 0xfffffff8}, {0x20, 0x20, 0x81}]}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x33, 0x8, 0x6, 0x400}, {0x2733, 0x6, 0x6, 0x1f}, {0x7ad, 0x8, 0x20, 0x3}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0xc, 0x20, 0xb8, 0x451}, {0xff, 0x7f, 0x19, 0xc05}, {0x7, 0x7, 0x0, 0x4621}, {0x0, 0x0, 0x1f, 0x1}, {0x0, 0x6, 0x80, 0x1}, {0x17d, 0xe0, 0x7, 0x4}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r10}}}]}}, {{0x8}, {0x174, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x101}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x800}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8001}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x6c0}, 0x1, 0x0, 0x0, 0x24044000}, 0x4) syz_open_procfs(0x0, 0x0) [ 1971.332073] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1971.338739] blktrace: Concurrent blktraces are not allowed on sg0 [ 1971.348832] FAULT_INJECTION: forcing a failure. [ 1971.348832] name failslab, interval 1, probability 0, space 0, times 0 [ 1971.351086] CPU: 0 PID: 10687 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1971.352756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1971.354989] Call Trace: [ 1971.355500] [ 1971.355942] dump_stack_lvl+0x8b/0xb3 [ 1971.356732] should_fail.cold+0x5/0xa [ 1971.357501] ? kobject_get_path+0xc0/0x1d0 [ 1971.358349] should_failslab+0x5/0x10 [ 1971.359122] __kmalloc+0x72/0x440 [ 1971.359846] kobject_get_path+0xc0/0x1d0 [ 1971.360698] kobject_uevent_env+0x25c/0xfa0 [ 1971.361607] device_add+0xa97/0x1e60 [ 1971.362383] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1971.363506] ? kfree+0x217/0x410 [ 1971.364218] device_create_groups_vargs+0x203/0x280 [ 1971.365233] device_create+0xdc/0x110 [ 1971.366007] ? device_create_groups_vargs+0x280/0x280 [ 1971.367029] ? queue_work_node+0x350/0x350 [ 1971.367884] ? init_timer_key+0xd1/0x110 [ 1971.368796] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1971.369828] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1971.370795] ? init_timer_key+0x81/0x110 [ 1971.371612] mac80211_hwsim_new_radio+0x382/0x4900 [ 1971.372618] ? lock_is_held_type+0xd7/0x130 [ 1971.373489] ? hwsim_virtio_rx_work+0x360/0x360 [ 1971.374420] ? lock_release+0x3b2/0x750 [ 1971.375340] ? __kmalloc+0x25b/0x440 [ 1971.376115] hwsim_new_radio_nl+0x9ab/0x1050 [ 1971.376994] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1971.378030] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1971.379119] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1971.380445] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1971.381742] genl_family_rcv_msg_doit+0x22d/0x330 [ 1971.382702] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1971.384028] ? mutex_lock_io_nested+0x1310/0x1310 [ 1971.384993] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1971.386091] ? cap_capable+0x1eb/0x250 [ 1971.386891] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1971.388028] ? ns_capable+0xd9/0x100 [ 1971.388787] genl_rcv_msg+0x33c/0x5a0 [ 1971.389554] ? genl_get_cmd+0x480/0x480 [ 1971.390340] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1971.391368] ? lock_release+0x750/0x750 [ 1971.392179] netlink_rcv_skb+0x14b/0x430 [ 1971.392985] ? genl_get_cmd+0x480/0x480 [ 1971.393774] ? netlink_ack+0xa80/0xa80 [ 1971.394556] ? netlink_deliver_tap+0x1b2/0xc30 [ 1971.395474] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1971.396490] ? is_vmalloc_addr+0x7b/0xb0 [ 1971.397306] genl_rcv+0x24/0x40 [ 1971.397959] netlink_unicast+0x54a/0x800 [ 1971.398767] ? netlink_attachskb+0x880/0x880 [ 1971.399634] ? is_vmalloc_addr+0x7b/0xb0 [ 1971.400466] netlink_sendmsg+0x904/0xe00 [ 1971.401288] ? netlink_unicast+0x800/0x800 [ 1971.402134] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1971.403236] ? netlink_unicast+0x800/0x800 [ 1971.404082] sock_sendmsg+0x150/0x190 [ 1971.404846] ____sys_sendmsg+0x703/0x870 [ 1971.405661] ? kernel_sendmsg+0x50/0x50 [ 1971.406454] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1971.407358] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1971.408420] ? lock_release+0x3b2/0x750 [ 1971.409239] ___sys_sendmsg+0xf3/0x170 [ 1971.410011] ? sendmsg_copy_msghdr+0x160/0x160 [ 1971.410914] ? lock_release+0x3b2/0x750 [ 1971.411711] ? lock_downgrade+0x6d0/0x6d0 [ 1971.412549] ? lock_release+0x3b2/0x750 [ 1971.413348] ? ksys_write+0x20c/0x250 [ 1971.414105] ? lock_downgrade+0x6d0/0x6d0 [ 1971.414941] ? __fget_files+0x287/0x470 [ 1971.415753] ? __fget_light+0xea/0x270 [ 1971.416555] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1971.417667] __sys_sendmsg+0xe5/0x1b0 [ 1971.418428] ? __sys_sendmsg_sock+0x30/0x30 [ 1971.419276] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1971.420408] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1971.421440] do_syscall_64+0x3b/0x90 [ 1971.422187] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1971.423203] RIP: 0033:0x7f406f897b19 [ 1971.423933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1971.427573] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1971.429101] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1971.429998] blktrace: Concurrent blktraces are not allowed on sg0 [ 1971.430509] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1971.430529] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1971.430545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1971.430561] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1971.430606] 03:07:21 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 59) 03:07:21 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0xf00, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:07:21 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d38000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000500"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:07:21 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8919, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x891c, 0x0) r1 = fork() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x12) ptrace$setopts(0x4206, r1, 0x100000000001, 0x44) ptrace(0x4208, r1) ptrace(0x10, r1) syz_open_procfs(r1, 0x0) 03:07:21 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:21 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d00010000000004"], 0x20}], 0x1}, 0x0) 03:07:21 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfcfdffff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:07:21 executing program 0: syncfs(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8001, 0x2001, 0xd6c2}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0xfffffffffffffc01, 0xfffffffffffffffb, 0x7}) [ 1984.816630] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1984.833181] FAULT_INJECTION: forcing a failure. [ 1984.833181] name failslab, interval 1, probability 0, space 0, times 0 [ 1984.835889] CPU: 1 PID: 10717 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1984.837529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1984.839754] Call Trace: [ 1984.840282] [ 1984.840729] dump_stack_lvl+0x8b/0xb3 [ 1984.841505] should_fail.cold+0x5/0xa [ 1984.842270] ? create_object.isra.0+0x3a/0xa20 [ 1984.843183] should_failslab+0x5/0x10 [ 1984.843940] kmem_cache_alloc+0x5b/0x480 [ 1984.844775] create_object.isra.0+0x3a/0xa20 [ 1984.845651] ? kasan_unpoison+0x23/0x50 [ 1984.846443] __kmalloc+0x25b/0x440 [ 1984.847170] kobject_get_path+0xc0/0x1d0 [ 1984.847985] kobject_uevent_env+0x25c/0xfa0 [ 1984.848873] device_add+0xa97/0x1e60 [ 1984.849623] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1984.850709] ? kfree+0x217/0x410 [ 1984.851405] device_create_groups_vargs+0x203/0x280 [ 1984.852411] device_create+0xdc/0x110 [ 1984.853174] ? device_create_groups_vargs+0x280/0x280 [ 1984.854192] ? queue_work_node+0x350/0x350 [ 1984.855042] ? init_timer_key+0xd1/0x110 [ 1984.855872] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1984.856788] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1984.857749] ? init_timer_key+0x81/0x110 [ 1984.858566] mac80211_hwsim_new_radio+0x382/0x4900 [ 1984.859538] ? lock_is_held_type+0xd7/0x130 [ 1984.860470] ? hwsim_virtio_rx_work+0x360/0x360 [ 1984.861399] ? lock_release+0x3b2/0x750 [ 1984.862193] ? __kmalloc+0x25b/0x440 [ 1984.862946] hwsim_new_radio_nl+0x9ab/0x1050 [ 1984.863825] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1984.864866] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1984.865964] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1984.867262] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1984.868562] genl_family_rcv_msg_doit+0x22d/0x330 [ 1984.869519] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1984.870821] ? mutex_lock_io_nested+0x1310/0x1310 [ 1984.871778] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1984.872897] ? cap_capable+0x1eb/0x250 [ 1984.873701] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1984.874794] ? ns_capable+0xd9/0x100 [ 1984.875551] genl_rcv_msg+0x33c/0x5a0 [ 1984.876317] ? genl_get_cmd+0x480/0x480 [ 1984.877112] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1984.878140] ? lock_release+0x750/0x750 [ 1984.878941] netlink_rcv_skb+0x14b/0x430 [ 1984.879744] ? genl_get_cmd+0x480/0x480 [ 1984.880545] ? netlink_ack+0xa80/0xa80 [ 1984.881324] ? netlink_deliver_tap+0x1b2/0xc30 [ 1984.882241] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1984.883228] ? is_vmalloc_addr+0x7b/0xb0 [ 1984.884045] genl_rcv+0x24/0x40 [ 1984.884721] netlink_unicast+0x54a/0x800 [ 1984.885536] ? netlink_attachskb+0x880/0x880 [ 1984.886399] ? is_vmalloc_addr+0x7b/0xb0 [ 1984.887226] netlink_sendmsg+0x904/0xe00 [ 1984.888043] ? netlink_unicast+0x800/0x800 [ 1984.888899] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1984.890001] ? netlink_unicast+0x800/0x800 [ 1984.890840] sock_sendmsg+0x150/0x190 [ 1984.891608] ____sys_sendmsg+0x703/0x870 [ 1984.892452] ? kernel_sendmsg+0x50/0x50 [ 1984.893468] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1984.894486] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1984.895545] ? lock_release+0x3b2/0x750 [ 1984.896360] ___sys_sendmsg+0xf3/0x170 [ 1984.897139] ? sendmsg_copy_msghdr+0x160/0x160 03:07:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xbe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1984.898043] ? lock_release+0x3b2/0x750 [ 1984.898969] ? lock_downgrade+0x6d0/0x6d0 [ 1984.899836] ? lock_release+0x3b2/0x750 [ 1984.900650] ? ksys_write+0x20c/0x250 [ 1984.901409] ? lock_downgrade+0x6d0/0x6d0 [ 1984.902250] ? __fget_files+0x287/0x470 [ 1984.903073] ? __fget_light+0xea/0x270 [ 1984.903863] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1984.904975] __sys_sendmsg+0xe5/0x1b0 [ 1984.905735] ? __sys_sendmsg_sock+0x30/0x30 [ 1984.906590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1984.907709] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1984.908754] do_syscall_64+0x3b/0x90 [ 1984.909510] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1984.910535] RIP: 0033:0x7f406f897b19 [ 1984.911270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1984.914885] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1984.916395] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1984.917797] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1984.919199] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1984.920618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1984.922018] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1984.923447] 03:07:22 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d00010000000004"], 0x20}], 0x1}, 0x0) 03:07:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0xf000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) 03:07:22 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f0787421c1b17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ba624696fe3203a7f98bc9b1e060000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) 03:07:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfeffffff, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:07:22 executing program 3: syz_open_procfs(0x0, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 03:07:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xfffff000, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000080)="a4", 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYRES32=0x0]) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0xffff8000) 03:07:22 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d000100000000040000000004"], 0x20}], 0x1}, 0x0) (fail_nth: 60) 03:07:22 executing program 7: clock_gettime(0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000001d00010000000004000000000400"], 0x20}], 0x1}, 0x0) 03:07:22 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config', 0x0, 0xb0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00'}) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="0801720989000000e0010000080000000601000001000000000000000000000029a96356e060c8582a03e390069a340c1281c3e8253237e20f07741976fc17f7ef237ec8d93c238d7636cff198dd69c352776b85106a71465e39d84120a24370f5e0a355b27e0f1e9f63a3dfccc84ece62d44675bef8d99579b5d32259f756fe8d82a451332a347d0d69bf7f2b2089c608a6678150e20ae6078b2cee986d8e61371d380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"/1242], 0x5a3) write(0xffffffffffffffff, &(0x7f0000000080)="01", 0x20000081) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0x240280, 0x0) sendfile(r0, r1, 0x0, 0x3) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101002, 0x0) accept$unix(r3, 0x0, &(0x7f0000000240)) [ 1985.333896] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 03:07:22 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x90, r1, 0x5, 0x0, 0x34000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x90}}, 0x0) [ 1985.641583] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1985.643011] FAULT_INJECTION: forcing a failure. [ 1985.643011] name failslab, interval 1, probability 0, space 0, times 0 [ 1985.644252] CPU: 0 PID: 10763 Comm: syz-executor.5 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1985.645141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1985.646342] Call Trace: [ 1985.646618] [ 1985.646853] dump_stack_lvl+0x8b/0xb3 [ 1985.647286] should_fail.cold+0x5/0xa [ 1985.647700] ? create_object.isra.0+0x3a/0xa20 [ 1985.648199] should_failslab+0x5/0x10 [ 1985.648615] kmem_cache_alloc+0x5b/0x480 [ 1985.649066] create_object.isra.0+0x3a/0xa20 [ 1985.649548] ? kasan_unpoison+0x23/0x50 [ 1985.649984] __kmalloc+0x25b/0x440 [ 1985.650372] kobject_get_path+0xc0/0x1d0 [ 1985.650804] kobject_uevent_env+0x25c/0xfa0 [ 1985.651277] device_add+0xa97/0x1e60 [ 1985.651705] ? __fw_devlink_link_to_suppliers+0x470/0x470 [ 1985.652325] ? kfree+0x217/0x410 [ 1985.652697] device_create_groups_vargs+0x203/0x280 [ 1985.653249] device_create+0xdc/0x110 [ 1985.653650] ? device_create_groups_vargs+0x280/0x280 [ 1985.654222] ? queue_work_node+0x350/0x350 [ 1985.654670] ? init_timer_key+0xd1/0x110 [ 1985.655129] ? ieee80211_roc_setup+0x2bc/0x3a0 [ 1985.655635] ? ieee80211_alloc_hw_nm+0x1e3/0x2190 [ 1985.656140] ? init_timer_key+0x81/0x110 [ 1985.656602] mac80211_hwsim_new_radio+0x382/0x4900 [ 1985.657146] ? lock_is_held_type+0xd7/0x130 [ 1985.657631] ? hwsim_virtio_rx_work+0x360/0x360 [ 1985.658140] ? lock_release+0x3b2/0x750 [ 1985.658558] ? __kmalloc+0x25b/0x440 [ 1985.658983] hwsim_new_radio_nl+0x9ab/0x1050 [ 1985.659442] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1985.660019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1985.660614] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b8/0x290 [ 1985.661341] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 1985.662020] genl_family_rcv_msg_doit+0x22d/0x330 [ 1985.662556] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 1985.663275] ? mutex_lock_io_nested+0x1310/0x1310 [ 1985.663802] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1985.664420] ? cap_capable+0x1eb/0x250 [ 1985.664867] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1985.665439] ? ns_capable+0xd9/0x100 [ 1985.665873] genl_rcv_msg+0x33c/0x5a0 [ 1985.666291] ? genl_get_cmd+0x480/0x480 [ 1985.666730] ? mac80211_hwsim_new_radio+0x4900/0x4900 [ 1985.667306] ? lock_release+0x750/0x750 [ 1985.667745] netlink_rcv_skb+0x14b/0x430 [ 1985.668184] ? genl_get_cmd+0x480/0x480 [ 1985.668632] ? netlink_ack+0xa80/0xa80 [ 1985.669060] ? netlink_deliver_tap+0x1b2/0xc30 [ 1985.669541] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1985.670094] ? is_vmalloc_addr+0x7b/0xb0 [ 1985.670526] genl_rcv+0x24/0x40 [ 1985.670894] netlink_unicast+0x54a/0x800 [ 1985.671347] ? netlink_attachskb+0x880/0x880 [ 1985.671825] ? is_vmalloc_addr+0x7b/0xb0 [ 1985.672267] netlink_sendmsg+0x904/0xe00 [ 1985.672721] ? netlink_unicast+0x800/0x800 [ 1985.673168] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1985.673784] ? netlink_unicast+0x800/0x800 [ 1985.674231] sock_sendmsg+0x150/0x190 [ 1985.674655] ____sys_sendmsg+0x703/0x870 [ 1985.675090] ? kernel_sendmsg+0x50/0x50 [ 1985.675530] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1985.676010] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1985.676599] ? lock_release+0x3b2/0x750 [ 1985.677041] ___sys_sendmsg+0xf3/0x170 [ 1985.677473] ? sendmsg_copy_msghdr+0x160/0x160 [ 1985.677976] ? lock_release+0x3b2/0x750 [ 1985.678417] ? lock_downgrade+0x6d0/0x6d0 [ 1985.678879] ? lock_release+0x3b2/0x750 [ 1985.679317] ? ksys_write+0x20c/0x250 [ 1985.679742] ? lock_downgrade+0x6d0/0x6d0 [ 1985.680227] ? __fget_files+0x287/0x470 [ 1985.680678] ? __fget_light+0xea/0x270 [ 1985.681110] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1985.681716] __sys_sendmsg+0xe5/0x1b0 [ 1985.682138] ? __sys_sendmsg_sock+0x30/0x30 [ 1985.682604] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1985.683219] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1985.683790] do_syscall_64+0x3b/0x90 [ 1985.684214] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1985.684752] RIP: 0033:0x7f406f897b19 [ 1985.685155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1985.687168] RSP: 002b:00007f406ce0d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1985.687995] RAX: ffffffffffffffda RBX: 00007f406f9aaf60 RCX: 00007f406f897b19 [ 1985.688788] RDX: 0000000000000000 RSI: 0000000020007ec0 RDI: 0000000000000003 [ 1985.689567] RBP: 00007f406ce0d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1985.690343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1985.691118] R13: 00007fffaa9b94af R14: 00007f406ce0d300 R15: 0000000000022000 [ 1985.691915] [ 1988.283120] syz-fuzzer invoked oom-killer: gfp_mask=0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), order=0, oom_score_adj=0 [ 1988.286083] CPU: 0 PID: 268 Comm: syz-fuzzer Not tainted 5.18.0-rc3-next-20220422 #1 [ 1988.287932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1988.290616] Call Trace: [ 1988.291226] [ 1988.291757] dump_stack_lvl+0x8b/0xb3 [ 1988.292715] dump_header+0x10b/0x7e4 [ 1988.293506] oom_kill_process.cold+0x10/0x15 [ 1988.294363] out_of_memory+0x11e5/0x14a0 [ 1988.295166] ? oom_killer_disable+0x270/0x270 [ 1988.296051] __alloc_pages_slowpath.constprop.0+0x1972/0x1f10 [ 1988.297215] ? warn_alloc+0x190/0x190 [ 1988.297965] ? prepare_alloc_pages+0x371/0x500 [ 1988.298863] __alloc_pages+0x403/0x4e0 [ 1988.299623] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1988.300826] ? lock_is_held_type+0xd7/0x130 [ 1988.301677] ? __filemap_get_folio+0x2d4/0xfe0 [ 1988.302600] ? lock_downgrade+0x6d0/0x6d0 [ 1988.303408] ? lock_is_held_type+0xd7/0x130 [ 1988.304294] alloc_pages+0x1a0/0x2f0 [ 1988.305030] __filemap_get_folio+0x65f/0xfe0 [ 1988.305924] ? filemap_read+0xba0/0xba0 [ 1988.306745] filemap_fault+0x156a/0x2140 [ 1988.307579] ? __filemap_get_folio+0xfe0/0xfe0 [ 1988.308533] __do_fault+0x113/0x5a0 [ 1988.309269] __handle_mm_fault+0x13a8/0x3600 [ 1988.310150] ? lock_is_held_type+0xd7/0x130 [ 1988.311002] ? __pmd_alloc+0x680/0x680 [ 1988.311823] handle_mm_fault+0x2e6/0xa20 [ 1988.312666] do_user_addr_fault+0x54a/0x12a0 [ 1988.313554] exc_page_fault+0xa2/0x1a0 [ 1988.314335] ? asm_exc_page_fault+0x8/0x30 [ 1988.315177] asm_exc_page_fault+0x1e/0x30 [ 1988.316006] RIP: 0033:0x40b03e [ 1988.316659] Code: Unable to access opcode bytes at RIP 0x40b014. [ 1988.317846] RSP: 002b:000000c00003fed8 EFLAGS: 00010212 [ 1988.318908] RAX: ffffffffffffff92 RBX: 0000000038887b03 RCX: 0000000000466533 [ 1988.320344] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000001f20e78 [ 1988.321748] RBP: 000000c00003ff00 R08: 0000000000000000 R09: 0000000000000000 [ 1988.323147] R10: 000000c00003feb8 R11: 0000000000000206 R12: 0000000000438880 [ 1988.324567] R13: 0000000000000000 R14: 0000000000e5de2c R15: 0000000000000000 [ 1988.326013] [ 1988.326596] Mem-Info: [ 1988.327078] active_anon:9596 inactive_anon:48420 isolated_anon:0 [ 1988.327078] active_file:25 inactive_file:13 isolated_file:1 [ 1988.327078] unevictable:0 dirty:0 writeback:0 [ 1988.327078] slab_reclaimable:8382 slab_unreclaimable:74922 [ 1988.327078] mapped:69635 shmem:305 pagetables:2780 bounce:0 [ 1988.327078] kernel_misc_reclaimable:0 [ 1988.327078] free:2805 free_pcp:62 free_cma:0 [ 1988.333962] Node 0 active_anon:38384kB inactive_anon:193680kB active_file:100kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:278540kB dirty:0kB writeback:0kB shmem:1220kB writeback_tmp:0kB kernel_stack:5728kB pagetables:11120kB all_unreclaimable? no [ 1988.338719] Node 0 DMA free:6484kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:48kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1988.343821] lowmem_reserve[]: 0 1615 1615 1615 [ 1988.344800] Node 0 DMA32 free:4484kB boost:0kB min:5120kB low:6772kB high:8424kB reserved_highatomic:2048KB active_anon:38384kB inactive_anon:193632kB active_file:204kB inactive_file:0kB unevictable:0kB writepending:0kB present:2080640kB managed:1658380kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1988.350345] lowmem_reserve[]: 0 0 0 0 [ 1988.351167] Node 0 DMA: 3*4kB (UM) 1*8kB (M) 2*16kB (M) 1*32kB (M) 2*64kB (M) 1*128kB (U) 2*256kB (UM) 1*512kB (M) 1*1024kB (M) 0*2048kB 1*4096kB (M) = 6484kB [ 1988.354280] Node 0 DMA32: 330*4kB (ME) 60*8kB (UME) 24*16kB (UM) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 1*2048kB (H) 0*4096kB = 4232kB [ 1988.356998] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1988.358644] 348 total pagecache pages [ 1988.359386] 0 pages in swap cache [ 1988.360065] Swap cache stats: add 0, delete 0, find 0/0 [ 1988.361129] Free swap = 0kB [ 1988.361738] Total swap = 0kB [ 1988.362334] 524158 pages RAM [ 1988.362935] 0 pages HighMem/MovableOnly [ 1988.363730] 105723 pages reserved [ 1988.364404] Unreclaimable slab info: [ 1988.365456] Name Used Total [ 1988.366619] pid_3 7KB 7KB [ 1988.367683] pid_2 76KB 101KB [ 1988.368877] IEEE-802.15.4-MAC 63KB 63KB [ 1988.369960] IEEE-802.15.4-RAW 63KB 63KB [ 1988.371002] p9_req_t 8KB 8KB [ 1988.372073] fib6_nodes 28KB 28KB [ 1988.373170] ip6_dst_cache 16KB 41KB [ 1988.374237] PINGv6 30KB 30KB [ 1988.375289] RAWv6 154KB 154KB [ 1988.376364] UDPLITEv6 62KB 62KB [ 1988.377437] UDPv6 62KB 62KB [ 1988.378500] tw_sock_TCPv6 15KB 15KB [ 1988.379568] TCPv6 62KB 62KB [ 1988.380636] scsi_sense_cache 8KB 8KB [ 1988.381709] virtio_scsi_cmd 16KB 16KB [ 1988.382742] bio-120 7KB 7KB [ 1988.383813] sgpool-128 127KB 297KB [ 1988.384866] sgpool-64 63KB 63KB [ 1988.385929] sgpool-32 78KB 78KB [ 1988.386972] sgpool-16 75KB 75KB [ 1988.388038] sgpool-8 45KB 45KB [ 1988.389095] mqueue_inode_cache 60KB 60KB [ 1988.390201] nfs_commit_data 15KB 15KB [ 1988.391249] nfs_write_data 47KB 47KB [ 1988.392336] jbd2_inode 7KB 7KB [ 1988.393396] ext4_system_zone 3KB 3KB [ 1988.394448] ext4_io_end_vec 11KB 11KB [ 1988.395532] ext4_bio_post_read_ctx 15KB 15KB [ 1988.396674] io_kiocb 15KB 15KB [ 1988.397744] kioctx 31KB 31KB [ 1988.398786] aio_kiocb 7KB 7KB [ 1988.399860] fasync_cache 7KB 7KB [ 1988.400919] pid_namespace 7KB 7KB [ 1988.401990] rpc_buffers 31KB 31KB [ 1988.403022] rpc_tasks 3KB 3KB [ 1988.404087] UNIX-STREAM 118KB 288KB [ 1988.405136] UNIX 202KB 288KB [ 1988.406202] UDP-Lite 63KB 63KB [ 1988.407263] tcp_bind_bucket 8KB 8KB [ 1988.408365] ip_fib_trie 8KB 8KB [ 1988.409416] ip_fib_alias 11KB 11KB [ 1988.410499] ip_dst_cache 24KB 44KB [ 1988.411551] PING 62KB 62KB [ 1988.412626] RAW 61KB 61KB [ 1988.413697] UDP 161KB 252KB [ 1988.414748] request_sock_TCP 7KB 7KB [ 1988.415814] TCP 60KB 60KB [ 1988.416896] hugetlbfs_inode_cache 15KB 15KB [ 1988.418023] bio-248 18KB 18KB [ 1988.419070] ep_head 8KB 8KB [ 1988.420134] eventpoll_pwq 23KB 23KB [ 1988.421200] eventpoll_epi 47KB 47KB [ 1988.422261] inotify_inode_mark 31KB 31KB [ 1988.423335] request_queue 63KB 63KB [ 1988.424425] blkdev_ioc 8KB 8KB [ 1988.425504] bio-184 40KB 40KB [ 1988.426563] biovec-max 1984KB 1984KB [ 1988.427615] biovec-128 31KB 31KB [ 1988.428691] biovec-64 94KB 173KB [ 1988.429750] biovec-16 41KB 41KB [ 1988.430817] user_namespace 15KB 15KB [ 1988.431871] uid_cache 7KB 7KB [ 1988.432944] dmaengine-unmap-2 4KB 4KB [ 1988.434006] audit_buffer 7KB 7KB [ 1988.435057] skbuff_fclone_cache 82KB 82KB [ 1988.436178] skbuff_head_cache 1006KB 1305KB [ 1988.437247] configfs_dir_cache 8KB 8KB [ 1988.438329] file_lock_cache 43KB 43KB [ 1988.439409] file_lock_ctx 7KB 7KB [ 1988.440495] fsnotify_mark_connector 20KB 20KB [ 1988.441664] taskstats 79KB 79KB [ 1988.442711] proc_dir_entry 401KB 401KB [ 1988.443772] pde_opener 11KB 27KB [ 1988.444835] seq_file 56KB 56KB [ 1988.445903] sigqueue 39KB 39KB [ 1988.446974] shmem_inode_cache 1607KB 1639KB [ 1988.448037] kernfs_iattrs_cache 249KB 250KB [ 1988.449156] kernfs_node_cache 12933KB 12933KB [ 1988.450213] mnt_cache 208KB 212KB [ 1988.451296] filp 1343KB 1500KB [ 1988.452387] names_cache 9116KB 10408KB [ 1988.453492] net_namespace 80KB 80KB [ 1988.454561] hashtab_node 278KB 278KB [ 1988.455634] ebitmap_node 1153KB 1153KB [ 1988.456735] avtab_node 4976KB 4976KB [ 1988.457822] avc_node 35KB 35KB [ 1988.458891] lsm_inode_cache 3071KB 3095KB [ 1988.459975] lsm_file_cache 67KB 124KB [ 1988.461049] key_jar 31KB 31KB [ 1988.462118] uts_namespace 15KB 15KB [ 1988.463014] syz-executor.0: page allocation failure: order:0, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset= [ 1988.463186] nsproxy 7KB 7KB [ 1988.463207] syz0 [ 1988.465204] vm_area_struct 1657KB 1820KB [ 1988.465910] ,mems_allowed=0 [ 1988.466313] mm_struct 271KB 315KB [ 1988.466972] [ 1988.467559] fs_cache 52KB 52KB [ 1988.468089] CPU: 1 PID: 10707 Comm: syz-executor.0 Not tainted 5.18.0-rc3-next-20220422 #1 [ 1988.468427] files_cache 207KB 207KB [ 1988.468962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1988.468974] Call Trace: [ 1988.468980] [ 1988.468986] dump_stack_lvl+0x8b/0xb3 [ 1988.470777] signal_cache 388KB 425KB [ 1988.471139] warn_alloc.cold+0x95/0x18a [ 1988.473393] sighand_cache 420KB 420KB [ 1988.473631] ? zone_watermark_ok_safe+0x240/0x240 [ 1988.473655] ? schedule_timeout+0x14b/0x280 [ 1988.474086] task_struct 1748KB 2052KB [ 1988.474477] ? usleep_range_state+0x1b0/0x1b0 [ 1988.474500] ? timer_migration_handler+0x110/0x110 [ 1988.475543] cred_jar 124KB 156KB [ 1988.475932] ? del_timer_sync+0x1cd/0x260 [ 1988.476990] anon_vma_chain 380KB 417KB [ 1988.477449] __alloc_pages_slowpath.constprop.0+0x1a21/0x1f10 [ 1988.478300] anon_vma 395KB 408KB [ 1988.478830] ? warn_alloc+0x190/0x190 [ 1988.479716] pid 65KB 82KB [ 1988.480199] ? prepare_alloc_pages+0x371/0x500 [ 1988.481255] Acpi-Operand 99KB 158KB [ 1988.481643] ? lock_is_held_type+0xd7/0x130 [ 1988.481665] __alloc_pages+0x403/0x4e0 [ 1988.482707] Acpi-ParseExt 31KB 31KB [ 1988.483281] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 1988.484348] Acpi-Parse 51KB 67KB [ 1988.484711] ? asm_common_interrupt+0x1e/0x40 [ 1988.484738] alloc_pages+0x1a0/0x2f0 [ 1988.485770] Acpi-State 55KB 70KB [ 1988.486215] relay_open_buf.part.0+0x2a4/0xc00 [ 1988.487258] Acpi-Namespace 28KB 28KB [ 1988.487677] relay_open+0x4ec/0x970 [ 1988.488443] numa_policy 3KB 3KB [ 1988.488988] do_blk_trace_setup+0x4bc/0xb60 [ 1988.489014] __blk_trace_setup+0xca/0x180 [ 1988.490201] perf_event 126KB 126KB [ 1988.490722] ? do_blk_trace_setup+0xb60/0xb60 [ 1988.490753] ? lock_is_held_type+0xd7/0x130 [ 1988.491644] trace_event_file 175KB 175KB [ 1988.491997] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 1988.493070] ftrace_event_field 304KB 304KB [ 1988.493511] blk_trace_setup+0x43/0x60 [ 1988.493533] sg_ioctl+0x6a8/0x2820 [ 1988.494591] pool_workqueue 136KB 136KB [ 1988.494940] ? selinux_inode_getsecctx+0x90/0x90 [ 1988.496000] task_group 16KB 16KB [ 1988.496416] ? sg_write+0x110/0x110 [ 1988.497235] vmap_area 54KB 59KB [ 1988.497759] ? selinux_file_ioctl+0xb1/0x260 [ 1988.498663] page->ptl 350KB 389KB [ 1988.499073] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1988.500115] kmemleak_scan_area 23KB 31KB [ 1988.500621] ? sg_write+0x110/0x110 [ 1988.500647] __x64_sys_ioctl+0x196/0x210 [ 1988.502199] kmemleak_object 163274KB 167157KB [ 1988.502446] do_syscall_64+0x3b/0x90 [ 1988.503520] kmalloc-cg-8k 96KB 96KB [ 1988.503948] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1988.505022] kmalloc-cg-4k 864KB 1024KB [ 1988.505358] RIP: 0033:0x7f906eddbb19 [ 1988.506412] kmalloc-cg-2k 1752KB 1760KB [ 1988.506841] Code: Unable to access opcode bytes at RIP 0x7f906eddbaef. [ 1988.506850] RSP: 002b:00007f906c351188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1988.507917] kmalloc-cg-1k 254KB 288KB [ 1988.508456] RAX: ffffffffffffffda RBX: 00007f906eeeef60 RCX: 00007f906eddbb19 [ 1988.509544] kmalloc-cg-512 248KB 256KB [ 1988.509888] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000003 [ 1988.510700] kmalloc-cg-256 16KB 16KB [ 1988.511211] RBP: 00007f906ee35f6d R08: 0000000000000000 R09: 0000000000000000 [ 1988.511964] kmalloc-cg-192 72KB 72KB [ 1988.512478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1988.512489] R13: 00007ffe0728edaf R14: 00007f906c351300 R15: 0000000000022000 [ 1988.512514] [ 1988.513530] kmalloc-cg-128 24KB 24KB [ 1988.514837] Mem-Info: [ 1988.515852] kmalloc-cg-96 38KB 44KB [ 1988.515871] kmalloc-cg-64 32KB 32KB [ 1988.515889] kmalloc-cg-32 34KB 72KB [ 1988.515905] kmalloc-cg-16 8KB 8KB [ 1988.516609] active_anon:9596 inactive_anon:48420 isolated_anon:0 [ 1988.516609] active_file:26 inactive_file:13 isolated_file:0 [ 1988.516609] unevictable:0 dirty:0 writeback:0 [ 1988.516609] slab_reclaimable:8382 slab_unreclaimable:74922 [ 1988.516609] mapped:69634 shmem:305 pagetables:2780 bounce:0 [ 1988.516609] kernel_misc_reclaimable:0 [ 1988.516609] free:2616 free_pcp:62 free_cma:0 [ 1988.518141] kmalloc-cg-8 15KB 15KB [ 1988.518673] Node 0 active_anon:38384kB inactive_anon:193680kB active_file:104kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:278536kB dirty:0kB writeback:0kB shmem:1220kB writeback_tmp:0kB kernel_stack:5728kB pagetables:11120kB all_unreclaimable? yes [ 1988.520114] kmalloc-8k 5376KB 5472KB [ 1988.520649] Node 0 DMA free:6484kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:48kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1988.522106] kmalloc-4k 10576KB 10752KB [ 1988.522638] lowmem_reserve[]: 0 1615 1615 1615 [ 1988.524093] kmalloc-2k 10756KB 10880KB [ 1988.524637] [ 1988.524643] Node 0 DMA32 free:3980kB boost:6144kB min:11264kB low:12916kB high:14568kB reserved_highatomic:2048KB active_anon:38384kB inactive_anon:193632kB active_file:204kB inactive_file:0kB unevictable:0kB writepending:0kB present:2080640kB managed:1658380kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 1988.526113] kmalloc-1k 7274KB 9504KB [ 1988.526810] lowmem_reserve[]: 0 0 0 0 [ 1988.527329] kmalloc-512 6066KB 7952KB [ 1988.527831] [ 1988.527837] Node 0 DMA: 3*4kB [ 1988.528343] kmalloc-256 1456KB 1456KB [ 1988.528899] (UM) 1*8kB (M) 2*16kB [ 1988.529983] kmalloc-192 668KB 668KB [ 1988.530515] (M) 1*32kB (M) 2*64kB [ 1988.531603] kmalloc-128 508KB 516KB [ 1988.535105] (M) 1*128kB (U) 2*256kB [ 1988.536204] kmalloc-96 480KB 592KB [ 1988.538688] (UM) 1*512kB (M) 1*1024kB [ 1988.539799] kmalloc-64 1336KB 1552KB [ 1988.542320] (M) 0*2048kB 1*4096kB (M) [ 1988.543412] kmalloc-32 511KB 560KB [ 1988.543873] = 6484kB [ 1988.543880] Node 0 DMA32: 268*4kB [ 1988.544993] kmalloc-16 378KB 384KB [ 1988.545153] (ME) 50*8kB [ 1988.550834] kmalloc-8 401KB 406KB [ 1988.551356] (UME) 13*16kB [ 1988.552136] kmem_cache_node 51KB 51KB [ 1988.552671] (UM) 0*32kB 0*64kB 0*128kB [ 1988.553011] kmem_cache 78KB 78KB [ 1988.553333] 0*256kB [ 1988.554392] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null) [ 1988.554747] 0*512kB 0*1024kB 1*2048kB (H) [ 1988.555829] ,cpuset= [ 1988.556175] 0*4096kB = 3728kB [ 1988.556189] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1988.556202] 348 total pagecache pages [ 1988.556208] 0 pages in swap cache [ 1988.556217] Swap cache stats: add 0, delete 0, find 0/0 [ 1988.556227] Free swap = 0kB [ 1988.556232] Total swap = 0kB [ 1988.557520] / [ 1988.557821] 524158 pages RAM [ 1988.557829] 0 pages HighMem/MovableOnly [ 1988.557834] 105723 pages reserved [ 1988.580874] ,mems_allowed=0,global_oom,task_memcg=/system.slice/ssh.service,task=syz-fuzzer,pid=268,uid=0 [ 1988.583329] Out of memory (oom_kill_allocating_task): Killed process 267 (syz-fuzzer) total-vm:1169928kB, anon-rss:189880kB, file-rss:0kB, shmem-rss:0kB, UID:0 pgtables:804kB oom_score_adj:0 VM DIAGNOSIS: 03:07:27 Registers: info registers vcpu 0 RAX=0000000000000003 RBX=ffffffff859287c0 RCX=ffffffff810a72ce RDX=0000000000000000 RSI=ffffffff85c04320 RDI=ffffffff859287b8 RBP=ffffffff859287b8 RSP=ffff8880428f70a0 R8 =ffffffff85c04320 R9 =ffffffff85c12088 R10=ffffed100851ee44 R11=000000000003403c R12=ffffffff859287c8 R13=ffffffff859287b8 R14=ffffffff859287b8 R15=dffffc0000000000 RIP=ffffffff8111450c RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0e5df52e70 CR3=000000000ecb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff4ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM01=0000000000000000 0000000000000000 3030623438613630 3638616663356134 YMM02=0000000000000000 0000000000000000 3830306234386136 3036386166633561 YMM03=0000000000000000 0000000000000000 2f6c616e72756f6a 2f676f6c2f6e7572 YMM04=0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0a33093a5f656d65 4d0a312d30093a43 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 415453454d49545f 454d49544c414552 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000020 0000000020000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=00000000000000c8 RBX=00000000000000c8 RCX=0000000000000000 RDX=00000000000101f7 RSI=ffffffff82089b34 RDI=0000000000000003 RBP=ffff8880089f8000 RSP=ffff88804381f0f8 R8 =0000000000010000 R9 =0000000000000000 R10=ffffffff82089b26 R11=0000000000000000 R12=00000000000101f7 R13=ffff8880089f81a0 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff82089b3a RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3a21f96900 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3a227d7520 CR3=0000000045f9a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff4ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 6977336d7300336d 732d61737200336d YMM01=0000000000000000 0000000000000000 636e656173726874 6977336d7300336d YMM02=0000000000000000 0000000000000000 ff00000000010000 0000000000000000 YMM03=0000000000000000 0000000000000000 532d41535200336d 7300656d65686373 YMM04=0000000000000000 0000000000000000 4040404040404040 4040404040404040 YMM05=0000000000000000 0000000000000000 5a5a5a5a5a5a5a5a 5a5a5a5a5a5a5a5a YMM06=0000000000000000 0000000000000000 2020202020202020 2020202020202020 YMM07=0000000000000000 0000000000000000 ffff00ffff0000ff ff00ffffff0000ff YMM08=0000000000000000 0000000000000000 0020000000000020 2000202020000000 YMM09=0000000000000000 0000000000000000 ffffffffffffffff ffff00ffff0000ff YMM10=0000000000000000 0000000000000000 0000202020200000 0020000000000020 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000