0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3028.694882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.730121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.740796] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.752224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.755351] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.761214] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:00 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3028.815016] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.824617] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.829445] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.839871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.848588] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:00 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x4000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002700)={0x50, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "21215edca9fb473f08e89ca9b09f19a1dba07e18db0695ce"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}]]}, 0x50}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000026c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002680)={&(0x7f0000000400)={0x2268, r2, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x0, 0x2f}}}}, [@NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x9}, @beacon=[@NL80211_ATTR_PROBE_RESP={0x40c, 0x91, "d1e53ee84c85f76634803e859a3b5586cbb5422438e4c685f13a21caf856ffac1e663563c062a24651066fd3d6e20a9fb124c55fd27365fa16b789c70bf2668b5debede11928da31711b737141d889266ad6113e6836d23a259757894dd2b78cb587b9573ef91664c7bcdff1712c77ba2774fe1d2c3db0c971fbcbcc538870653a242c2fd43d6bf1ee82a0e7e8bcf7ceb374cef500ec1e2609e41608bbe41c223d22dd36b8f05e3084b89e975656bbf5a3759e783902235a9f0a3e25cc98976c6e4df45d395f6df2a877da1911eb2ace424afb51a84ab13170859f2957aecdb3a46c5ae01716502d5b9bb2f73707b24894707109706c5a23181a7bb00719ce243c70fa1e4a4c083412ced7cda147d171acc7b92edeefd74a2cd2b1eb33fa4288bc3ed570136de6b4214d94d3870e255a2b31361058a936f648ff4282a6056e2bcc21c63ae0f7692f6ff5f6f7bee0cf0762cd423454821fb4bb19c32e94e5233df6c3a48811899d8a1be0be619ef78192e5cc0d4020bd3916e241dc5b9e2367cd09b3291e0500d139a28df2ba45cfcfc0daa5a1b0706e672585341165661651c821648282f08a545a8fb53d5293010c6cbaf2be581b6530c77de34b40905e578d6cffffa87a023afde135bcc9d4117707d33cf57c2e71d64c3e23ef718cd888ac414aadf111e243d571f8f37fb71601ad6888a4e4e77d9c1a226ee76eaa5483b61e7ad53059aee58b058ba1b925c7720941fcc11e4be0512fa8dc6abf94f85bdf01a8bc1ff73899271aa7e551529192c9a12f6b22a99abb7f12985de34b62d9a55b08a6f7ecfd1b88d755f9065b17fffbaad2cfb40ea454676b687d7dff06e8a1eda1b68fb94ce95435f99e5d6aea6ceef339e7dd6dd80e8fc53dabb7b79da4a0f81a30cda3c3038b1d5115b23da8c218f1cf13fc926bfae8f12b55feacac5a2dacc887bad94aa0d841f8a5523def3dbb9f32a2ebb8c3c479f2e63f8b244a8ec2f4734afd5131c9f8835cd4bd6c08197e026b1d2be62acbacf9ad010f524476b12cff6cc9b99a62c5cede0ad82e83a63c200f40adde2f084cb98801ae63d3383ed045be5cd545ae20d2c0053ec5664a262cbcf20e337c09859544b16e51bd34e0563559fa7db9d2faa683f67baabec69e2afdf96469a96909adb9d13c001f453636fc108239f9c7171bc59094eafdaa6e15cc121763462133a25206001f293b3b6ca4f1190017d9673542361ec5d0789568a6cf947e91961626e6e5d258ad72282dc9a9fa4b548c30dd591033c5ddf7d0d22f2b8877dab94b8a60d3bbb8acd48e39b809f4f3fb9b6adde72314de7cb4bdfaeefcdc3df8ff5bf204273a38602d347e43bbb375564de05ab148dd83a5dd738f01b46aba8a48ac395fb873e0d3d522322b89232bb8646e39ec6747df21055157ceb0dc3720c0e8f9e04370ee7f4cc8a0a3923138338a98"}, @NL80211_ATTR_IE_PROBE_RESP={0xc4, 0x7f, [@ext_channel_switch={0x3c, 0x4, {0x1, 0x3f, 0x68, 0x1}}, @random_vendor={0xdd, 0xb5, "0e857fc8c5071d4cb2886b5305111d95f48253336b07e9d7ee0a46ac7edb02a039885201cdadbfdbe1f700d513e98503343be96db4c8e8eafd6cc649d127bf440b2bc791337c372dc33cfa514681439f02cb1720b0793d24c6c7cc17b9b0bd0b383764ea77145898ec539506d49fc83a3c5c959f8353d979261786926291a183662ed2b7a77e60096c1898486207d35a65221bc61da15eb17db628264c345590619224a44f206d6621298c83e6121d0668007a2745"}, @challenge={0x10, 0x1, 0xbc}]}, @NL80211_ATTR_BEACON_TAIL={0xd, 0xf, [@challenge={0x10, 0x1, 0x72}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x3, 0xe, 0x2}}]}, @NL80211_ATTR_PROBE_RESP={0x64d, 0x91, "fa438f4af4fcad7c7f4182fedf3e3234667b8cef0b8cfe9189d7da6d9eb69bf52143564b97dc197498bc6160caf67af20789156b22ce19d4f0276e2206fa708b172985cc3a4ff93763034e9c5c8b3f9df27e38b73daff5e6aa8b41faa13394e085dbf930e8cfce676c71b25de9fc7289b2912740f6cd4bed053a1bac8addbeda76378930713621666a8f483857a921ae11681b254c5c1def6558cf27593f0d9820eb908a5da8c605e3a88485580ef3142352236c2f71af984a0a792af3935b86482e45fc47bf3c731b3a63ba4096cd7dea17616c7d18b3c36c2d392ede72f81805b9474632e80aa0c5d20bcaa2f030257efb3a1b172a917e3dbca3c890a8f84a9f16bbc6822733eb0508d86be28d60b92fb6f704a141dd072ec71e05a4bcb1c1351be6467a533838f0414aba4173d9cd21ab668203fc4b536000034182cf48d1c0b7654d8ce2b612b434975ca253c2102fa95bbd00c4e7fb2e3d98fe0c9d7d702c9057fabd4bdbf903ab21de1695eaba0beb480a9e63ba89b97af63226ae038fd564199394fbdf6883f9bd6ee0f5e5a8b26542d0ddef122407a3189a392456e08af3601cfb6046a2f39993b8950e08f6831e5756d32fd08649efd44c178b8b2b41e68e1dbd75f3f3384cd5904ba30d99aa0ff512140170fa7f5372c7a4b8ab2616d66af67252b87cfea889cecd61c6d1912bd0cdd99479ab242b01de824a6e912eea13d363793165d9a2debe8fae4a56fb1dcce4ecce5c887c679bfd0f32aece2051e083878754fa0d96c8992dea923f810573140490b836870337665d2d3acb1449c7f5a8a451e4e34a14f77cd18161b049408d2585e397b1e7b5f788dd3ebd54bef44fbaad40663db13c773c3fd1e4ebb8806387bbdc64d0de19bf94b18a0cfe6136e0e7b8d752451bdac129a0a00b18ebd03c61adcfcf90f11cc3685081fcd137327c1fd72775275540742679c1495ec2aa9ecbf146f12e349435ec29ee8ed27d4e4025a2973cf7fc4cbd4889153dbd692784eb0962f82d53f95f6e0a7e83d0344066493568da89c88cc970c567bd8f32fcb75390411ed4cdcfe30edbfae6bd21b62e759f995c54a8b159ec765e92e35156424413127b6f53ccd252eb349285411914a3294277c3df21db94ddb098e582bd5e9c3b4ac02746c4a60c250298f8c84ba6fc0f307e0992ceda568d52b8c64e64de1f3a238ea18613a5a0741c21786c10c2b45871e8a089529884e9976e734bc2969197b46f2e5bb6e034ee0107ffd1fefab6c0f3cda61b995a336d7facb864e33adc320b3752495c5d91717260c27e395d1e18c08403284dbf162b61b0a62cf4324007d256b2bf544d11a3e9eddab6bd68e9a7ea4a9d4f13aacad6e4f97a1a88eca4df2b50b6ee2e736b4c19eba2d7fcbc80ca72e5f2ebc2d95453b230e913041d565b596f7ea163c6eec7a5f1b0ef4ef7179a3235b8688664f117d17e041577895e4526e34c28f5c8e577a19f79726f14b838064bc844e418765f85dfa27a542e151323c2cb35a6c5943f03c66e4f7830b054b74969b1159207d2f793c4c996243a76bb54aa0a705124c51f80a3da21c758509ffc318045a354eaca173e4450fd9110e1ed503b8662ca32b7b7bf54ce4a1de591c206f6f4e4cac72d820c73e6038b6ef77bd0dd82f6876d3893f57f5a8cdf2e17ef826740d82f12d322aa020c5ee302b0716bb91fd69c55e8b66e9a7cafdf816e0f07ef37918ce388d5a55a194424c60bbb29b60fa85c55e3e25bb1fb6fa47b32716b91af57130b5732d773135d6a509902d60faf2b2ad55084681b8f24f47ed081c5be16893faf1104b35b8e1ae85e8b61694c9d728edfa6a3fb53559d2cf5811ddf99e53e52fbb55f08a1f75a1d1a31349ec1a45222f4e35613e2e19d647eeeac8a58ff178bfbfc92f96a06ccc0f2738c163895236d01b9b4b57af80bc4d4d30ffd5b635dc7825802d2fa1d66da6bcc0f50fe52978f887d4f585859f426d488a4cc71171a407acb9c397cb26b8568a5b909cb9d010acd5f264a5819e313bbed000d9fb8d884da26ffe2595e79c603bdb875960ce14d4b344b8fbbc5c1b754eb50fbbe51a4bf33c35c0131300d4693f09d6bbecf6b7f8dea87a7a455cf051793b2d6c2114215db019b473eecd7a2b0b385bac8ee41c9856c1ab010d032762ad49c2a24cec5568c86f6b05d4dcf2bc7d48341190c272d299debba71c378c2d2a829b07df6684873d920be8340fa7d5846380b0e0c518a6be65836055d772590002420"}], @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @beacon=[@NL80211_ATTR_IE_ASSOC_RESP={0x24, 0x80, [@mic={0x8c, 0x18, {0x55f, "67f3272bf59c", @long="80beca2c035751eab81f38f22449d569"}}, @challenge={0x10, 0x1, 0xdd}, @sec_chan_ofs={0x3e, 0x1, 0x6}]}, @NL80211_ATTR_FTM_RESPONDER={0x1300, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x45, 0x3, "39ecb2ad62c03db10e6b1e5da4d3026023f0e07c5459ce10970a7ef0dc9ea35bcada0321b6ca6600ee38bb3a60cb17627290dfb856d198413b8c82211cd776eb82"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xdc, 0x3, "56f69460a39a33ad10f7fb8da8e13efc93648f58b999b04e6ff61ba1cbcb06b99f36ecfba11e549ca8171cbd6fb335269b40564afa6a1b3e42f4912d0c2c519ad7dc7279ab980bb5fe4346d3b5e73ece8dd1dfbf2553bd2c5634d1b9f3e475afc9b2cabb661f5de29ebecc4962c7c8be93d633cf8cc6cef6588ee7f83cf5b6ca3fb22b64775e9df034a00811624a7cf3549177920e2c67e1e27b121fca304dd30897b81e3077448ac82b736c9c2df0d0165556f88638bdd96a7c01ac4aebedf6f721abd98bc2a757d63aa4f27f6d5433c9c7470042caa68d"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x45, 0x3, "282cdd0df36edbb85ef7a62dc4f76afc21977550ec8b52c9e94867bbcbe9d4df2b5a3c0eada49d6196a21324ff623b00b698915fc13161ad6792d35a4f1470bb9c"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x1004, 0x3, "3e73d74e5150791b91cec37115cdf8ddee6988e737d2e27e2608207797fea7eeba9ede9b4425c23a53c04137439b42e42a26f63da6e89ca3bbffd1806494f0023b2ebec79d73bd9195952934847ab9fd2fa5c9fc4ece9c7cd8f19c5bbdfa0295e35355ec09eb35c867bc8b4d81cc378ca4873adbef11cb89241d251c050e6dfa579f4001a0ff52194788930b14a6c46fbbe32be3fe30d0e4c1bdf0f436b6f2f12c0de3a6d49402e543a9db63450fcac66af3930459820611e6617b5ebe64e5887d09264c8142a1403d2ce04c150017b7b02181c91b6fd4cd0aded72cc984025449de526832685258dc29c1ae1682e550f7a5d8dcffd7acc5fb3e68a7fd7d1ed635afc8b6c33bcc68ca89adc3071ff424d0e2cea12955722fe5f8ceb1aad00759a806cbfb77168b384fbe495c031920c3c63189614b15a1102d2b1638cba33edc17d836ed3833907de1b7923610bc4d89b38a9eb5e23f3e89974e356020801cd751cc4de1190c3d50b1ff8ddcb108f56db022954a7e36f86219029468c0fa77d09859867e22c3c7b3c7f2abf7fbc433c1b883f574d359f3378ff65245d6d00ce4cc9e81e9af489298ac8050c7280543b8c02365718eccd0f79c0ee98d8faa8628635a28340c6ae4518dd9b50dd5517311ef5feca25ea00cd18d1134780433318ffc3beaac3c880c01bedaf52c82c10b3b122349ce6adfb33d46d320e359ef0da7f74e7b1281f2561a192e0730eefec0e97cc266de54ad280d91f767bab675fbac83c788fc6621bf6e517c6d1f9e3623d142f16e87c761eb6b63aafa580aa8b6815a6844ae61ae50a1c7c6bd76f9fd04ec44aaab913c4ca44c190db4333957ee8cfd8ad8ef055b5ad0585bc04a2d195d0a40dab384b4fb8a6358d17624db59f7b00b8fbdda6f40714b235b3ad70302dfa2f68e962c66be6682b399720f8becc76eef764b92e890eb88ccb92bd6c08fcd3c89969bcfb84cc46b8a49dc0ec22a9b270b15106f5dc39538b4285b6a5ac7372ab09e361745d8f3096eb3f5ba1b434ccab02f618ca2b0ba535a201c491fc9a3ec72271fe9dc0d6dcdbeafcf2be375b33848f5c91d626cc4f7e7213766f324b6779a8b52d49588033d7b958cc694d4863ef3a30ee721f5ed663972437dbbce2cacce0491a46b3aeec94d29a837a3a18b6caf9459a0f019b9c794255811daeff8ad27324544860e734cdf2f6dbaf418d33a9c0d606fcd09b56fd6c6d1bb532e7cbe6ecb2b0244778b40c8260d6b1b357206110cd52b9b3f34da22a22e7a3efb1cbde195f108ef11509e773a93067a42dff77a2d7bcf60f73b483946cf82ccd9767af98d2b2dd2261a82d7021a4b57dc661f08d777b4dbf59d756b18268d16b7984b49a15f8ea65526ae3a48901c64d198cf84371c58da0c8bbbfc19aaf17f4f04044ea5a434e695e74a4aac66f3192cae6f8bf310cf316fa5194e0f76f831272d735bae6757e933636005d0aec611794c1ad2c3bf5f3f79d9911731a2621708e5759de0466d882ec77b776eea48b1ec5d28e8b9b0ce2d773bada442562bf9afdc9d8ff863c380a357009ab509b201e796f0fca245c636dd288c7be7605cb8b40250fc03ebb41cf51646663e8188304edaff86f6c7912304e6dcbc3645aba23e06b5f77f949c8c86ab98841dfa3822f47d7626264352b640b3186434b08c037f2f24a126bfb81b05435456ee7a09daba657305d17d31892cf672dd984d4865b4e7a7f9bc5c2bb06659f647e13d01e60e67a3da067bcfce17a149097520941f43748e5d1b638216408f3f546f2835dd47bef47b99388cc5d21db40475832682e768380526c3c81cf6db30622a1d3823cc4e39896b1dc51b7f6b1789613b088e48a4fdb909da0537328348440cebbea564d295a5fe6de81d4381229b94b80a1254d9d05007a28cdb9a45fa5c746e39a0ace725935915c62f449b3f21d11cfcd6b75f317b4f77da4e391aa42208adf4303ff2f6f40beb0caa0a5b50b8aabb3c565dfaa904189b33cc12ce3405656de94c2dabb649512084b6464e40bedc2ed4271ba1a4a96b6ac960298c9248d2efa4a5d6b9cb3102968cc1d1741a1b27a9cd375779d33e30d3c1a9146dbe99ea04687ed7bbf8b3cfe8f86be5407c98755c7bfd03cb4938cc0f6be01fb618839c7b9bd7ff3befbcd9eac4795189c98524f2f50e53c2b782a6c60ab3df54f5b71fc1da03e807710f7ddb9fbeb96b464889b734f0bb1897dae9fac31b412da660197d9fda26182834d562b412c3ee7f61eefd6b0eaa69213a4932537e058eccce0287d136c0c464c360d6d4fc81b39309d36ca060ce2043d3fab0fff993a5a00fd0982d7522d232f43baeb65428ca31d5c56ac5fc15b48fd63a78733a7285d2bfa3f26c29b486e262b4e6c8ab07bf73765c91669829ca3baead14a0270d46e9f5c78e2fbcbe0b9e47ee32a1a689b6087aa82ea859a827b6ce1db7b381d817da589dafda1c125600ca06c2f7c68ff129f4de96a6a7848cb277476c757e167dc49993ad7e6f7b7af16f7c1ec6ab93371b4d33297e1b0623dc157b9206c9bda6dfb7ff2dccaf74c7c789ffd74f37a951328d0467268fea8f002e6ca88c0518afb227858a9e42585ef39e56b8c8dabc8a371b80ae9ce34eb57643985879f5a10242ef8a24dbb2cc9ee4ba73d6f7269cba9341512909b99ff9ca8b8629f2cad7b116be260c906dae07a9aff0c0cc7e65aa2e014ad926761a208b3ccf40e6e9d7700e3ec184102acfaa598e432396b7bc94216677ae05c10284d6ea0541c162f1011ce7e5953212804e5d94c47344e5c34d67ba12c364e71bf086edbfc880dac12dd910289d5fe74b9e1bc2ba2962bddd29d08413da063816bb5a18653a8e0994c4f78f62c8e3d3533ad60397cb22bbcd563ba1c767d49a1120245dda467ff037267fed3cd8cf55d5d154dfac0753d73dd7c20661cd6524294706f75dc18064a468ea1d916ce5fe4ae243d01764147145954727840088a20da297bfaec199e891d50ed4961c859c1e3e714f2e5cd2cb7f6a8867e17f332e7484208a817d89d67a9171b2032b2cf2c01109476625e8ac361df99f765afc4b8546e292a9b3db0dac0c0b487feab34c8e4254619e8452a9d857d2fd3b2c92ba93f1e5a3c097a29c46896223ed49e4c685674837c1d93d4316850aef5486f60132c3215845c36dd78b635c3853403987b94ee5c19c761da8a5f2039f7bee99749cdb74563b2e64d443afe874778004bbbef91e0ffe2ee595c8083b5321c8610c9e8ee9841838f33002b64c032ff72493a5af67128f7bec08a73fa1271ce531777c8ba071965f892cef182f60b63be9777b29110cba54881055ce5dc9b438146a8afc598a3c8ce32aee0a2edad4026f031dff1214de746c2d1fac2242fe15378bbffb54ede134258f725e228895ae2fa7f63b0d2062d1b53228ad1f751929ba1682c14075f0f22a015be8457f2a159d55aa79e4394b718e9798e4278cf61cce02010486ecb9187af4ac1a465d2117de5f5877ab5879b8bd3e56d9cbb44cf70283bf4ff2ce61b3a415f42d4331fbe4f3a508dc7212181142d382b965a71179b653a7458ab4028360f419b430c4238b18691ff569b77ad2e5216964165f227c42064095e32451c090d797e4f020e853dbe15bfc23adf75c1db67d6a715ec694de40832c9d26db1056ad368150c9c47bcc7d16974e5a9bf91d6655c09d433bbc740033d6427747485d1dd54d5dbf91970b67a56100f1565f48b0812aabf642a99d8024415dec5a5d65a4549f9a5f1acd6a0c5d14db00f4350c636634658355fad258effc336ae1e336599b12cbb0e2ff2805f8c59257d904647096a310c97fb3b7abf7423893fbe55a206da7b8bea87bb8ed407354b4488be3f95f348227dd544653e379022dd6028f38d0c88bcedf79eac395c89758f44a60da32eecdb98cf83079ebeb6e1bc6f31fefdf8d02e592c4c64596fba62939542c384cebb26cf0b645ab5a05992a4f1c6e2babcc8804a90742c76d88cca4fd8f03a75ca2d444a6df540da57c5468706534a81adaa2c49f001b988e68ee3a9df8b9fca03920cbb75ef068598aed8a8800ce60163d3414c43f7732fa52e540a52cde262510a07f88f3a4aaf68ee518294a904b66cd2ddaed663c42308b54ec6846660ce4f5c7b6444c45e798fe8672607e62fc7b96951bbf3f724d820108edbf69f48b27f8dc7fe9f769b2015250cee4bc2f537ac57ee5ccefb7d4aa09561607671279cc8fe9b7d4df0778e9946036e96e1b565781bc17d50cfc3c8ef09964fe8b35b7e5ef3ea5f89a8f6c84d53d874b1f4bbbc2786ef8ce294edaf2d025ba8d558bb8d30719f80160c7c84a1ce86042b348d9539249d383ce159e23065e12e30c5bc4057680d5fcac8a011760572e58a2a4f8d49fd3d0299a845dea188f6d7ab338b6628081b33d5654c3de191df0bdfdedd2b1d1fd4356d0c80f5ec342685c6e2237c52d9d57910645b7c8de7637003603750a153189d363d5ffa6193bdd7547010eb5d72cf46ecba7c06fcdb22ffcbff49c8d34bf8c3210ca5b7ee759226b7ee5b7bc18d9d0d83340a523c4784f361c86c9d985b86d17f45e0f140243a72e2c6db07d25bbc18f696fdb1607f6b0746d0c661966ee04843fec648cc495556bf5d2828abd051111a865eb38c25b7b4835e5d1cab1a020a5209f8732162c178caf8fe25fd342edab86d4451c2b63209fe775f85f8cc6c174ba4e083b9fd131ec26aca70dd5ba2628ca21f8172533341572442b8d9044604ee66f20caafb94b78b97cd7e7a2595fc859136f495834556199a2184465651478049cebbf85435644ea3539be633eedfa9c7b2314f7ed9184ca9acd034d32475ed3ceb340958374c603de6018df5ad86827717a7cfb81ac43aaf01ce8589bcbf58a6435295d084f28b5bb95d6aeff76eb227923e56c71e22239dffcf5f12d9e0f4f663af809051e7c1442acda79054061bb9f559dfa1b6df2be78d37eaaffa828cbaca0676af45ff7da7af05ce01d3351ca2684631336f5d3cef14d1920d8c45184f5e8ec41af1ae43cc00dc9a63089170ed3a1d983e511d4bc030aa7ddb80edd635b7f4f72426b87b161418849439aa17b32389d9cd5bba0087c0429c9ec8f332506b0e9b18a32c04b2a2a1bcb363dfadd52f4f50837046bc4743f4f559a28891633063f6e13c2aaed51761f5e5e677540cce708a7e5850a8dc388cc0737c2bc0f3b9e29730ad19edf8f9f4384232ef3e9d5e51397c3dc166bfcb2ffebaf8372ec855b920b69fb607c61539c6a0cd921494d424f464dc54c15886c67d3f15646b331d8e628d4cd504571a4299348bea455072e186f400555808a4dc10b02d8a336ba466ed9d791b4f3cc2dabaa9f6e74cf8c1c6e1999f11eec7608251b6d4f441b25a56bbc35a273b985ae66f2f0b0f8912a19ad6591e6376b0699938214477e761ee8a31d2b143e416c802f629f47784d3e71874623b6d894187ba8774dc8da8de0bffc32f241b0728a07c12edbfe3899113e72442cd267a51cf5dbbcebdb5d9a65850b221fc3b4faa6d412924346ae5d5c5031a38eb2a920e6b102e61fd222c3480886d9d9d2abb735d05d862e5f8cde0752c45da71f43e30b1c3088e471146209a095cce33b959342e355594b77dc865cceb3c661cb950294a5b8027e84ddbd340cc8929d92b0814f47d0a5c1ebf3c2d746d0d4ba5998eb1275f25cdaa792720848c49ce3070933e0a32c1be36b0014b03642f0861b3ba510b586477694f9d905b5797669"}, @NL80211_FTM_RESP_ATTR_LCI={0xba, 0x2, "24925871bd3f0b11dc9e58db53b57b9f939100005fcb2222b2840dfb7918e01398c275021ecbbbe2bf8a1dd3b615ea2b2f0bc71325eda5db7ba51b905384745cc6aa9e92001243d33328c60fa2bfa3279af32d822d81fe7f225f110f28b2e69b0c4603ea313b3f08f133f47fb7044eb2cba020a90addacc3730e16640b616efa4681c14e55fbe5a55c9479da27bb5e9a4a166185928ff0044e90686b6e0d26e866c5de4e6757ffa8ccd14eff0ad29238ef81d48e108c"}, @NL80211_FTM_RESP_ATTR_LCI={0xbc, 0x2, "e778b403166af3c4aaa53cb4ae18a72073091b4e07677efb2e6101b9daa55939288a56f9158acd9067581cdf8778fa7205e6e08edc9f5658856f4341acebe6979cf8ac1f922098de461c54fcc73cb5d82f47e920a87bd90ca3962534e6aaef9d4df7df0ee8513555088ee49163b7d98e86c7d9eb167066abbc643a95ba503f119fe4c095ca9e7f969f415bbf756cc307075ba98fc916eebab8a57dff08d59c7f95502596174becbead462e631008967d15c24568b053c47a"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x9, 0x3, "7135ec3834"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x18, 0x80, [@challenge={0x10, 0x1, 0xc7}, @gcr_ga={0xbd, 0x6, @broadcast}, @chsw_timing={0x68, 0x4, {0x4, 0xffff}}, @challenge={0x10, 0x1, 0x30}]}, @NL80211_ATTR_BEACON_TAIL={0x67, 0xf, [@supported_rates={0x1, 0x8, [{0x60, 0x1}, {0x6c}, {0x5, 0x1}, {0x6c, 0x1}, {0x24, 0x1}, {0x1b}, {0x16}, {0xc}]}, @preq={0x82, 0x57, @ext={{0x1, 0x1, 0x1}, 0x7, 0x9b, 0x1, @broadcast, 0xfffffffe, @device_b, 0x3ff, 0x20, 0x5, [{{0x1, 0x0, 0x1}, @device_b, 0x40}, {{0x1, 0x0, 0x1}, @device_a, 0x4}, {{0x1}, @device_a, 0x5}, {{}, @broadcast, 0x5}, {{}, @device_b, 0x1}]}}]}, @NL80211_ATTR_PROBE_RESP={0x355, 0x91, "46c3fc9ee751d8284ad76363bc18263f5a8d57df9702bb3a2ff1e3d090e7a25b6172e82c405dace8ab09551780a3cc7c7c94502494413121c06dfff428d82b55b4f3f45355bc0f3d4ef490b0c59bde3a0f9825324ee2dd3e8e0d93c21ce537e1b3f25787ab075beb1ab4dfb1b8deec86ecf38574f0c96557496a2d20a4bcd5068799b0bab912c2176047212bbbaee28d6a5091ea93af2f6862e046c71991dba9fb4f0892ff417b604143c51ef6618f9cfde4a4409f47796b6506bbffc5b5204b017930d9f870ddc7f350b7d09526d9f6eaa0355316016d28ddce74fc29a33ddd75ef51820ede1043e57375b949fb2e2b421ff89e058dfffee6141ed80b5d6d53d96e61cc98c2ad8ad76fe1ec4e90d213488159b6ee2762780c0b6c2e013baec680b64dcd4c5b09c295d981ace67ea15a01df72f101dcdc4239d1a06d626c6179c2aaf8602d2abe47e406d6af48ed52336e944f2858c6f1fb7682a4e2c3df08c6b6738a0c5c358c5ac598f3dbd1773466f6ab0aef25f0f3c11a974155fb07d98257ee29b596e8d7edbb324d0161c83589f2e9ba78493f5b68f6466c9c60ebe1ceee29905d64c6dbce01dd7b6ab1a648e95b26659613c3a0d1a4a8e54285eabe921d2343053b8984bdb01fe5998664e6bb53ee62f39c06fd92b02f8a922511048e4a0eaad8ca97ea996b8f7d121327fa4f3159d7ebddfa1537bafc02584db8971116a819e6de4968afc0d04f0768ef05cba42cefd6375acf1cb3cc65b16ebf0b2e06efab748c7a0c84cd7613788d98944a1b3c88750560f99317a6a7a3ce6e2a9b1eb8391052b3cb1152298ac786aeb7eb492c8be07f313b543dbae400d59ed099f76a32377a31ef3cd2d9e661faea1e63540d53220e1870bc4ca86983c373d395d8dfd74b4cd2d99fca70afc2f8c7835517a713bef7c70a985bba2675d98c1dea7de73d1035597da95d87f632383f25f066135bde3f420469db94a0974fe888fbdbb3ae109d6fafba85845a9e207171aa86a39833cfa1e1cd28de408a555c6a6d5404a91c055f1e5edad15a4640079e6ededcf83d87faff4c79b25797a3efd1f59f39ecd62c585b567b801af9b9dc5494f6bae9b92e57b4cdb67cd015bd893a0645d406e8461521c26d6b9dfad848b5f5ce3b42c176f9a3ea5241733d1ccb760a3a6dbf965316a4df078d60f19ffc9a6dba"}]]}, 0x2268}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@data_frame={@qos_ht={{{@type00={{0x0, 0x2, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x8}, @device_a, @device_b, @from_mac=@device_b, {0x2, 0x5}}, {0x7, 0x1, 0x0, 0x0, 0x9}}, {@type01={{0x0, 0x2, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1}, {0xce}, @device_b, @random="5fae58cb1a3a", @random="f74231dc4d64", {0xb, 0x2}}, {0x3, 0x1, 0x2, 0x1, 0x9}}}, @ver_80211n={0x0, 0x4, 0x2, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1}}, @a_msdu=[{@device_a, @device_a, 0xe3, "f005d27a3d7d04d0291a1fae6ac105f3f719f3882bc0ca617eb51d089ace66db53980896975ca01cfeba2b8cc6c4b2000b29edfdf1b68f4f90697f8aca8f7e112c11c348283a86734fbeae401dc768e53054f5f16aefbb81e002e844548cfcb5ec7849b77aa9dfecb8996c2466cf77a5dc253f9f0e47310092e96dfde92fc2b86f108f201c7af1e70d73a082e2abc09b3f84297c0b162d7284269dc92291041387807fceec282b8ba9baa603701701e56962ca072b63a30c74415c1594c72536ad52a17c21b2e9a4a14d2ac523eaffa6278ee91249164edd0ede402b707c2413024e34"}]}, 0x12c) syz_80211_inject_frame(&(0x7f0000000240)=@broadcast, &(0x7f0000000280)=@ctrl_frame=@cts={{}, {0x6}, @device_b}, 0xa) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @void}, 0x1a) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_request={@wo_ht={{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x3}, @device_a, @device_a, @initial, {0x4}}, @void, @void, @val={0x3, 0x1, 0xe}, @val={0x2d, 0x1a, {0x1, 0x0, 0x0, 0x0, {0x3, 0x1ffd, 0x0, 0xf9, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x400, 0x16, 0x4}}, @val={0x72, 0x6}, [{0xdd, 0x54, "17e40a5e56d3993cfe6af305c2a55973555608b73232b38a298ff21693150e55f27db6719d424f95555798b432d0916081012b6bd43f40881cac59161d55ff51fc75366adf213f4d8b2990ac0a16f0b30f669c28"}]}, 0x95) 00:33:00 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:00 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:00 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3028.942994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.946009] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.948364] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3028.958572] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:00 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3028.971601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:00 executing program 1: semctl$IPC_RMID(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200000000f71a69a200000000000c005050"], 0x1a) 00:33:00 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3029.059314] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:00 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:00 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x10, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200000000f71a69a200000000000c005050"], 0x1a) 00:33:13 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x10, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x10, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3041.828064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:13 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) dup(r1) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:13 executing program 1: syz_80211_inject_frame(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200000000f71a69a200000000000c005050"], 0x1a) [ 3042.221634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:26 executing program 1: syz_80211_inject_frame(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200000000f71a69a200000000000c005050"], 0x1a) 00:33:26 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:26 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:26 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:26 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:26 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:26 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r0) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:26 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3055.320242] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:27 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:27 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:27 executing program 1: syz_80211_inject_frame(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200000000f71a69a200000000000c005050"], 0x1a) 00:33:27 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:27 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:27 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r0) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:27 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3055.839875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:27 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:27 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x1a) 00:33:40 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r0) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 5: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080)=@device_b, &(0x7f00000000c0)=@mgmt_frame=@deauth={@wo_ht={{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7f01}, @device_b, @device_b, @random='Y`:M\t9', {0x9, 0xa8}}, 0x2, @void}, 0x1a) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000100)=@mgmt_frame=@action={@wo_ht={{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x47eb}, @device_a, @broadcast, @initial, {0xd, 0x20}}, @tdls_setup_req={0xc, 0x0, "", 0x8, @val=0x22, @void, @val={0x2d, 0x1a, {0x300, 0x3, 0x0, 0x0, {0x3f, 0xf1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x800, 0x5, 0x3b}}, @val={0x65, 0x12, {@initial, @device_b, @broadcast}}}}, 0x4d) 00:33:40 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3068.772199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3068.803405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3068.809810] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3068.821017] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:40 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:40 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x1a) 00:33:40 executing program 5: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080)=@device_b, &(0x7f00000000c0)=@mgmt_frame=@deauth={@wo_ht={{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7f01}, @device_b, @device_b, @random='Y`:M\t9', {0x9, 0xa8}}, 0x2, @void}, 0x1a) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000100)=@mgmt_frame=@action={@wo_ht={{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x47eb}, @device_a, @broadcast, @initial, {0xd, 0x20}}, @tdls_setup_req={0xc, 0x0, "", 0x8, @val=0x22, @void, @val={0x2d, 0x1a, {0x300, 0x3, 0x0, 0x0, {0x3f, 0xf1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x800, 0x5, 0x3b}}, @val={0x65, 0x12, {@initial, @device_b, @broadcast}}}}, 0x4d) 00:33:40 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3069.289317] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3069.331635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:40 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3069.360314] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3069.375373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:41 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x1a) [ 3082.839917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3082.844233] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3082.847490] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:54 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 5: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080)=@device_b, &(0x7f00000000c0)=@mgmt_frame=@deauth={@wo_ht={{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7f01}, @device_b, @device_b, @random='Y`:M\t9', {0x9, 0xa8}}, 0x2, @void}, 0x1a) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000100)=@mgmt_frame=@action={@wo_ht={{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x47eb}, @device_a, @broadcast, @initial, {0xd, 0x20}}, @tdls_setup_req={0xc, 0x0, "", 0x8, @val=0x22, @void, @val={0x2d, 0x1a, {0x300, 0x3, 0x0, 0x0, {0x3f, 0xf1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x800, 0x5, 0x3b}}, @val={0x65, 0x12, {@initial, @device_b, @broadcast}}}}, 0x4d) [ 3082.868793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:33:54 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) dup(r1) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) dup(r1) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:33:54 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:09 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000100)=ANY=[@ANYBLOB="18110800505050505050080211000000ffffffffffff5000ffffffffffff0802110000003800afc8da3c9703714b5d743f6d10e102b69d40e7155e57ef9f2a9df06c326e9c00f5ce91a0d290054b60e108561333c9a6e6cb00000802ff000000080211000001150051da77bd6f012393e7f9281e88dcb613c85560b22f00"], 0x84) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$setstatus(r1, 0x4, 0x2c00) 00:34:09 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:09 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:09 executing program 5: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:09 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[], 0x1a) 00:34:09 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:09 executing program 0: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@ctrl_frame=@ack={{}, {0x2d0c}}, 0xa) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @void}, 0x1a) syz_80211_inject_frame(&(0x7f0000000140)=@broadcast, &(0x7f0000000180)=@mgmt_frame=@action_no_ack={@with_ht={{{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {}, @device_b, @device_a, @initial, {0x3, 0xda3}}, @ver_80211n={0x0, 0x80, 0x1, 0x3, 0x0, 0x0, 0x1}}, @tdls_chsw_resp={0xc, 0x6, {0x4a, {0x65, 0x12, {@random="acfd5f13fea4", @device_b}}, {0x68, 0x4, {0xad9, 0x5}}}}}, 0x3a) 00:34:09 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3097.718824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:09 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3097.726108] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3097.731632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3097.735189] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3097.803937] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 00:34:09 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) [ 3097.822840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3097.842073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3097.851541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3097.859056] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:09 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) 00:34:09 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3108.229219] Bluetooth: hci0: command 0x0406 tx timeout 00:34:26 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) 00:34:26 executing program 0: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@ctrl_frame=@ack={{}, {0x2d0c}}, 0xa) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @void}, 0x1a) syz_80211_inject_frame(&(0x7f0000000140)=@broadcast, &(0x7f0000000180)=@mgmt_frame=@action_no_ack={@with_ht={{{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {}, @device_b, @device_a, @initial, {0x3, 0xda3}}, @ver_80211n={0x0, 0x80, 0x1, 0x3, 0x0, 0x0, 0x1}}, @tdls_chsw_resp={0xc, 0x6, {0x4a, {0x65, 0x12, {@random="acfd5f13fea4", @device_b}}, {0x68, 0x4, {0xad9, 0x5}}}}}, 0x3a) 00:34:26 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000100)=ANY=[@ANYBLOB="18110800505050505050080211000000ffffffffffff5000ffffffffffff0802110000003800afc8da3c9703714b5d743f6d10e102b69d40e7155e57ef9f2a9df06c326e9c00f5ce91a0d290054b60e108561333c9a6e6cb00000802ff000000080211000001150051da77bd6f012393e7f9281e88dcb613c85560b22f00"], 0x84) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$setstatus(r1, 0x4, 0x2c00) 00:34:26 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:26 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(0xffffffffffffffff) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:26 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:26 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[], 0x1a) 00:34:26 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3115.130412] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3115.143292] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.151070] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.155731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.156303] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.162075] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.176024] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3115.177603] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.193348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:26 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:26 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:26 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(0xffffffffffffffff) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 3: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000100)=ANY=[@ANYBLOB="18110800505050505050080211000000ffffffffffff5000ffffffffffff0802110000003800afc8da3c9703714b5d743f6d10e102b69d40e7155e57ef9f2a9df06c326e9c00f5ce91a0d290054b60e108561333c9a6e6cb00000802ff000000080211000001150051da77bd6f012393e7f9281e88dcb613c85560b22f00"], 0x84) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$setstatus(r1, 0x4, 0x2c00) 00:34:27 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[], 0x1a) 00:34:27 executing program 0: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@ctrl_frame=@ack={{}, {0x2d0c}}, 0xa) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @void}, 0x1a) syz_80211_inject_frame(&(0x7f0000000140)=@broadcast, &(0x7f0000000180)=@mgmt_frame=@action_no_ack={@with_ht={{{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {}, @device_b, @device_a, @initial, {0x3, 0xda3}}, @ver_80211n={0x0, 0x80, 0x1, 0x3, 0x0, 0x0, 0x1}}, @tdls_chsw_resp={0xc, 0x6, {0x4a, {0x65, 0x12, {@random="acfd5f13fea4", @device_b}}, {0x68, 0x4, {0xad9, 0x5}}}}}, 0x3a) [ 3115.567731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.572696] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.588784] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.591979] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3115.593711] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.595657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3115.597978] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3115.606984] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:27 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3115.626498] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:27 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:27 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x1a) 00:34:43 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080), &(0x7f0000000440)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0x8}, {0x1}, @device_b, @random="3a1095db5409", @broadcast, {0xb, 0x7}}, {0xf, 0x0, 0x1, 0x0, 0xff}}, {@type01={{0x0, 0x2, 0xf, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x20}, @device_b, @initial, @initial, {0x2}}, {0x6, 0x0, 0x1, 0x1, 0x12}}}, @random="688c2cdda6f0bcd2d03df5f658aeafdd4cdc8f3e2f9912f714a4440015504e58589c35b9ff7c264fc02a20e9518265df15a8c6d20a60be8e1c8d73e39fa8088058052a29b01f7778aa18aed047d80102e499e0dc3532ff1e6371a1421e78411daeecbe716f4829f472d29a35600aed16991a58f5bb6a13f3ec25110f7f0ecc00261df0f1a9b58aa4619003eb6acd0a2f3fb978fbe3a69d0f6a74bb9b5575f7be0a76581c0f2d21988c6e9162376fd82c62085279e375571ce5468cbc10e6f4e63be5ab3689b221f8035f3d8524c3dd4f5fd32cb280f2e3cec84a2da10d6d39347e62c06c97be5e117157e3d8880e844116ad29ab0d621f681b4335adf83111c83c45343add71f6676724971adfb54cbd485b5ffeb4c31d3b449396fb18315ac00a49a7ac3cc3ea84ea8f14c21b435a3f2bfa99a2d0819de231689603e0cd23af199eec28208da0d6f4cb5458906d373ddd9ac7a54b1f2c5a10e1b7a1fda7f79f5b709fad49cefac29a5dadbe543dce5f3c39326941b4294feab54595325a5926e358b7451d74978afc0319bce71d48e2c4be28a9cd0e4e938f9c9e2f22935854a3c9f393a53139d1125e78ffa7ddbe9f4605a5a409082582ecf9453b5124319dd43973b97e8d0508624d582fe0979e4eb0ef1dc6509ca409a31be25f10cf84339f88d851efbb0279a91d54cd5acae9a9d183254032ed7fcbea67425e87301aa65fd2917145e14552d2cce167318ca0da22ed06709e70da15bb7dfda495309b5e72130664bd5d346c84c086c077bfb4a47c2a6566387e09a763e93d0f39a0b97e9a1d0da9b90648a726e993c61b2f63e954de5bd2baf4f53a7b272256ff9f91a0ca09776d9608f1fd9805d70f4fac85447beaaecf475cc60f66de5ec30ea39527fb71f331e56703ea790b9f9618973a6fcea92ac1a6db03b41870e7b965ef9da1e8efe7d8c84586f9ac3e6ce50823953cee84a629c6a44f9d43b4a19677e9fa6d8b047714ec32fd9854872fa6463f3bcbb72d2f2f239181f22d735dd83ead97c56ca1e0c77cdb40069aa7074d2d1bffc4ec1884bbf78dca6ced65b8aa435188f32029a0346d53850b3a7bc97ace5f5c7caeb24c74e79cfe2a995e88f14d2672dbc0cd249022bf68dd75f80222687380fb329ec68656a02bfdb7b261942eb1f333063d97fc25978f7afe46c2c61dbee2d02bc4c91b0bd96f64ea5c978cf72cf89f2f89193944b05c5c5e1342020b4c5ddafb29072b31b44436902f00f040a96d8f8d2396eb9231e0b09e7ba1790668e2c1219514c3b383493452100e7f643c46540ebad14b4f46b1f7806cc878269c2d7b3caf9533f8f5a096da63df6a8d00c3f0ac8e31eff8c167e9faf072f6d4454836a7be6db9c91682e84e991d6101a0651e236f724ca3bb1c7ef6473045f6878f5c83944aaed5ca6ed0a238d629e0856fa28de0ab29ec315fddcb6564608702f0cef9c6cea93c93d572057fb71b9ffffd31b6216bca02eca46177f28e6889eb7523cadd94742cc7c90cf8585713f2eca61f830af0b6415819d51a0b7fbb5e175bc5b72b7dc9e9a5637ae241a549f6376441a2bc350efd502c4230ccc3c91897071a8d36f9b8a91ec617da5cb7d832a7abcfed018dc4896520c8f617f078aff54de9baf38acf699bd9439adc8bda1ac0e77ddf2e3fcdcafc2a701ee6d62aafc7259b336a8c8b3f44812d1fa3c2c818b83df784b31d2b3ceaf2389bb1732e1712443fdb5b5d794cbed1cec758b380996a6c44a89aef5320cc00fbf3ed3035f93b1034c84e311828a77034eedd0095359328784b6b6d13f35cc31b0e0f1edf4d76c15e26340972ce3ccea2916dfcdc49826f7cd371dbbadc392b2af93426fd5bdacbb55ee5508f5c83ded2d5d4cbcc1620b1e1c5aba510506dcd64b300a5852ef1b1923708c6e8430cc5063bd3b5c30de70b7bef575feb1d6fb19df6acbb73a952b413f4ef311cabfb7ac6a1b8be10f08b73c7e7b2c61c7812fc3c10dc7e1f4bb2a2dd6eb388e465b563d77b58ab1e29a329532652efb067f916d88a5ca2a999fc901241a8494aa7396014ccb572cd56a76755244ca4d1"}, 0x5f8) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000000c0)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0xb, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, {0xff}, @broadcast, @initial, @broadcast, {0x5, 0x9d3}}, {0x6, 0x1, 0x3, 0x0, 0x3f}}, {@type01={{0x0, 0x2, 0xc, 0x0, 0x1, 0x1, 0x1}, {0x20}, @broadcast, @initial, @initial, {0x8, 0x72}}, {0x3, 0x0, 0x1}}}, @a_msdu=[{@broadcast, @device_b, 0xc8, "69b8509e1ae253c1d4683916cb818ec0ae79e02390057a23d11590c9a74784248d30962572d27f32b6601a9eaf6cab29ff7dc30521e8882502735904e5eafaca02b4366fee3aa3e6473c08672967c0b97fdf2f2fd06e4b2946929ef4fe975aca65d46241decbef0bd7f1d76f12d32e9a2563c53b726a856d2891d6ad4b0511a2d5f283a0ce9b2380843147ab61f2fd65fd80191504e877e71dc8954a7a2b457d43381c600af350b043ae55642371b7fd0dba93a138b3100aaa7a79d9c09a09c95076d5ccf814611c"}, {@device_b, @broadcast, 0x90, "2a375c64418ec56ccfe00b40abed71dcbabf174f1a93c8336c06a6b732edd25421ca0930d07684aa9daaf41df47042b06c6c0c348af96a491a691d7212aa1f44e788d583c2355919235a8a34a13085e55a8ccea73cc36155d957ce9be5759a63c35a5dbfb9bb827e2d3e36b129cca55e4ce1c807d9343c38027f172eb8d1560ade032aa6de8767e6c66ff9146c7396d6"}, {@broadcast, @device_b, 0xab, "fd30e21def6691a5669b131110c29639accbd9594f6c52fb1855d0d03c9e4e1a3435966643367640fc3bfb797046c78960fd29d755b01e51030e485d75cba86e6aa7796ec4263d709a70906fa757d4e7ab7e847e6329d2de8060d45adee0464cd63e028e06ba174cad5c42cb01b76c4cf4298556e635bdfe2ebe480213220b71b47052cc1b5284c877bd669a40e96f4ab762ff78c177e7d6ed242457fbe4251b43bc8dfb18044c7cffd2d0"}, {@device_a, @device_b}, {@device_a, @device_b, 0xbc, "9f89cebaf95208325439f0f6cd02f979a6808f76208b6494fe8af2e788b2a5ae24f3d2d2d71c2c7e72c2590522d9ac112cfdcb1cfe945072f27a707d1a2d09f1d3a1fd6c168221bbe2a76ce2f67ca14a3a8844614e833f1865afc6e4adce8e355d41c17b226f0de397369ef22c5f1e9d598c06cd6c99c7c27bf93c1c111f561d1e8b46aacf44e126f64373fafdf94e38ccbe9ded27b82d760917f4abd79d3a15c4970ab8dc659908eb3a0d2c36288a4a748a3a1aa94d933402f40443"}]}, 0x344) syz_80211_inject_frame(&(0x7f0000000a40)=@broadcast, &(0x7f0000000a80)=@ctrl_frame=@cts={{}, {0x1f}, @broadcast}, 0xa) [ 3131.508059] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:43 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 3: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000000c0)=ANY=[@ANYBLOB="1817080008021100000008021100000000ffffffffffff080211000000ffffffffffff1100676eec582402333525c9930363d02291b8000802110000000802110000002a00a4d05e2179071796279dc0f9ef25d032f44b7801d4190519c154a67c35750f597adbbf3d6f9c8a29860afffffffffffffffffffffffe3100b319a3e9906c9f9c3dc5feb60441bd019c7ff2e1b61dbdc85a73a7846b3560b93409505df1b82f2147fc65af3ea57c27f200080211000000080211000001f5009467ef710cf1d226e85f6aca3c7f8a7de3fb140a358468e17fa41cd955cb73f91930a698e1fe3e33cf76b7469bd37b91e18f7e8b655ec1f58b1d054def03b37b3cf839d876c045803aaf5069b400491798571451aa256e5cc5ed41b18c8470094cd543ec249e7ad0f90bbc198a289f00da1f3ae22c1c5c97dbc3887b26d9c5e007be94637f6ddf6f5a9318450c9e28cd715d286aff8f4ff21b91be235042ca4ad270c10403ed224683fc3a8ed661b12b944b70d1591567f44c9062adf5c13d56e95a9cbbacf0b21a9a4e557c1ec8a0e3234dd79eda4b7fbb6977fdccfcba737d55ffefe8457bfd687c7cbf357b8a751c77ddd6aa1cdaeb43aa233500ffffff2332c683fc3767ad4674e94a8d7760b0a6d2f539ed1d62be84092eaf47ad000286c65099be21f141005839de903948066869a5d5a350eb951132220193624216991c499f9f6f16d926a9a751397d60eb3fc358bb18858a199db334c293b61e17d8c56f46763df4d37895aeb59da9aaa25dfb66ee7edde90ae33ab406633161ff1500000000"], 0x24e) syz_80211_inject_frame(&(0x7f0000000080)=@broadcast, &(0x7f0000001bc0)=@mgmt_frame=@assoc_req={@wo_ht={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1200}, @broadcast, @device_a, @random="60bcfcfaff7e", {0x3}}, 0x0, 0x200, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0xa, [{0x16, 0x1}]}, @val={0x2d, 0x1a, {0x20, 0x1, 0x0, 0x0, {0x80000000000, 0x1, 0x0, 0x301, 0x0, 0x1, 0x0, 0x1}, 0x300, 0xffff, 0x40}}, [{0xdd, 0x53, "29bd85176d3017f770004692dc359db3a008524c6ae69cd4c517cc26ce441dbf7ee0d32b472c25765d4085129e8dd036a995bbc08351acc25db5f83aca8ef3741d9c772b0d875fdb273db2b16b4dff05dd90f6"}, {0xdd, 0xaa, "16e285b9771de3fc415912a85528f3e22b706048eca5881b8b3f43501884bbbba0f6c2c6030d3ac0239ae17a3e7273dac9a9376d6c9008000000f1e555acb6545ff940b02775213c0bf7fa8ab51a9929ae5a8c4b558a256cd8a60433e608408d3802d51f025e732de4d9fee160eb3119950d8cd53f12cdf5d9f06cd89ddd16f63aa97057d22d9acdfb7770472b0d7ceda1c615e12ab40822b3ab17e670583e5e52a8efc57ba95e973664"}, {0xdd, 0x65, "a7919d0611e99ffec696bdc4b8b170744360524a973b905be10095b99b32bb5e8d1750b94804a9c9c2906656545251cc82f2ec86d6d2ced649a24e491a390117b346a4ce6551d60d18658fe4fa676e345a4c63d2bc6fe5547fa442edc2b5eed6ca03d7fadc"}, {0xdd, 0x2c, "cf5d73f5ec5a60b345ce90159efada95d7c34eef082f60c95792db28a5ed3bb85ade9dc1f2dc28a5bf267f5f"}, {0xdd, 0x49, "61017c382491196a703e9f6c696009a0afa177cb8521ac27e02cdb996d8137660cf9c8b5a942adc681ace52605ea84197ae2bc5893e48716f11ea1770aa9e2857ef2489f85628c5b16"}, {0xdd, 0x9d, "70018658ca2070d7db4a94f80eafcba0a23ffb25615efde3c0c1bc4c44b0e61251a287517898a0defeaf4156c3e8d47368436a2398660f1f21ffa1c508f3cc9568fc6fbaf1947f0e0d0551fd5c1fd55348de29f62b340a749485d506d446bd80a544130aad1b9a7f322dd7bd45dc1b7d42efa8aef5cd102185e1f254cf97bb9d2465afd5692b03c4eb3304cb2851d92f01b8629eaf7de655e3f633ed3c"}, {0xdd, 0x55, "301df147457c73971307d4552f0d74525a09791883e48055fa0178efc732905c28f4812b7ab3ad3f95d9895334ff31138a05d735ae360152f3c3d45e932e2ce077fe786fba430faa3b62b9cadbfce84b4fe8e6c672"}, {0xdd, 0x3d, "8187c7b38752668e1c92c46dc4c1436024411e2c51d83467b2abc2a9f3ac9bae494e245da1451d3831349e446a5243539076161ccef44d0f4e4be33878"}, {0xdd, 0xaa, "e9f5a9cc0bde82fd21c2d0b678228b7cf8c804d4ab103459ce6ad18fbc5007acf2e603335e4750efe8566afe353d02004d85f2aea3b25db3bb4fb46adddbb5687bdfb07665d67a228e2b8ea7748c8bd4d9375266972fea053560f60ab769c0bc5f1def625840a2137806612c603fe43da93647ff702ed5695803ecc791e7cabdb24d08eb0975b143b8abdf8731e97364506170ad491496631998dad6aa1ff59b014bc8601d38d62cf011"}]}, 0x405) syz_80211_inject_frame(&(0x7f0000001b40), &(0x7f0000001b80)=ANY=[@ANYBLOB="84000400080211100001ffffffffffff00203100"], 0x14) syz_80211_inject_frame(&(0x7f0000000740)=@broadcast, &(0x7f00000007c0)=@mgmt_frame=@auth={@with_ht={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0xff}, @device_b, @broadcast, @initial, {0x7, 0xfff}}, @ver_80211n={0x0, 0x6, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x0, 0x0, @void, [{0xdd, 0xe6, "8a2c8890fbb62104d31930dd26548b7f3f4ea7c1f6b71d9e9be874d373c45cbf5160cc07a95af0ddfc8111edbcb4e5ef2e754c42f2a2a2bcf5afea71139164a741ee0b5997b771427fbb4a6dccce7ad12802e762c00adba7d4c19299498521e084388420f718a5480bf79766288c56ea6ab2829f9ab3fc3a84822424e3243fa09c359eabf33dabbacd0f99f4ad23665a45b8c066ff91ea1b2c9cbc6a63da0d3a6caa34d59a2aa44d4a67fc545a3d19339d9cec4005cd704f3ace629708cf76463926f092c903eda73ba486e135a79f706a8ae14a1452babcaa490e3b3fdae622877a2d4842fe"}]}, 0x10a) syz_80211_inject_frame(&(0x7f0000000780)=@device_b, &(0x7f0000000900)=@data_frame={@no_qos=@type01={{0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x2}, @device_a, @from_mac=@broadcast, @device_a, {0x4, 0xb48}}, @a_msdu=[{@device_a, @broadcast, 0x1000, "423c5d3fb710972963fcf56eb3e0217761da4e460c81967f5f306c4991a62d1409b775fcab46a2f0613064114a0ca1921a8e46cc17e535b8c9b4c7aadbcf76be52843866787179ec599fba7028246264594a1e4c197da9ad3ded9c11db15fe49080efe05279cc39a82919dd7c9087d1bef8f42ecd84c6f5a694621d582fba0376e2bb8a09cde0504f0f3166909c57561cbda940bd1b5f7c64d04677261bbe161e05310b31d6aeb1b928b925aed36af9851b4600825c381093984a59990d068f2dcde7fbc507abcaea079131a8298796ce202959edf664183fc3bd830c90d1f68b19f6812fb73cacc99f160fbe71428c7f5f00b210021b07e087af1942afb2cfb181a44ca977cb0dbc5c94fe97ed5186838f51ae8afabc9fa72d7bac8da8ccc15f7cf9da2be1ee5ec5eea5df4da8d5c4e18dcd0a6dad29b2d70a07e0bd341c4be31b676bb9f8baa91771b1493b1852a679c4e064a5434255fdb881407b31bc604204ef909bd2c0e0e557fdca86b72cc708b88ca4872f36b3e6baa94843a8a1259c3c451d48522d1913bee7fa5f67a14457f79225006c46a5cef5ba59809a478729b4f5db830b5da3767ea39051e54f88d1bae62aaa7cb8d5276d84353c0ecc79ab37d511c73899d8f43a62fda6f2bfa0c4027457c11abb8d6e13e16005a8866e9bc1cd1f836e835b7ca3662c9c293110d10ec44eff4311b693d047c4245fc66e2849f3a1a5c3ffc97a190f41fdc6cf9b1ed79262dcde76cb02c16d7ab63122058174e9a47500236e09e8d51bf006de0dbd1ad39ca0bfb1c0efdf081192931b644809dea5552d1e81d275d0116c6a9efe1f6235bb69cc871824b6c310e37c1c76ca3f98ebe5aeb5e895bd1f6c7e7d49228df6f94068a54ac6e3fc2c96d4e9886d5270184758e15e4cc6fcfbcdf91dc1c2de70a9069babada9b4502985a756c3866cab8e09bc180b1c4fca9cccebc6b08d1bcb99b7635da63172504fb151b1d9e009c1ab38a466b650fe313b00d5b3e07b729f66a2a68e2e406d5657bb1d60f626937f9c7e15a16afa9c9f8a720c5cfe931c45028a2ad2eae83bc31a9c384a4f4f26020a06259e04daef5cf5e6978f494b897e4a860ddde48351b472985ef445fd68f6c3576a789960c2a3f305943dc7f025aacec79ae9285331c76bd1acd20d6917a3ac0353ed5c8b5ff5deb692d52f9ac348cbfea760250f09819f12b12f3a407fc3aedf2324ca4364c9b55afe450290062bee13d6924e5d160169ad154b4e98af77c11532470400a599db6a3faaae79fb2f7a75e482a43546deddb8f20559b4ee45dc52ff4644c52b65a964ae09fd3d5b5d00334cfe7e08d4d10b07fe983702920b6c259a344e9b89601ac6787e78d2a886662267eb1a9d1ba7898eb976d97cb7b7bcbf04d3a741ff5540b722bea55e2e35a49cea6c5739f046f90b0c43e428580210959588865156df537c7177c3110a0c3ca482de632c38639221f56408e4836e8011be97a6d8cdc4a2198b0ea509ffdd4e846226060774a413f8be2aac63b1f2ca52361e3494f697e407faede2de67ebf29b5675a3e05ba7b9f306594357e4c6fa71b2a729af1808c39ce980ba491802367bbda9efdd04c2346b8c205a9414efd063240a004845eb1d69b3e348fbb3730471c4f407e3dfadab6e0d5b1ef683d9d4df93030476bb16e04a1380f3791713f1361f865e798bfe869ce0ba70c77ce438e5d1f2e703c5e44d798537bab4f98b5bc4dad4fb3287b606efaff0ebdb52b0ddbf13c627e18a177572ac7b49b7fd50be586ab28d5ba218eaf81de64501f9bc3f50b4f57896f48d03d4d1ccc10fe3f1c973f34bba08a1a690b52e5b67dcd2b544d11b392f616d736467d5e5ef7b83fa01269fece8143f157fcf8a813548899c5b6435dd1092a70f261055bcbdb8b8c48ce5351106705811241c424a3d18e061e218395b40834d518e51825fa4ccc62f4cf84fa72a8b639aa112912f7e233feb6990f4570ab28107d7d8a95420704ee3b76b4c4c5d321fb1bcca3bb14c60af6f86685f117f67e9be643e433cf5e23f5fc88c3fc8021e085a3991694dd1734cc5f3246ae9d9c343314984e1e35a86e35af81f88105ffd152f9152c4d3d05a3ccaa08e0bdee5a0cc5310369a5e7ae6fadd26b241c80b7eb067c06788062027fdc9a3bd9ebf77a8c14b8d88f21b23905f09ef8c5f22fe5d780f95027d18df531b402753a831d74378bc6d0923a73e006348d7bcbc35d64b18e6f21ddebf62973340a9060a472ed7798fcc928e2fdf537e3e2935c08d1710e9900a225449d505cac95a126dbb626d4fbb8da594056b37151d1664e6ac7788f6df8383b59b44282b56410b9ff68fe84005b43c2146397e008e6fcbc70a5e7f56950095f345c7e2730935ed8980e153ca03b9b7a82e9fa44ca20adcde0301cb0fa3b17a978684daa939c18b2369672a26cbe713122396f9857341a0ce5ab6ee95779cd5b53c776f66b3be1c199868a5e8229945361ddf93dd413c657213c2c54e67c12d91b9450eb0dfacb9c5463eb695a0b1e3f88b7f473bef0fc343fd29039747e86e4372d2908497ffb17f4626b431b5892a4a27ddc8ee6704f238a3646ef97fac1d0a1f7280b13107fb72e41760528e699e8918775fe7f19903b88792c0f05477ea88d331d90fbd9ede2b49241b9dfd74ebff2549b907844d4d6e27c41403d060bbf10be24dec69ee31ae160de4fc5b3769699506d8123c8ce0e8781abf0dcfd53ecd568ec30a5be2a5a8d7ad058e7cb56642b0fe70a6ffee6afe9ff14964fe100c01d54770162eba34382e865f2c9df533ca3c435b09f63211324df4cab4c7ee88429056c6d4ef144607c90d47f66d404639d5bcb6432e2f0a6876ca886794fcd506827e8ef363a99b86f17bac73b2a6045a979b845e895bec81c7643710df422b31c9fecc0d2f137aad2db06c44e0ccda419df9b5eb7cb787d1df333be3c3084e0e1a820a938ef510d11e4420c219b6466b84f66d6de7f349b38e62d7d812f5f194b93065299bbf37b33030541c7ded79f5ac7380e2ef39fe012996ac1b32fff1f4ce8855092ee7f58f356b3cc060e994533f0c5586c416aa67745126dbfe790628dc2c4a28cb328728075f843eda62635e9caa0cf13381b332bff886a588af19a017c6c949f1125c2660fd3104f293b4116d1c5c8d3c93a0d0bfa77d2ea021aadf1e547eb14af1d217b23644d069041fce8c0e575544badb40564863dcf6f3438c01b82fbf891bb88b49da948c215c95039626bb20fe40779e98cc8b50252d3d8adf6244ce10148f55f8e18b0307e2545ec8b3843f5edfd1c5640c45e3d1c67206c90d6079a998d1104a851b6e8d184e5bddbe6f4bdff4772493d39298833757ffb083b74d0aa1b88ff244f87899f6ee7d13f07c54396ef324ec43c7ac04ec20fcc83cf828d2a0b93437ddd851945d3a29c29766cc1e111098e39454ac7c8de3a3c5cfcd968ecf998e7ee4b3b5459d022e902c143bb1cefb0ebad84fe8b6b4eb368075b9ba9001bd0c66cb86742a64ae3ef9d0ce5d874e7083ea75011165ae94bff3ab08c67b6e31c6ee94a3d856098b4fe5f676ab3e2bda4a22613414b5a7c1665d4f18a337ea53b2ed5bc6e0926d45f48a725f1fade40a487c933f92ac2d6e7a4b064ce9eb22789624e7e9294568f769de3a7c3af03146dd4ab3a652f18034f4a59f88634394e79ad2ac02b334280057c38f408ea8b40157ead2ecb05b521ec0da6ca1c2f57b8b68a04057454e9781ef9b44d23098e7238fe43955c7bab528a87bd00dab67a41c20d54888b868df3dbee68e2874e06a82887773c1ab59e25b54abdd3af5b12ee23edd14666e62b2f968aa332db589c87317e156bcc6ab3721bb5f0555bfeae9823b3f1ee4cdc630aa97ba115898e48e12d6a302e6c9641c696cb75ee9ed358ccdb5ef174571fb0a01c3cc4921dcdd15c5b628056092516c22677c201f31edc543e1a9b6a00e7718f66e105a404c34fb1d13ab74015f8fac0d6dbb43cc50220a1a7b45bd982226603ecb86a793797d9c03284da206894af03805ce4cfbb73cc248f9039f941f57015eb0f30ce4dd2e2ee53de34688f9a677a4020fe34ed99a514f5b228f5f0e1cf055b4f7859d90037d0a14253b908c627c126151e002f245183d1c717f4c5dba1f13f16bf01f5c7b4979803d1b3c6a8eeae5f6bc5707d21db18acd0d82d24ec3a83e39030b290aea285386126face995bab2a9ec517028574258756ce9cf46cd89b445bbcb698f2eee1e6e7f06bae9a9e72d72c4a24a3b49adb24ab48b547b26ae362c042e1af7fe5615a14a43c3c1ffeebdc79399dfb09c76a4449adbbab62f538ab293905bc100d8d40eb9e99f66b3625f86d3ca14e05df20773ef31e82bb43ddb073e799153aea28df4f046df0dd0cb2022669f6e0ee7af62e1cce17a6c92d6402dfc44e839e3171c7b6a47a449b71877ac001bb02cb781d1d299aa271b56fc6c3e846ef2eccda4a9cbee52120b2b7b6a90bb346f78c27c133f0c1e54e5f559e5e0abce2af3338be587d017c23dedef03b980f46362f152e45c2c3fde60828f32a9860ce5a0862f19759ffa433da0d2690895b4de1e766590f3c669b4eb71279a4deece82191f7ad24caeb2b18a0bf6322025b976d1233b0ee3b6f7cf23b8d7a61400fd272aa5cc2629be8626be5d8202e2093f13dc16e084f2c5b0b23674e94757fab14f69791f9e95ab579255ed511ee9c7e95046ba8314131d9eb755976dfa09a83c63096e60d8aa86c5fb4c382d9a92562866d6d06c587d1c45b8ca07d29efc7b986c4b14bd658af72d73dbc8b53dbc4e0b86d5ff36f8b6221a462b62bd7688065057f517d4958d469af9b6b7645a277240cf24f6d82fef797684486b6a36f1385ebded14d5a450d112a79fe63d6fb43d978557b57c74f9277437194f3ca006c675c18181d690c792b52974e83681428cc4d67001c57a3bf4ff08502df687509e2354d18b8089c63f66e627679388ec2de1c0d7215c9743bbeb106b991fe7ae203515e21aacbb4c0ee3524e0e9ede526b08cf34ec209933bc90d4ea569bbb15fd223a0e047a66a762729a47e1378333a97ae996bbd184fb7f6aae6fef9196dab521687f34c8e18329d888514cb4d0cebbe277bca720ab9d25db4111fa6e49aec07110653ce61da2b0e007b8b8b5aa22865b4908b1c901f066b1d3a32f4377c15ca9dc87aec335a29fc171099db2345a522b30b5e72f4884bf2eb6bde4926b98a113946dc784cd2036488465138b9cad90a65d959c77b761425b7f4a76265b6bf925c1686ed1e7ef30dbcdee31b6e8a0127692790363a93a61c9c08071546505a18fb1a424ab81689e16fa33db988742850dac275daebf85d4845ceb715d8424ba58e4f45316d4776b7e28fe5aacd9789283980744fef8e77bdd53e4dd4138546f40b94563f596393e0fce75ccbfa450cacb30b063956e3d01176e1b6f8b8572023b83f9118e1e33ae30e4aa5611c1bc842bf29bba43bc988ae8fc3138e2c8d1bbd31d1d78dd5a6a135c99ae93fd5052edd44d3745c1e8d35363168c91f01d94d3d5c4c218405ead480917c0f44e3d4fbaacf0871ac2d653415717086797bbdc96c5249f16bfc9df5aba7afedb8f34c1b107fa64da2ff1e965ff128c37a2780845fce17252f202be9eb62747ffa3e299678ffbb0af678819f986f7209bb83eff007a6bba4da8e0efd56b8087f4cb7bd74660a4a87c549b0aef126f559e1299cf9142eac0fcf1ff90a88c243318e101b1bc3fa0a"}, {@device_b, @device_b, 0xff, "beb9287683afaa39fee640529dde5b69b9ca5523c1b5e83c51945c0bb1ade319b28366ffc6c541042742f9ccc30ed5b9da3f73ec5bef877b363c302b545b8d1ca2ece9c8dca3dbff1f19a1e1d48658fcb8bed370ad0074533ea8b17f93e021116fae846e04a5f034d7527d241a1bc694b45fdbb07b42533b71fbd6c7093ad3bde17e668f7628b18e261231c255ffc45f03bd9a853cd486667cf0e71dbcfc24cffaa9bdc656d253df532c16d275ae7c2b2c97da7cb41d1c50e639f05933b54e269607269569b77753f334417aa83e51a27db6a9094d2d002911a312052d9962da00e9c19652a60541cfaeade7c3d4974c153638772e12ac02a65fee87738b46"}, {@broadcast, @device_a, 0x69, "a59644d0ad77da81f7c68b740c7a970b91f23aac61670ed189d872028556d35c38070642544dae9f5569c36cfb2126a3b94f3a6a5402046fa6af0733021f0d2b013331d220c48c755cc2a203d3847cce72a93a6527599a1631c315cfba8dfc2144c186ba47493d07bf"}, {@device_a, @broadcast, 0x6c, "96e13afeeafde08b5d845d71fe97a62a4092a83499735e293b68e0ea1d0ea0f0c90bf193447ad0e63bec6691c94c0e9280ad136962a224adc1bfab91a3c605c444a7062bd781bc98ff8b2e933cb1615effa39cb6f76a8d428511de399f23a6278335d94c8c72fec33cb226d6"}]}, 0x122c) 00:34:43 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, 0xffffffffffffffff, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(0xffffffffffffffff) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3131.532668] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.547040] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.558520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.573924] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.578342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.597065] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.601080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.615741] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3131.627805] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:34:43 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:34:43 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x1a) [ 3131.956965] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:01 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x1a) 00:35:01 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:01 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:01 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080), &(0x7f0000000440)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0x8}, {0x1}, @device_b, @random="3a1095db5409", @broadcast, {0xb, 0x7}}, {0xf, 0x0, 0x1, 0x0, 0xff}}, {@type01={{0x0, 0x2, 0xf, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x20}, @device_b, @initial, @initial, {0x2}}, {0x6, 0x0, 0x1, 0x1, 0x12}}}, @random="688c2cdda6f0bcd2d03df5f658aeafdd4cdc8f3e2f9912f714a4440015504e58589c35b9ff7c264fc02a20e9518265df15a8c6d20a60be8e1c8d73e39fa8088058052a29b01f7778aa18aed047d80102e499e0dc3532ff1e6371a1421e78411daeecbe716f4829f472d29a35600aed16991a58f5bb6a13f3ec25110f7f0ecc00261df0f1a9b58aa4619003eb6acd0a2f3fb978fbe3a69d0f6a74bb9b5575f7be0a76581c0f2d21988c6e9162376fd82c62085279e375571ce5468cbc10e6f4e63be5ab3689b221f8035f3d8524c3dd4f5fd32cb280f2e3cec84a2da10d6d39347e62c06c97be5e117157e3d8880e844116ad29ab0d621f681b4335adf83111c83c45343add71f6676724971adfb54cbd485b5ffeb4c31d3b449396fb18315ac00a49a7ac3cc3ea84ea8f14c21b435a3f2bfa99a2d0819de231689603e0cd23af199eec28208da0d6f4cb5458906d373ddd9ac7a54b1f2c5a10e1b7a1fda7f79f5b709fad49cefac29a5dadbe543dce5f3c39326941b4294feab54595325a5926e358b7451d74978afc0319bce71d48e2c4be28a9cd0e4e938f9c9e2f22935854a3c9f393a53139d1125e78ffa7ddbe9f4605a5a409082582ecf9453b5124319dd43973b97e8d0508624d582fe0979e4eb0ef1dc6509ca409a31be25f10cf84339f88d851efbb0279a91d54cd5acae9a9d183254032ed7fcbea67425e87301aa65fd2917145e14552d2cce167318ca0da22ed06709e70da15bb7dfda495309b5e72130664bd5d346c84c086c077bfb4a47c2a6566387e09a763e93d0f39a0b97e9a1d0da9b90648a726e993c61b2f63e954de5bd2baf4f53a7b272256ff9f91a0ca09776d9608f1fd9805d70f4fac85447beaaecf475cc60f66de5ec30ea39527fb71f331e56703ea790b9f9618973a6fcea92ac1a6db03b41870e7b965ef9da1e8efe7d8c84586f9ac3e6ce50823953cee84a629c6a44f9d43b4a19677e9fa6d8b047714ec32fd9854872fa6463f3bcbb72d2f2f239181f22d735dd83ead97c56ca1e0c77cdb40069aa7074d2d1bffc4ec1884bbf78dca6ced65b8aa435188f32029a0346d53850b3a7bc97ace5f5c7caeb24c74e79cfe2a995e88f14d2672dbc0cd249022bf68dd75f80222687380fb329ec68656a02bfdb7b261942eb1f333063d97fc25978f7afe46c2c61dbee2d02bc4c91b0bd96f64ea5c978cf72cf89f2f89193944b05c5c5e1342020b4c5ddafb29072b31b44436902f00f040a96d8f8d2396eb9231e0b09e7ba1790668e2c1219514c3b383493452100e7f643c46540ebad14b4f46b1f7806cc878269c2d7b3caf9533f8f5a096da63df6a8d00c3f0ac8e31eff8c167e9faf072f6d4454836a7be6db9c91682e84e991d6101a0651e236f724ca3bb1c7ef6473045f6878f5c83944aaed5ca6ed0a238d629e0856fa28de0ab29ec315fddcb6564608702f0cef9c6cea93c93d572057fb71b9ffffd31b6216bca02eca46177f28e6889eb7523cadd94742cc7c90cf8585713f2eca61f830af0b6415819d51a0b7fbb5e175bc5b72b7dc9e9a5637ae241a549f6376441a2bc350efd502c4230ccc3c91897071a8d36f9b8a91ec617da5cb7d832a7abcfed018dc4896520c8f617f078aff54de9baf38acf699bd9439adc8bda1ac0e77ddf2e3fcdcafc2a701ee6d62aafc7259b336a8c8b3f44812d1fa3c2c818b83df784b31d2b3ceaf2389bb1732e1712443fdb5b5d794cbed1cec758b380996a6c44a89aef5320cc00fbf3ed3035f93b1034c84e311828a77034eedd0095359328784b6b6d13f35cc31b0e0f1edf4d76c15e26340972ce3ccea2916dfcdc49826f7cd371dbbadc392b2af93426fd5bdacbb55ee5508f5c83ded2d5d4cbcc1620b1e1c5aba510506dcd64b300a5852ef1b1923708c6e8430cc5063bd3b5c30de70b7bef575feb1d6fb19df6acbb73a952b413f4ef311cabfb7ac6a1b8be10f08b73c7e7b2c61c7812fc3c10dc7e1f4bb2a2dd6eb388e465b563d77b58ab1e29a329532652efb067f916d88a5ca2a999fc901241a8494aa7396014ccb572cd56a76755244ca4d1"}, 0x5f8) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000000c0)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0xb, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, {0xff}, @broadcast, @initial, @broadcast, {0x5, 0x9d3}}, {0x6, 0x1, 0x3, 0x0, 0x3f}}, {@type01={{0x0, 0x2, 0xc, 0x0, 0x1, 0x1, 0x1}, {0x20}, @broadcast, @initial, @initial, {0x8, 0x72}}, {0x3, 0x0, 0x1}}}, @a_msdu=[{@broadcast, @device_b, 0xc8, "69b8509e1ae253c1d4683916cb818ec0ae79e02390057a23d11590c9a74784248d30962572d27f32b6601a9eaf6cab29ff7dc30521e8882502735904e5eafaca02b4366fee3aa3e6473c08672967c0b97fdf2f2fd06e4b2946929ef4fe975aca65d46241decbef0bd7f1d76f12d32e9a2563c53b726a856d2891d6ad4b0511a2d5f283a0ce9b2380843147ab61f2fd65fd80191504e877e71dc8954a7a2b457d43381c600af350b043ae55642371b7fd0dba93a138b3100aaa7a79d9c09a09c95076d5ccf814611c"}, {@device_b, @broadcast, 0x90, "2a375c64418ec56ccfe00b40abed71dcbabf174f1a93c8336c06a6b732edd25421ca0930d07684aa9daaf41df47042b06c6c0c348af96a491a691d7212aa1f44e788d583c2355919235a8a34a13085e55a8ccea73cc36155d957ce9be5759a63c35a5dbfb9bb827e2d3e36b129cca55e4ce1c807d9343c38027f172eb8d1560ade032aa6de8767e6c66ff9146c7396d6"}, {@broadcast, @device_b, 0xab, "fd30e21def6691a5669b131110c29639accbd9594f6c52fb1855d0d03c9e4e1a3435966643367640fc3bfb797046c78960fd29d755b01e51030e485d75cba86e6aa7796ec4263d709a70906fa757d4e7ab7e847e6329d2de8060d45adee0464cd63e028e06ba174cad5c42cb01b76c4cf4298556e635bdfe2ebe480213220b71b47052cc1b5284c877bd669a40e96f4ab762ff78c177e7d6ed242457fbe4251b43bc8dfb18044c7cffd2d0"}, {@device_a, @device_b}, {@device_a, @device_b, 0xbc, "9f89cebaf95208325439f0f6cd02f979a6808f76208b6494fe8af2e788b2a5ae24f3d2d2d71c2c7e72c2590522d9ac112cfdcb1cfe945072f27a707d1a2d09f1d3a1fd6c168221bbe2a76ce2f67ca14a3a8844614e833f1865afc6e4adce8e355d41c17b226f0de397369ef22c5f1e9d598c06cd6c99c7c27bf93c1c111f561d1e8b46aacf44e126f64373fafdf94e38ccbe9ded27b82d760917f4abd79d3a15c4970ab8dc659908eb3a0d2c36288a4a748a3a1aa94d933402f40443"}]}, 0x344) syz_80211_inject_frame(&(0x7f0000000a40)=@broadcast, &(0x7f0000000a80)=@ctrl_frame=@cts={{}, {0x1f}, @broadcast}, 0xa) 00:35:01 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3150.175017] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:01 executing program 3: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000000c0)=ANY=[@ANYBLOB="1817080008021100000008021100000000ffffffffffff080211000000ffffffffffff1100676eec582402333525c9930363d02291b8000802110000000802110000002a00a4d05e2179071796279dc0f9ef25d032f44b7801d4190519c154a67c35750f597adbbf3d6f9c8a29860afffffffffffffffffffffffe3100b319a3e9906c9f9c3dc5feb60441bd019c7ff2e1b61dbdc85a73a7846b3560b93409505df1b82f2147fc65af3ea57c27f200080211000000080211000001f5009467ef710cf1d226e85f6aca3c7f8a7de3fb140a358468e17fa41cd955cb73f91930a698e1fe3e33cf76b7469bd37b91e18f7e8b655ec1f58b1d054def03b37b3cf839d876c045803aaf5069b400491798571451aa256e5cc5ed41b18c8470094cd543ec249e7ad0f90bbc198a289f00da1f3ae22c1c5c97dbc3887b26d9c5e007be94637f6ddf6f5a9318450c9e28cd715d286aff8f4ff21b91be235042ca4ad270c10403ed224683fc3a8ed661b12b944b70d1591567f44c9062adf5c13d56e95a9cbbacf0b21a9a4e557c1ec8a0e3234dd79eda4b7fbb6977fdccfcba737d55ffefe8457bfd687c7cbf357b8a751c77ddd6aa1cdaeb43aa233500ffffff2332c683fc3767ad4674e94a8d7760b0a6d2f539ed1d62be84092eaf47ad000286c65099be21f141005839de903948066869a5d5a350eb951132220193624216991c499f9f6f16d926a9a751397d60eb3fc358bb18858a199db334c293b61e17d8c56f46763df4d37895aeb59da9aaa25dfb66ee7edde90ae33ab406633161ff1500000000"], 0x24e) syz_80211_inject_frame(&(0x7f0000000080)=@broadcast, &(0x7f0000001bc0)=@mgmt_frame=@assoc_req={@wo_ht={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1200}, @broadcast, @device_a, @random="60bcfcfaff7e", {0x3}}, 0x0, 0x200, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0xa, [{0x16, 0x1}]}, @val={0x2d, 0x1a, {0x20, 0x1, 0x0, 0x0, {0x80000000000, 0x1, 0x0, 0x301, 0x0, 0x1, 0x0, 0x1}, 0x300, 0xffff, 0x40}}, [{0xdd, 0x53, "29bd85176d3017f770004692dc359db3a008524c6ae69cd4c517cc26ce441dbf7ee0d32b472c25765d4085129e8dd036a995bbc08351acc25db5f83aca8ef3741d9c772b0d875fdb273db2b16b4dff05dd90f6"}, {0xdd, 0xaa, "16e285b9771de3fc415912a85528f3e22b706048eca5881b8b3f43501884bbbba0f6c2c6030d3ac0239ae17a3e7273dac9a9376d6c9008000000f1e555acb6545ff940b02775213c0bf7fa8ab51a9929ae5a8c4b558a256cd8a60433e608408d3802d51f025e732de4d9fee160eb3119950d8cd53f12cdf5d9f06cd89ddd16f63aa97057d22d9acdfb7770472b0d7ceda1c615e12ab40822b3ab17e670583e5e52a8efc57ba95e973664"}, {0xdd, 0x65, "a7919d0611e99ffec696bdc4b8b170744360524a973b905be10095b99b32bb5e8d1750b94804a9c9c2906656545251cc82f2ec86d6d2ced649a24e491a390117b346a4ce6551d60d18658fe4fa676e345a4c63d2bc6fe5547fa442edc2b5eed6ca03d7fadc"}, {0xdd, 0x2c, "cf5d73f5ec5a60b345ce90159efada95d7c34eef082f60c95792db28a5ed3bb85ade9dc1f2dc28a5bf267f5f"}, {0xdd, 0x49, "61017c382491196a703e9f6c696009a0afa177cb8521ac27e02cdb996d8137660cf9c8b5a942adc681ace52605ea84197ae2bc5893e48716f11ea1770aa9e2857ef2489f85628c5b16"}, {0xdd, 0x9d, "70018658ca2070d7db4a94f80eafcba0a23ffb25615efde3c0c1bc4c44b0e61251a287517898a0defeaf4156c3e8d47368436a2398660f1f21ffa1c508f3cc9568fc6fbaf1947f0e0d0551fd5c1fd55348de29f62b340a749485d506d446bd80a544130aad1b9a7f322dd7bd45dc1b7d42efa8aef5cd102185e1f254cf97bb9d2465afd5692b03c4eb3304cb2851d92f01b8629eaf7de655e3f633ed3c"}, {0xdd, 0x55, "301df147457c73971307d4552f0d74525a09791883e48055fa0178efc732905c28f4812b7ab3ad3f95d9895334ff31138a05d735ae360152f3c3d45e932e2ce077fe786fba430faa3b62b9cadbfce84b4fe8e6c672"}, {0xdd, 0x3d, "8187c7b38752668e1c92c46dc4c1436024411e2c51d83467b2abc2a9f3ac9bae494e245da1451d3831349e446a5243539076161ccef44d0f4e4be33878"}, {0xdd, 0xaa, "e9f5a9cc0bde82fd21c2d0b678228b7cf8c804d4ab103459ce6ad18fbc5007acf2e603335e4750efe8566afe353d02004d85f2aea3b25db3bb4fb46adddbb5687bdfb07665d67a228e2b8ea7748c8bd4d9375266972fea053560f60ab769c0bc5f1def625840a2137806612c603fe43da93647ff702ed5695803ecc791e7cabdb24d08eb0975b143b8abdf8731e97364506170ad491496631998dad6aa1ff59b014bc8601d38d62cf011"}]}, 0x405) syz_80211_inject_frame(&(0x7f0000001b40), &(0x7f0000001b80)=ANY=[@ANYBLOB="84000400080211100001ffffffffffff00203100"], 0x14) syz_80211_inject_frame(&(0x7f0000000740)=@broadcast, &(0x7f00000007c0)=@mgmt_frame=@auth={@with_ht={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0xff}, @device_b, @broadcast, @initial, {0x7, 0xfff}}, @ver_80211n={0x0, 0x6, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x0, 0x0, @void, [{0xdd, 0xe6, "8a2c8890fbb62104d31930dd26548b7f3f4ea7c1f6b71d9e9be874d373c45cbf5160cc07a95af0ddfc8111edbcb4e5ef2e754c42f2a2a2bcf5afea71139164a741ee0b5997b771427fbb4a6dccce7ad12802e762c00adba7d4c19299498521e084388420f718a5480bf79766288c56ea6ab2829f9ab3fc3a84822424e3243fa09c359eabf33dabbacd0f99f4ad23665a45b8c066ff91ea1b2c9cbc6a63da0d3a6caa34d59a2aa44d4a67fc545a3d19339d9cec4005cd704f3ace629708cf76463926f092c903eda73ba486e135a79f706a8ae14a1452babcaa490e3b3fdae622877a2d4842fe"}]}, 0x10a) syz_80211_inject_frame(&(0x7f0000000780)=@device_b, &(0x7f0000000900)=@data_frame={@no_qos=@type01={{0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x2}, @device_a, @from_mac=@broadcast, @device_a, {0x4, 0xb48}}, @a_msdu=[{@device_a, @broadcast, 0x1000, "423c5d3fb710972963fcf56eb3e0217761da4e460c81967f5f306c4991a62d1409b775fcab46a2f0613064114a0ca1921a8e46cc17e535b8c9b4c7aadbcf76be52843866787179ec599fba7028246264594a1e4c197da9ad3ded9c11db15fe49080efe05279cc39a82919dd7c9087d1bef8f42ecd84c6f5a694621d582fba0376e2bb8a09cde0504f0f3166909c57561cbda940bd1b5f7c64d04677261bbe161e05310b31d6aeb1b928b925aed36af9851b4600825c381093984a59990d068f2dcde7fbc507abcaea079131a8298796ce202959edf664183fc3bd830c90d1f68b19f6812fb73cacc99f160fbe71428c7f5f00b210021b07e087af1942afb2cfb181a44ca977cb0dbc5c94fe97ed5186838f51ae8afabc9fa72d7bac8da8ccc15f7cf9da2be1ee5ec5eea5df4da8d5c4e18dcd0a6dad29b2d70a07e0bd341c4be31b676bb9f8baa91771b1493b1852a679c4e064a5434255fdb881407b31bc604204ef909bd2c0e0e557fdca86b72cc708b88ca4872f36b3e6baa94843a8a1259c3c451d48522d1913bee7fa5f67a14457f79225006c46a5cef5ba59809a478729b4f5db830b5da3767ea39051e54f88d1bae62aaa7cb8d5276d84353c0ecc79ab37d511c73899d8f43a62fda6f2bfa0c4027457c11abb8d6e13e16005a8866e9bc1cd1f836e835b7ca3662c9c293110d10ec44eff4311b693d047c4245fc66e2849f3a1a5c3ffc97a190f41fdc6cf9b1ed79262dcde76cb02c16d7ab63122058174e9a47500236e09e8d51bf006de0dbd1ad39ca0bfb1c0efdf081192931b644809dea5552d1e81d275d0116c6a9efe1f6235bb69cc871824b6c310e37c1c76ca3f98ebe5aeb5e895bd1f6c7e7d49228df6f94068a54ac6e3fc2c96d4e9886d5270184758e15e4cc6fcfbcdf91dc1c2de70a9069babada9b4502985a756c3866cab8e09bc180b1c4fca9cccebc6b08d1bcb99b7635da63172504fb151b1d9e009c1ab38a466b650fe313b00d5b3e07b729f66a2a68e2e406d5657bb1d60f626937f9c7e15a16afa9c9f8a720c5cfe931c45028a2ad2eae83bc31a9c384a4f4f26020a06259e04daef5cf5e6978f494b897e4a860ddde48351b472985ef445fd68f6c3576a789960c2a3f305943dc7f025aacec79ae9285331c76bd1acd20d6917a3ac0353ed5c8b5ff5deb692d52f9ac348cbfea760250f09819f12b12f3a407fc3aedf2324ca4364c9b55afe450290062bee13d6924e5d160169ad154b4e98af77c11532470400a599db6a3faaae79fb2f7a75e482a43546deddb8f20559b4ee45dc52ff4644c52b65a964ae09fd3d5b5d00334cfe7e08d4d10b07fe983702920b6c259a344e9b89601ac6787e78d2a886662267eb1a9d1ba7898eb976d97cb7b7bcbf04d3a741ff5540b722bea55e2e35a49cea6c5739f046f90b0c43e428580210959588865156df537c7177c3110a0c3ca482de632c38639221f56408e4836e8011be97a6d8cdc4a2198b0ea509ffdd4e846226060774a413f8be2aac63b1f2ca52361e3494f697e407faede2de67ebf29b5675a3e05ba7b9f306594357e4c6fa71b2a729af1808c39ce980ba491802367bbda9efdd04c2346b8c205a9414efd063240a004845eb1d69b3e348fbb3730471c4f407e3dfadab6e0d5b1ef683d9d4df93030476bb16e04a1380f3791713f1361f865e798bfe869ce0ba70c77ce438e5d1f2e703c5e44d798537bab4f98b5bc4dad4fb3287b606efaff0ebdb52b0ddbf13c627e18a177572ac7b49b7fd50be586ab28d5ba218eaf81de64501f9bc3f50b4f57896f48d03d4d1ccc10fe3f1c973f34bba08a1a690b52e5b67dcd2b544d11b392f616d736467d5e5ef7b83fa01269fece8143f157fcf8a813548899c5b6435dd1092a70f261055bcbdb8b8c48ce5351106705811241c424a3d18e061e218395b40834d518e51825fa4ccc62f4cf84fa72a8b639aa112912f7e233feb6990f4570ab28107d7d8a95420704ee3b76b4c4c5d321fb1bcca3bb14c60af6f86685f117f67e9be643e433cf5e23f5fc88c3fc8021e085a3991694dd1734cc5f3246ae9d9c343314984e1e35a86e35af81f88105ffd152f9152c4d3d05a3ccaa08e0bdee5a0cc5310369a5e7ae6fadd26b241c80b7eb067c06788062027fdc9a3bd9ebf77a8c14b8d88f21b23905f09ef8c5f22fe5d780f95027d18df531b402753a831d74378bc6d0923a73e006348d7bcbc35d64b18e6f21ddebf62973340a9060a472ed7798fcc928e2fdf537e3e2935c08d1710e9900a225449d505cac95a126dbb626d4fbb8da594056b37151d1664e6ac7788f6df8383b59b44282b56410b9ff68fe84005b43c2146397e008e6fcbc70a5e7f56950095f345c7e2730935ed8980e153ca03b9b7a82e9fa44ca20adcde0301cb0fa3b17a978684daa939c18b2369672a26cbe713122396f9857341a0ce5ab6ee95779cd5b53c776f66b3be1c199868a5e8229945361ddf93dd413c657213c2c54e67c12d91b9450eb0dfacb9c5463eb695a0b1e3f88b7f473bef0fc343fd29039747e86e4372d2908497ffb17f4626b431b5892a4a27ddc8ee6704f238a3646ef97fac1d0a1f7280b13107fb72e41760528e699e8918775fe7f19903b88792c0f05477ea88d331d90fbd9ede2b49241b9dfd74ebff2549b907844d4d6e27c41403d060bbf10be24dec69ee31ae160de4fc5b3769699506d8123c8ce0e8781abf0dcfd53ecd568ec30a5be2a5a8d7ad058e7cb56642b0fe70a6ffee6afe9ff14964fe100c01d54770162eba34382e865f2c9df533ca3c435b09f63211324df4cab4c7ee88429056c6d4ef144607c90d47f66d404639d5bcb6432e2f0a6876ca886794fcd506827e8ef363a99b86f17bac73b2a6045a979b845e895bec81c7643710df422b31c9fecc0d2f137aad2db06c44e0ccda419df9b5eb7cb787d1df333be3c3084e0e1a820a938ef510d11e4420c219b6466b84f66d6de7f349b38e62d7d812f5f194b93065299bbf37b33030541c7ded79f5ac7380e2ef39fe012996ac1b32fff1f4ce8855092ee7f58f356b3cc060e994533f0c5586c416aa67745126dbfe790628dc2c4a28cb328728075f843eda62635e9caa0cf13381b332bff886a588af19a017c6c949f1125c2660fd3104f293b4116d1c5c8d3c93a0d0bfa77d2ea021aadf1e547eb14af1d217b23644d069041fce8c0e575544badb40564863dcf6f3438c01b82fbf891bb88b49da948c215c95039626bb20fe40779e98cc8b50252d3d8adf6244ce10148f55f8e18b0307e2545ec8b3843f5edfd1c5640c45e3d1c67206c90d6079a998d1104a851b6e8d184e5bddbe6f4bdff4772493d39298833757ffb083b74d0aa1b88ff244f87899f6ee7d13f07c54396ef324ec43c7ac04ec20fcc83cf828d2a0b93437ddd851945d3a29c29766cc1e111098e39454ac7c8de3a3c5cfcd968ecf998e7ee4b3b5459d022e902c143bb1cefb0ebad84fe8b6b4eb368075b9ba9001bd0c66cb86742a64ae3ef9d0ce5d874e7083ea75011165ae94bff3ab08c67b6e31c6ee94a3d856098b4fe5f676ab3e2bda4a22613414b5a7c1665d4f18a337ea53b2ed5bc6e0926d45f48a725f1fade40a487c933f92ac2d6e7a4b064ce9eb22789624e7e9294568f769de3a7c3af03146dd4ab3a652f18034f4a59f88634394e79ad2ac02b334280057c38f408ea8b40157ead2ecb05b521ec0da6ca1c2f57b8b68a04057454e9781ef9b44d23098e7238fe43955c7bab528a87bd00dab67a41c20d54888b868df3dbee68e2874e06a82887773c1ab59e25b54abdd3af5b12ee23edd14666e62b2f968aa332db589c87317e156bcc6ab3721bb5f0555bfeae9823b3f1ee4cdc630aa97ba115898e48e12d6a302e6c9641c696cb75ee9ed358ccdb5ef174571fb0a01c3cc4921dcdd15c5b628056092516c22677c201f31edc543e1a9b6a00e7718f66e105a404c34fb1d13ab74015f8fac0d6dbb43cc50220a1a7b45bd982226603ecb86a793797d9c03284da206894af03805ce4cfbb73cc248f9039f941f57015eb0f30ce4dd2e2ee53de34688f9a677a4020fe34ed99a514f5b228f5f0e1cf055b4f7859d90037d0a14253b908c627c126151e002f245183d1c717f4c5dba1f13f16bf01f5c7b4979803d1b3c6a8eeae5f6bc5707d21db18acd0d82d24ec3a83e39030b290aea285386126face995bab2a9ec517028574258756ce9cf46cd89b445bbcb698f2eee1e6e7f06bae9a9e72d72c4a24a3b49adb24ab48b547b26ae362c042e1af7fe5615a14a43c3c1ffeebdc79399dfb09c76a4449adbbab62f538ab293905bc100d8d40eb9e99f66b3625f86d3ca14e05df20773ef31e82bb43ddb073e799153aea28df4f046df0dd0cb2022669f6e0ee7af62e1cce17a6c92d6402dfc44e839e3171c7b6a47a449b71877ac001bb02cb781d1d299aa271b56fc6c3e846ef2eccda4a9cbee52120b2b7b6a90bb346f78c27c133f0c1e54e5f559e5e0abce2af3338be587d017c23dedef03b980f46362f152e45c2c3fde60828f32a9860ce5a0862f19759ffa433da0d2690895b4de1e766590f3c669b4eb71279a4deece82191f7ad24caeb2b18a0bf6322025b976d1233b0ee3b6f7cf23b8d7a61400fd272aa5cc2629be8626be5d8202e2093f13dc16e084f2c5b0b23674e94757fab14f69791f9e95ab579255ed511ee9c7e95046ba8314131d9eb755976dfa09a83c63096e60d8aa86c5fb4c382d9a92562866d6d06c587d1c45b8ca07d29efc7b986c4b14bd658af72d73dbc8b53dbc4e0b86d5ff36f8b6221a462b62bd7688065057f517d4958d469af9b6b7645a277240cf24f6d82fef797684486b6a36f1385ebded14d5a450d112a79fe63d6fb43d978557b57c74f9277437194f3ca006c675c18181d690c792b52974e83681428cc4d67001c57a3bf4ff08502df687509e2354d18b8089c63f66e627679388ec2de1c0d7215c9743bbeb106b991fe7ae203515e21aacbb4c0ee3524e0e9ede526b08cf34ec209933bc90d4ea569bbb15fd223a0e047a66a762729a47e1378333a97ae996bbd184fb7f6aae6fef9196dab521687f34c8e18329d888514cb4d0cebbe277bca720ab9d25db4111fa6e49aec07110653ce61da2b0e007b8b8b5aa22865b4908b1c901f066b1d3a32f4377c15ca9dc87aec335a29fc171099db2345a522b30b5e72f4884bf2eb6bde4926b98a113946dc784cd2036488465138b9cad90a65d959c77b761425b7f4a76265b6bf925c1686ed1e7ef30dbcdee31b6e8a0127692790363a93a61c9c08071546505a18fb1a424ab81689e16fa33db988742850dac275daebf85d4845ceb715d8424ba58e4f45316d4776b7e28fe5aacd9789283980744fef8e77bdd53e4dd4138546f40b94563f596393e0fce75ccbfa450cacb30b063956e3d01176e1b6f8b8572023b83f9118e1e33ae30e4aa5611c1bc842bf29bba43bc988ae8fc3138e2c8d1bbd31d1d78dd5a6a135c99ae93fd5052edd44d3745c1e8d35363168c91f01d94d3d5c4c218405ead480917c0f44e3d4fbaacf0871ac2d653415717086797bbdc96c5249f16bfc9df5aba7afedb8f34c1b107fa64da2ff1e965ff128c37a2780845fce17252f202be9eb62747ffa3e299678ffbb0af678819f986f7209bb83eff007a6bba4da8e0efd56b8087f4cb7bd74660a4a87c549b0aef126f559e1299cf9142eac0fcf1ff90a88c243318e101b1bc3fa0a"}, {@device_b, @device_b, 0xff, "beb9287683afaa39fee640529dde5b69b9ca5523c1b5e83c51945c0bb1ade319b28366ffc6c541042742f9ccc30ed5b9da3f73ec5bef877b363c302b545b8d1ca2ece9c8dca3dbff1f19a1e1d48658fcb8bed370ad0074533ea8b17f93e021116fae846e04a5f034d7527d241a1bc694b45fdbb07b42533b71fbd6c7093ad3bde17e668f7628b18e261231c255ffc45f03bd9a853cd486667cf0e71dbcfc24cffaa9bdc656d253df532c16d275ae7c2b2c97da7cb41d1c50e639f05933b54e269607269569b77753f334417aa83e51a27db6a9094d2d002911a312052d9962da00e9c19652a60541cfaeade7c3d4974c153638772e12ac02a65fee87738b46"}, {@broadcast, @device_a, 0x69, "a59644d0ad77da81f7c68b740c7a970b91f23aac61670ed189d872028556d35c38070642544dae9f5569c36cfb2126a3b94f3a6a5402046fa6af0733021f0d2b013331d220c48c755cc2a203d3847cce72a93a6527599a1631c315cfba8dfc2144c186ba47493d07bf"}, {@device_a, @broadcast, 0x6c, "96e13afeeafde08b5d845d71fe97a62a4092a83499735e293b68e0ea1d0ea0f0c90bf193447ad0e63bec6691c94c0e9280ad136962a224adc1bfab91a3c605c444a7062bd781bc98ff8b2e933cb1615effa39cb6f76a8d428511de399f23a6278335d94c8c72fec33cb226d6"}]}, 0x122c) [ 3150.197178] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:01 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:01 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3150.208138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.235609] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.249453] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.253026] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.261492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.268640] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.279229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.286143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:02 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:02 executing program 7: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:02 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) dup(r1) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:02 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:02 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200000000"], 0x1a) 00:35:02 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080), &(0x7f0000000440)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0x8}, {0x1}, @device_b, @random="3a1095db5409", @broadcast, {0xb, 0x7}}, {0xf, 0x0, 0x1, 0x0, 0xff}}, {@type01={{0x0, 0x2, 0xf, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x20}, @device_b, @initial, @initial, {0x2}}, {0x6, 0x0, 0x1, 0x1, 0x12}}}, @random="688c2cdda6f0bcd2d03df5f658aeafdd4cdc8f3e2f9912f714a4440015504e58589c35b9ff7c264fc02a20e9518265df15a8c6d20a60be8e1c8d73e39fa8088058052a29b01f7778aa18aed047d80102e499e0dc3532ff1e6371a1421e78411daeecbe716f4829f472d29a35600aed16991a58f5bb6a13f3ec25110f7f0ecc00261df0f1a9b58aa4619003eb6acd0a2f3fb978fbe3a69d0f6a74bb9b5575f7be0a76581c0f2d21988c6e9162376fd82c62085279e375571ce5468cbc10e6f4e63be5ab3689b221f8035f3d8524c3dd4f5fd32cb280f2e3cec84a2da10d6d39347e62c06c97be5e117157e3d8880e844116ad29ab0d621f681b4335adf83111c83c45343add71f6676724971adfb54cbd485b5ffeb4c31d3b449396fb18315ac00a49a7ac3cc3ea84ea8f14c21b435a3f2bfa99a2d0819de231689603e0cd23af199eec28208da0d6f4cb5458906d373ddd9ac7a54b1f2c5a10e1b7a1fda7f79f5b709fad49cefac29a5dadbe543dce5f3c39326941b4294feab54595325a5926e358b7451d74978afc0319bce71d48e2c4be28a9cd0e4e938f9c9e2f22935854a3c9f393a53139d1125e78ffa7ddbe9f4605a5a409082582ecf9453b5124319dd43973b97e8d0508624d582fe0979e4eb0ef1dc6509ca409a31be25f10cf84339f88d851efbb0279a91d54cd5acae9a9d183254032ed7fcbea67425e87301aa65fd2917145e14552d2cce167318ca0da22ed06709e70da15bb7dfda495309b5e72130664bd5d346c84c086c077bfb4a47c2a6566387e09a763e93d0f39a0b97e9a1d0da9b90648a726e993c61b2f63e954de5bd2baf4f53a7b272256ff9f91a0ca09776d9608f1fd9805d70f4fac85447beaaecf475cc60f66de5ec30ea39527fb71f331e56703ea790b9f9618973a6fcea92ac1a6db03b41870e7b965ef9da1e8efe7d8c84586f9ac3e6ce50823953cee84a629c6a44f9d43b4a19677e9fa6d8b047714ec32fd9854872fa6463f3bcbb72d2f2f239181f22d735dd83ead97c56ca1e0c77cdb40069aa7074d2d1bffc4ec1884bbf78dca6ced65b8aa435188f32029a0346d53850b3a7bc97ace5f5c7caeb24c74e79cfe2a995e88f14d2672dbc0cd249022bf68dd75f80222687380fb329ec68656a02bfdb7b261942eb1f333063d97fc25978f7afe46c2c61dbee2d02bc4c91b0bd96f64ea5c978cf72cf89f2f89193944b05c5c5e1342020b4c5ddafb29072b31b44436902f00f040a96d8f8d2396eb9231e0b09e7ba1790668e2c1219514c3b383493452100e7f643c46540ebad14b4f46b1f7806cc878269c2d7b3caf9533f8f5a096da63df6a8d00c3f0ac8e31eff8c167e9faf072f6d4454836a7be6db9c91682e84e991d6101a0651e236f724ca3bb1c7ef6473045f6878f5c83944aaed5ca6ed0a238d629e0856fa28de0ab29ec315fddcb6564608702f0cef9c6cea93c93d572057fb71b9ffffd31b6216bca02eca46177f28e6889eb7523cadd94742cc7c90cf8585713f2eca61f830af0b6415819d51a0b7fbb5e175bc5b72b7dc9e9a5637ae241a549f6376441a2bc350efd502c4230ccc3c91897071a8d36f9b8a91ec617da5cb7d832a7abcfed018dc4896520c8f617f078aff54de9baf38acf699bd9439adc8bda1ac0e77ddf2e3fcdcafc2a701ee6d62aafc7259b336a8c8b3f44812d1fa3c2c818b83df784b31d2b3ceaf2389bb1732e1712443fdb5b5d794cbed1cec758b380996a6c44a89aef5320cc00fbf3ed3035f93b1034c84e311828a77034eedd0095359328784b6b6d13f35cc31b0e0f1edf4d76c15e26340972ce3ccea2916dfcdc49826f7cd371dbbadc392b2af93426fd5bdacbb55ee5508f5c83ded2d5d4cbcc1620b1e1c5aba510506dcd64b300a5852ef1b1923708c6e8430cc5063bd3b5c30de70b7bef575feb1d6fb19df6acbb73a952b413f4ef311cabfb7ac6a1b8be10f08b73c7e7b2c61c7812fc3c10dc7e1f4bb2a2dd6eb388e465b563d77b58ab1e29a329532652efb067f916d88a5ca2a999fc901241a8494aa7396014ccb572cd56a76755244ca4d1"}, 0x5f8) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000000c0)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0xb, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, {0xff}, @broadcast, @initial, @broadcast, {0x5, 0x9d3}}, {0x6, 0x1, 0x3, 0x0, 0x3f}}, {@type01={{0x0, 0x2, 0xc, 0x0, 0x1, 0x1, 0x1}, {0x20}, @broadcast, @initial, @initial, {0x8, 0x72}}, {0x3, 0x0, 0x1}}}, @a_msdu=[{@broadcast, @device_b, 0xc8, "69b8509e1ae253c1d4683916cb818ec0ae79e02390057a23d11590c9a74784248d30962572d27f32b6601a9eaf6cab29ff7dc30521e8882502735904e5eafaca02b4366fee3aa3e6473c08672967c0b97fdf2f2fd06e4b2946929ef4fe975aca65d46241decbef0bd7f1d76f12d32e9a2563c53b726a856d2891d6ad4b0511a2d5f283a0ce9b2380843147ab61f2fd65fd80191504e877e71dc8954a7a2b457d43381c600af350b043ae55642371b7fd0dba93a138b3100aaa7a79d9c09a09c95076d5ccf814611c"}, {@device_b, @broadcast, 0x90, "2a375c64418ec56ccfe00b40abed71dcbabf174f1a93c8336c06a6b732edd25421ca0930d07684aa9daaf41df47042b06c6c0c348af96a491a691d7212aa1f44e788d583c2355919235a8a34a13085e55a8ccea73cc36155d957ce9be5759a63c35a5dbfb9bb827e2d3e36b129cca55e4ce1c807d9343c38027f172eb8d1560ade032aa6de8767e6c66ff9146c7396d6"}, {@broadcast, @device_b, 0xab, "fd30e21def6691a5669b131110c29639accbd9594f6c52fb1855d0d03c9e4e1a3435966643367640fc3bfb797046c78960fd29d755b01e51030e485d75cba86e6aa7796ec4263d709a70906fa757d4e7ab7e847e6329d2de8060d45adee0464cd63e028e06ba174cad5c42cb01b76c4cf4298556e635bdfe2ebe480213220b71b47052cc1b5284c877bd669a40e96f4ab762ff78c177e7d6ed242457fbe4251b43bc8dfb18044c7cffd2d0"}, {@device_a, @device_b}, {@device_a, @device_b, 0xbc, "9f89cebaf95208325439f0f6cd02f979a6808f76208b6494fe8af2e788b2a5ae24f3d2d2d71c2c7e72c2590522d9ac112cfdcb1cfe945072f27a707d1a2d09f1d3a1fd6c168221bbe2a76ce2f67ca14a3a8844614e833f1865afc6e4adce8e355d41c17b226f0de397369ef22c5f1e9d598c06cd6c99c7c27bf93c1c111f561d1e8b46aacf44e126f64373fafdf94e38ccbe9ded27b82d760917f4abd79d3a15c4970ab8dc659908eb3a0d2c36288a4a748a3a1aa94d933402f40443"}]}, 0x344) syz_80211_inject_frame(&(0x7f0000000a40)=@broadcast, &(0x7f0000000a80)=@ctrl_frame=@cts={{}, {0x1f}, @broadcast}, 0xa) [ 3150.659002] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:02 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3150.685677] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:02 executing program 3: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000000c0)=ANY=[@ANYBLOB="1817080008021100000008021100000000ffffffffffff080211000000ffffffffffff1100676eec582402333525c9930363d02291b8000802110000000802110000002a00a4d05e2179071796279dc0f9ef25d032f44b7801d4190519c154a67c35750f597adbbf3d6f9c8a29860afffffffffffffffffffffffe3100b319a3e9906c9f9c3dc5feb60441bd019c7ff2e1b61dbdc85a73a7846b3560b93409505df1b82f2147fc65af3ea57c27f200080211000000080211000001f5009467ef710cf1d226e85f6aca3c7f8a7de3fb140a358468e17fa41cd955cb73f91930a698e1fe3e33cf76b7469bd37b91e18f7e8b655ec1f58b1d054def03b37b3cf839d876c045803aaf5069b400491798571451aa256e5cc5ed41b18c8470094cd543ec249e7ad0f90bbc198a289f00da1f3ae22c1c5c97dbc3887b26d9c5e007be94637f6ddf6f5a9318450c9e28cd715d286aff8f4ff21b91be235042ca4ad270c10403ed224683fc3a8ed661b12b944b70d1591567f44c9062adf5c13d56e95a9cbbacf0b21a9a4e557c1ec8a0e3234dd79eda4b7fbb6977fdccfcba737d55ffefe8457bfd687c7cbf357b8a751c77ddd6aa1cdaeb43aa233500ffffff2332c683fc3767ad4674e94a8d7760b0a6d2f539ed1d62be84092eaf47ad000286c65099be21f141005839de903948066869a5d5a350eb951132220193624216991c499f9f6f16d926a9a751397d60eb3fc358bb18858a199db334c293b61e17d8c56f46763df4d37895aeb59da9aaa25dfb66ee7edde90ae33ab406633161ff1500000000"], 0x24e) syz_80211_inject_frame(&(0x7f0000000080)=@broadcast, &(0x7f0000001bc0)=@mgmt_frame=@assoc_req={@wo_ht={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1200}, @broadcast, @device_a, @random="60bcfcfaff7e", {0x3}}, 0x0, 0x200, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0xa, [{0x16, 0x1}]}, @val={0x2d, 0x1a, {0x20, 0x1, 0x0, 0x0, {0x80000000000, 0x1, 0x0, 0x301, 0x0, 0x1, 0x0, 0x1}, 0x300, 0xffff, 0x40}}, [{0xdd, 0x53, "29bd85176d3017f770004692dc359db3a008524c6ae69cd4c517cc26ce441dbf7ee0d32b472c25765d4085129e8dd036a995bbc08351acc25db5f83aca8ef3741d9c772b0d875fdb273db2b16b4dff05dd90f6"}, {0xdd, 0xaa, "16e285b9771de3fc415912a85528f3e22b706048eca5881b8b3f43501884bbbba0f6c2c6030d3ac0239ae17a3e7273dac9a9376d6c9008000000f1e555acb6545ff940b02775213c0bf7fa8ab51a9929ae5a8c4b558a256cd8a60433e608408d3802d51f025e732de4d9fee160eb3119950d8cd53f12cdf5d9f06cd89ddd16f63aa97057d22d9acdfb7770472b0d7ceda1c615e12ab40822b3ab17e670583e5e52a8efc57ba95e973664"}, {0xdd, 0x65, "a7919d0611e99ffec696bdc4b8b170744360524a973b905be10095b99b32bb5e8d1750b94804a9c9c2906656545251cc82f2ec86d6d2ced649a24e491a390117b346a4ce6551d60d18658fe4fa676e345a4c63d2bc6fe5547fa442edc2b5eed6ca03d7fadc"}, {0xdd, 0x2c, "cf5d73f5ec5a60b345ce90159efada95d7c34eef082f60c95792db28a5ed3bb85ade9dc1f2dc28a5bf267f5f"}, {0xdd, 0x49, "61017c382491196a703e9f6c696009a0afa177cb8521ac27e02cdb996d8137660cf9c8b5a942adc681ace52605ea84197ae2bc5893e48716f11ea1770aa9e2857ef2489f85628c5b16"}, {0xdd, 0x9d, "70018658ca2070d7db4a94f80eafcba0a23ffb25615efde3c0c1bc4c44b0e61251a287517898a0defeaf4156c3e8d47368436a2398660f1f21ffa1c508f3cc9568fc6fbaf1947f0e0d0551fd5c1fd55348de29f62b340a749485d506d446bd80a544130aad1b9a7f322dd7bd45dc1b7d42efa8aef5cd102185e1f254cf97bb9d2465afd5692b03c4eb3304cb2851d92f01b8629eaf7de655e3f633ed3c"}, {0xdd, 0x55, "301df147457c73971307d4552f0d74525a09791883e48055fa0178efc732905c28f4812b7ab3ad3f95d9895334ff31138a05d735ae360152f3c3d45e932e2ce077fe786fba430faa3b62b9cadbfce84b4fe8e6c672"}, {0xdd, 0x3d, "8187c7b38752668e1c92c46dc4c1436024411e2c51d83467b2abc2a9f3ac9bae494e245da1451d3831349e446a5243539076161ccef44d0f4e4be33878"}, {0xdd, 0xaa, "e9f5a9cc0bde82fd21c2d0b678228b7cf8c804d4ab103459ce6ad18fbc5007acf2e603335e4750efe8566afe353d02004d85f2aea3b25db3bb4fb46adddbb5687bdfb07665d67a228e2b8ea7748c8bd4d9375266972fea053560f60ab769c0bc5f1def625840a2137806612c603fe43da93647ff702ed5695803ecc791e7cabdb24d08eb0975b143b8abdf8731e97364506170ad491496631998dad6aa1ff59b014bc8601d38d62cf011"}]}, 0x405) syz_80211_inject_frame(&(0x7f0000001b40), &(0x7f0000001b80)=ANY=[@ANYBLOB="84000400080211100001ffffffffffff00203100"], 0x14) syz_80211_inject_frame(&(0x7f0000000740)=@broadcast, &(0x7f00000007c0)=@mgmt_frame=@auth={@with_ht={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0xff}, @device_b, @broadcast, @initial, {0x7, 0xfff}}, @ver_80211n={0x0, 0x6, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x0, 0x0, @void, [{0xdd, 0xe6, "8a2c8890fbb62104d31930dd26548b7f3f4ea7c1f6b71d9e9be874d373c45cbf5160cc07a95af0ddfc8111edbcb4e5ef2e754c42f2a2a2bcf5afea71139164a741ee0b5997b771427fbb4a6dccce7ad12802e762c00adba7d4c19299498521e084388420f718a5480bf79766288c56ea6ab2829f9ab3fc3a84822424e3243fa09c359eabf33dabbacd0f99f4ad23665a45b8c066ff91ea1b2c9cbc6a63da0d3a6caa34d59a2aa44d4a67fc545a3d19339d9cec4005cd704f3ace629708cf76463926f092c903eda73ba486e135a79f706a8ae14a1452babcaa490e3b3fdae622877a2d4842fe"}]}, 0x10a) syz_80211_inject_frame(&(0x7f0000000780)=@device_b, &(0x7f0000000900)=@data_frame={@no_qos=@type01={{0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x2}, @device_a, @from_mac=@broadcast, @device_a, {0x4, 0xb48}}, @a_msdu=[{@device_a, @broadcast, 0x1000, "423c5d3fb710972963fcf56eb3e0217761da4e460c81967f5f306c4991a62d1409b775fcab46a2f0613064114a0ca1921a8e46cc17e535b8c9b4c7aadbcf76be52843866787179ec599fba7028246264594a1e4c197da9ad3ded9c11db15fe49080efe05279cc39a82919dd7c9087d1bef8f42ecd84c6f5a694621d582fba0376e2bb8a09cde0504f0f3166909c57561cbda940bd1b5f7c64d04677261bbe161e05310b31d6aeb1b928b925aed36af9851b4600825c381093984a59990d068f2dcde7fbc507abcaea079131a8298796ce202959edf664183fc3bd830c90d1f68b19f6812fb73cacc99f160fbe71428c7f5f00b210021b07e087af1942afb2cfb181a44ca977cb0dbc5c94fe97ed5186838f51ae8afabc9fa72d7bac8da8ccc15f7cf9da2be1ee5ec5eea5df4da8d5c4e18dcd0a6dad29b2d70a07e0bd341c4be31b676bb9f8baa91771b1493b1852a679c4e064a5434255fdb881407b31bc604204ef909bd2c0e0e557fdca86b72cc708b88ca4872f36b3e6baa94843a8a1259c3c451d48522d1913bee7fa5f67a14457f79225006c46a5cef5ba59809a478729b4f5db830b5da3767ea39051e54f88d1bae62aaa7cb8d5276d84353c0ecc79ab37d511c73899d8f43a62fda6f2bfa0c4027457c11abb8d6e13e16005a8866e9bc1cd1f836e835b7ca3662c9c293110d10ec44eff4311b693d047c4245fc66e2849f3a1a5c3ffc97a190f41fdc6cf9b1ed79262dcde76cb02c16d7ab63122058174e9a47500236e09e8d51bf006de0dbd1ad39ca0bfb1c0efdf081192931b644809dea5552d1e81d275d0116c6a9efe1f6235bb69cc871824b6c310e37c1c76ca3f98ebe5aeb5e895bd1f6c7e7d49228df6f94068a54ac6e3fc2c96d4e9886d5270184758e15e4cc6fcfbcdf91dc1c2de70a9069babada9b4502985a756c3866cab8e09bc180b1c4fca9cccebc6b08d1bcb99b7635da63172504fb151b1d9e009c1ab38a466b650fe313b00d5b3e07b729f66a2a68e2e406d5657bb1d60f626937f9c7e15a16afa9c9f8a720c5cfe931c45028a2ad2eae83bc31a9c384a4f4f26020a06259e04daef5cf5e6978f494b897e4a860ddde48351b472985ef445fd68f6c3576a789960c2a3f305943dc7f025aacec79ae9285331c76bd1acd20d6917a3ac0353ed5c8b5ff5deb692d52f9ac348cbfea760250f09819f12b12f3a407fc3aedf2324ca4364c9b55afe450290062bee13d6924e5d160169ad154b4e98af77c11532470400a599db6a3faaae79fb2f7a75e482a43546deddb8f20559b4ee45dc52ff4644c52b65a964ae09fd3d5b5d00334cfe7e08d4d10b07fe983702920b6c259a344e9b89601ac6787e78d2a886662267eb1a9d1ba7898eb976d97cb7b7bcbf04d3a741ff5540b722bea55e2e35a49cea6c5739f046f90b0c43e428580210959588865156df537c7177c3110a0c3ca482de632c38639221f56408e4836e8011be97a6d8cdc4a2198b0ea509ffdd4e846226060774a413f8be2aac63b1f2ca52361e3494f697e407faede2de67ebf29b5675a3e05ba7b9f306594357e4c6fa71b2a729af1808c39ce980ba491802367bbda9efdd04c2346b8c205a9414efd063240a004845eb1d69b3e348fbb3730471c4f407e3dfadab6e0d5b1ef683d9d4df93030476bb16e04a1380f3791713f1361f865e798bfe869ce0ba70c77ce438e5d1f2e703c5e44d798537bab4f98b5bc4dad4fb3287b606efaff0ebdb52b0ddbf13c627e18a177572ac7b49b7fd50be586ab28d5ba218eaf81de64501f9bc3f50b4f57896f48d03d4d1ccc10fe3f1c973f34bba08a1a690b52e5b67dcd2b544d11b392f616d736467d5e5ef7b83fa01269fece8143f157fcf8a813548899c5b6435dd1092a70f261055bcbdb8b8c48ce5351106705811241c424a3d18e061e218395b40834d518e51825fa4ccc62f4cf84fa72a8b639aa112912f7e233feb6990f4570ab28107d7d8a95420704ee3b76b4c4c5d321fb1bcca3bb14c60af6f86685f117f67e9be643e433cf5e23f5fc88c3fc8021e085a3991694dd1734cc5f3246ae9d9c343314984e1e35a86e35af81f88105ffd152f9152c4d3d05a3ccaa08e0bdee5a0cc5310369a5e7ae6fadd26b241c80b7eb067c06788062027fdc9a3bd9ebf77a8c14b8d88f21b23905f09ef8c5f22fe5d780f95027d18df531b402753a831d74378bc6d0923a73e006348d7bcbc35d64b18e6f21ddebf62973340a9060a472ed7798fcc928e2fdf537e3e2935c08d1710e9900a225449d505cac95a126dbb626d4fbb8da594056b37151d1664e6ac7788f6df8383b59b44282b56410b9ff68fe84005b43c2146397e008e6fcbc70a5e7f56950095f345c7e2730935ed8980e153ca03b9b7a82e9fa44ca20adcde0301cb0fa3b17a978684daa939c18b2369672a26cbe713122396f9857341a0ce5ab6ee95779cd5b53c776f66b3be1c199868a5e8229945361ddf93dd413c657213c2c54e67c12d91b9450eb0dfacb9c5463eb695a0b1e3f88b7f473bef0fc343fd29039747e86e4372d2908497ffb17f4626b431b5892a4a27ddc8ee6704f238a3646ef97fac1d0a1f7280b13107fb72e41760528e699e8918775fe7f19903b88792c0f05477ea88d331d90fbd9ede2b49241b9dfd74ebff2549b907844d4d6e27c41403d060bbf10be24dec69ee31ae160de4fc5b3769699506d8123c8ce0e8781abf0dcfd53ecd568ec30a5be2a5a8d7ad058e7cb56642b0fe70a6ffee6afe9ff14964fe100c01d54770162eba34382e865f2c9df533ca3c435b09f63211324df4cab4c7ee88429056c6d4ef144607c90d47f66d404639d5bcb6432e2f0a6876ca886794fcd506827e8ef363a99b86f17bac73b2a6045a979b845e895bec81c7643710df422b31c9fecc0d2f137aad2db06c44e0ccda419df9b5eb7cb787d1df333be3c3084e0e1a820a938ef510d11e4420c219b6466b84f66d6de7f349b38e62d7d812f5f194b93065299bbf37b33030541c7ded79f5ac7380e2ef39fe012996ac1b32fff1f4ce8855092ee7f58f356b3cc060e994533f0c5586c416aa67745126dbfe790628dc2c4a28cb328728075f843eda62635e9caa0cf13381b332bff886a588af19a017c6c949f1125c2660fd3104f293b4116d1c5c8d3c93a0d0bfa77d2ea021aadf1e547eb14af1d217b23644d069041fce8c0e575544badb40564863dcf6f3438c01b82fbf891bb88b49da948c215c95039626bb20fe40779e98cc8b50252d3d8adf6244ce10148f55f8e18b0307e2545ec8b3843f5edfd1c5640c45e3d1c67206c90d6079a998d1104a851b6e8d184e5bddbe6f4bdff4772493d39298833757ffb083b74d0aa1b88ff244f87899f6ee7d13f07c54396ef324ec43c7ac04ec20fcc83cf828d2a0b93437ddd851945d3a29c29766cc1e111098e39454ac7c8de3a3c5cfcd968ecf998e7ee4b3b5459d022e902c143bb1cefb0ebad84fe8b6b4eb368075b9ba9001bd0c66cb86742a64ae3ef9d0ce5d874e7083ea75011165ae94bff3ab08c67b6e31c6ee94a3d856098b4fe5f676ab3e2bda4a22613414b5a7c1665d4f18a337ea53b2ed5bc6e0926d45f48a725f1fade40a487c933f92ac2d6e7a4b064ce9eb22789624e7e9294568f769de3a7c3af03146dd4ab3a652f18034f4a59f88634394e79ad2ac02b334280057c38f408ea8b40157ead2ecb05b521ec0da6ca1c2f57b8b68a04057454e9781ef9b44d23098e7238fe43955c7bab528a87bd00dab67a41c20d54888b868df3dbee68e2874e06a82887773c1ab59e25b54abdd3af5b12ee23edd14666e62b2f968aa332db589c87317e156bcc6ab3721bb5f0555bfeae9823b3f1ee4cdc630aa97ba115898e48e12d6a302e6c9641c696cb75ee9ed358ccdb5ef174571fb0a01c3cc4921dcdd15c5b628056092516c22677c201f31edc543e1a9b6a00e7718f66e105a404c34fb1d13ab74015f8fac0d6dbb43cc50220a1a7b45bd982226603ecb86a793797d9c03284da206894af03805ce4cfbb73cc248f9039f941f57015eb0f30ce4dd2e2ee53de34688f9a677a4020fe34ed99a514f5b228f5f0e1cf055b4f7859d90037d0a14253b908c627c126151e002f245183d1c717f4c5dba1f13f16bf01f5c7b4979803d1b3c6a8eeae5f6bc5707d21db18acd0d82d24ec3a83e39030b290aea285386126face995bab2a9ec517028574258756ce9cf46cd89b445bbcb698f2eee1e6e7f06bae9a9e72d72c4a24a3b49adb24ab48b547b26ae362c042e1af7fe5615a14a43c3c1ffeebdc79399dfb09c76a4449adbbab62f538ab293905bc100d8d40eb9e99f66b3625f86d3ca14e05df20773ef31e82bb43ddb073e799153aea28df4f046df0dd0cb2022669f6e0ee7af62e1cce17a6c92d6402dfc44e839e3171c7b6a47a449b71877ac001bb02cb781d1d299aa271b56fc6c3e846ef2eccda4a9cbee52120b2b7b6a90bb346f78c27c133f0c1e54e5f559e5e0abce2af3338be587d017c23dedef03b980f46362f152e45c2c3fde60828f32a9860ce5a0862f19759ffa433da0d2690895b4de1e766590f3c669b4eb71279a4deece82191f7ad24caeb2b18a0bf6322025b976d1233b0ee3b6f7cf23b8d7a61400fd272aa5cc2629be8626be5d8202e2093f13dc16e084f2c5b0b23674e94757fab14f69791f9e95ab579255ed511ee9c7e95046ba8314131d9eb755976dfa09a83c63096e60d8aa86c5fb4c382d9a92562866d6d06c587d1c45b8ca07d29efc7b986c4b14bd658af72d73dbc8b53dbc4e0b86d5ff36f8b6221a462b62bd7688065057f517d4958d469af9b6b7645a277240cf24f6d82fef797684486b6a36f1385ebded14d5a450d112a79fe63d6fb43d978557b57c74f9277437194f3ca006c675c18181d690c792b52974e83681428cc4d67001c57a3bf4ff08502df687509e2354d18b8089c63f66e627679388ec2de1c0d7215c9743bbeb106b991fe7ae203515e21aacbb4c0ee3524e0e9ede526b08cf34ec209933bc90d4ea569bbb15fd223a0e047a66a762729a47e1378333a97ae996bbd184fb7f6aae6fef9196dab521687f34c8e18329d888514cb4d0cebbe277bca720ab9d25db4111fa6e49aec07110653ce61da2b0e007b8b8b5aa22865b4908b1c901f066b1d3a32f4377c15ca9dc87aec335a29fc171099db2345a522b30b5e72f4884bf2eb6bde4926b98a113946dc784cd2036488465138b9cad90a65d959c77b761425b7f4a76265b6bf925c1686ed1e7ef30dbcdee31b6e8a0127692790363a93a61c9c08071546505a18fb1a424ab81689e16fa33db988742850dac275daebf85d4845ceb715d8424ba58e4f45316d4776b7e28fe5aacd9789283980744fef8e77bdd53e4dd4138546f40b94563f596393e0fce75ccbfa450cacb30b063956e3d01176e1b6f8b8572023b83f9118e1e33ae30e4aa5611c1bc842bf29bba43bc988ae8fc3138e2c8d1bbd31d1d78dd5a6a135c99ae93fd5052edd44d3745c1e8d35363168c91f01d94d3d5c4c218405ead480917c0f44e3d4fbaacf0871ac2d653415717086797bbdc96c5249f16bfc9df5aba7afedb8f34c1b107fa64da2ff1e965ff128c37a2780845fce17252f202be9eb62747ffa3e299678ffbb0af678819f986f7209bb83eff007a6bba4da8e0efd56b8087f4cb7bd74660a4a87c549b0aef126f559e1299cf9142eac0fcf1ff90a88c243318e101b1bc3fa0a"}, {@device_b, @device_b, 0xff, "beb9287683afaa39fee640529dde5b69b9ca5523c1b5e83c51945c0bb1ade319b28366ffc6c541042742f9ccc30ed5b9da3f73ec5bef877b363c302b545b8d1ca2ece9c8dca3dbff1f19a1e1d48658fcb8bed370ad0074533ea8b17f93e021116fae846e04a5f034d7527d241a1bc694b45fdbb07b42533b71fbd6c7093ad3bde17e668f7628b18e261231c255ffc45f03bd9a853cd486667cf0e71dbcfc24cffaa9bdc656d253df532c16d275ae7c2b2c97da7cb41d1c50e639f05933b54e269607269569b77753f334417aa83e51a27db6a9094d2d002911a312052d9962da00e9c19652a60541cfaeade7c3d4974c153638772e12ac02a65fee87738b46"}, {@broadcast, @device_a, 0x69, "a59644d0ad77da81f7c68b740c7a970b91f23aac61670ed189d872028556d35c38070642544dae9f5569c36cfb2126a3b94f3a6a5402046fa6af0733021f0d2b013331d220c48c755cc2a203d3847cce72a93a6527599a1631c315cfba8dfc2144c186ba47493d07bf"}, {@device_a, @broadcast, 0x6c, "96e13afeeafde08b5d845d71fe97a62a4092a83499735e293b68e0ea1d0ea0f0c90bf193447ad0e63bec6691c94c0e9280ad136962a224adc1bfab91a3c605c444a7062bd781bc98ff8b2e933cb1615effa39cb6f76a8d428511de399f23a6278335d94c8c72fec33cb226d6"}]}, 0x122c) [ 3150.698121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.704403] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.711636] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.765400] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.793636] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.811614] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:02 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3150.835982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3150.844991] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:02 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x380, 0x0) fsetxattr$security_evm(r1, &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "149569089105ea88d0561cc2af5b50bf"}, 0x11, 0x1) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000140)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @val={0x8c, 0x18, {0x290, "52682edcab75", @long="2218e09fb5b73c693fe25a263a6fa282"}}}, 0x34) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) [ 3151.003928] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3151.017614] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3151.023578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3151.051047] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 3164.469057] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. 00:35:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x1a) 00:35:16 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x380, 0x0) fsetxattr$security_evm(r1, &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "149569089105ea88d0561cc2af5b50bf"}, 0x11, 0x1) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000140)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @val={0x8c, 0x18, {0x290, "52682edcab75", @long="2218e09fb5b73c693fe25a263a6fa282"}}}, 0x34) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:35:16 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) dup(r1) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3164.479560] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3164.519431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:16 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x1a) [ 3164.897107] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:16 executing program 0: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3167.640611] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 3167.644127] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 3167.647267] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 3167.651579] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 3167.654033] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 3167.655651] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 3169.669336] Bluetooth: hci3: command 0x0409 tx timeout [ 3171.717272] Bluetooth: hci3: command 0x041b tx timeout [ 3173.769987] Bluetooth: hci3: command 0x040f tx timeout [ 3175.814280] Bluetooth: hci3: command 0x0419 tx timeout [ 3186.434600] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3186.435112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3186.495476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3186.496005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3186.806501] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 3186.809479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3186.812138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3186.815093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:35:53 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:53 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x380, 0x0) fsetxattr$security_evm(r1, &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "149569089105ea88d0561cc2af5b50bf"}, 0x11, 0x1) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000140)=@mgmt_frame=@disassoc={@wo_ht={{}, {}, @device_b, @broadcast}, 0x0, @val={0x8c, 0x18, {0x290, "52682edcab75", @long="2218e09fb5b73c693fe25a263a6fa282"}}}, 0x34) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:35:53 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:53 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:53 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r3 = dup(r1) bind$bt_hci(r3, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:53 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:35:53 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x1a) [ 3202.076818] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 3202.079535] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3202.082217] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3202.084493] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3202.099946] loop0: detected capacity change from 0 to 512 [ 3202.104062] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3202.105019] EXT4-fs (loop0): group descriptors corrupted! [ 3202.139976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3202.204359] loop0: detected capacity change from 0 to 512 [ 3202.211445] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3202.212037] EXT4-fs (loop0): group descriptors corrupted! 00:35:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:35:53 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3202.323806] loop0: detected capacity change from 0 to 512 [ 3202.331275] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3202.331877] EXT4-fs (loop0): group descriptors corrupted! 00:35:53 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:35:54 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3202.393814] loop0: detected capacity change from 0 to 512 00:35:54 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x380, 0x0) fsetxattr$security_evm(r1, &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "149569089105ea88d0561cc2af5b50bf"}, 0x11, 0x1) syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:35:54 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:35:54 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3202.484775] loop0: detected capacity change from 0 to 512 00:35:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48d"], 0x1a) 00:35:54 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3202.520600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3202.532348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:35:54 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3202.552337] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. 00:35:54 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3202.587865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3202.611875] loop0: detected capacity change from 0 to 512 [ 3216.427820] loop0: detected capacity change from 0 to 512 [ 3216.430530] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 3216.432590] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3216.436295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:36:08 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48d"], 0x1a) 00:36:08 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x380, 0x0) fsetxattr$security_evm(r1, &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "149569089105ea88d0561cc2af5b50bf"}, 0x11, 0x1) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:36:08 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:36:08 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3216.569525] loop0: detected capacity change from 0 to 512 00:36:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3216.668035] loop0: detected capacity change from 0 to 512 00:36:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:36:08 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x380, 0x0) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) [ 3216.791991] loop0: detected capacity change from 0 to 8 [ 3216.800141] EXT4-fs (loop0): bad geometry: block count 256 exceeds size of device (4 blocks) 00:36:08 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:08 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48d"], 0x1a) 00:36:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3216.942004] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3216.986578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3217.005991] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. 00:36:08 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) 00:36:08 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3217.055764] loop0: detected capacity change from 0 to 8 [ 3217.065278] EXT4-fs (loop0): bad geometry: block count 256 exceeds size of device (4 blocks) 00:36:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="030000", 0x3, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3217.153327] FAULT_INJECTION: forcing a failure. [ 3217.153327] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 3217.154857] CPU: 1 PID: 17677 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3217.155850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3217.156830] Call Trace: [ 3217.157167] [ 3217.157472] dump_stack_lvl+0xc1/0xf0 [ 3217.157986] should_fail_ex+0x4b4/0x5b0 [ 3217.158497] _copy_from_user+0x30/0xf0 [ 3217.158993] copy_clone_args_from_user+0x147/0x780 [ 3217.159622] ? ksys_write+0x122/0x250 [ 3217.160110] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 3217.160801] ? ksys_write+0x20f/0x250 [ 3217.161294] ? lock_release+0x1e3/0x680 [ 3217.161814] ? __pfx_lock_release+0x10/0x10 [ 3217.162393] ? lock_is_held_type+0x9f/0x120 [ 3217.162967] __do_sys_clone3+0x8f/0x250 [ 3217.163484] ? __pfx___do_sys_clone3+0x10/0x10 [ 3217.164089] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3217.164759] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3217.165427] ? perf_trace_preemptirq_template+0x252/0x420 [ 3217.166155] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3217.166918] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3217.167665] ? fput+0x2f/0x1a0 [ 3217.168104] ? __pfx_ksys_write+0x10/0x10 [ 3217.168651] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3217.169321] ? syscall_enter_from_user_mode+0x21/0x50 [ 3217.170007] do_syscall_64+0x3f/0x90 [ 3217.170515] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3217.171169] RIP: 0033:0x7f729f431b19 [ 3217.171650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3217.173888] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3217.174837] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3217.175729] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3217.176607] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3217.177503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3217.178394] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3217.179299] [ 3217.231904] loop0: detected capacity change from 0 to 8 [ 3217.246497] EXT4-fs (loop0): bad geometry: block count 256 exceeds size of device (4 blocks) [ 3231.873744] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:36:23 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) 00:36:23 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r1, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) r3 = dup(r1) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x90b}}, './file1\x00'}) r4 = dup(r1) bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:23 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:36:23 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:23 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) 00:36:23 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:23 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200"], 0x1a) 00:36:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012800)=ANY=[]) [ 3231.883856] No source specified [ 3231.930931] FAULT_INJECTION: forcing a failure. [ 3231.930931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3231.932862] CPU: 0 PID: 17695 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3231.933914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3231.934975] Call Trace: [ 3231.935328] [ 3231.935631] dump_stack_lvl+0xc1/0xf0 [ 3231.936157] should_fail_ex+0x4b4/0x5b0 [ 3231.936694] _copy_from_user+0x30/0xf0 [ 3231.937216] copy_clone_args_from_user+0x147/0x780 [ 3231.937876] ? ksys_write+0x122/0x250 [ 3231.938403] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 3231.939156] ? ksys_write+0x20f/0x250 [ 3231.939667] ? lock_release+0x1e3/0x680 [ 3231.940202] ? __pfx_lock_release+0x10/0x10 [ 3231.940743] ? lock_is_held_type+0x9f/0x120 [ 3231.941322] __do_sys_clone3+0x8f/0x250 [ 3231.941837] ? __pfx___do_sys_clone3+0x10/0x10 [ 3231.942464] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3231.943116] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3231.943797] ? perf_trace_preemptirq_template+0x252/0x420 [ 3231.944517] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3231.945294] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3231.946060] ? fput+0x2f/0x1a0 [ 3231.946512] ? __pfx_ksys_write+0x10/0x10 [ 3231.947035] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3231.947727] ? syscall_enter_from_user_mode+0x21/0x50 [ 3231.948395] do_syscall_64+0x3f/0x90 [ 3231.948911] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3231.949770] RIP: 0033:0x7fefd8f24b19 [ 3231.950406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3231.953500] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3231.954809] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3231.955807] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3231.956743] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3231.957690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3231.958613] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3231.959596] [ 3231.967723] FAULT_INJECTION: forcing a failure. [ 3231.967723] name failslab, interval 1, probability 0, space 0, times 1 [ 3231.968585] CPU: 1 PID: 17705 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3231.969148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3231.969708] Call Trace: [ 3231.969894] [ 3231.970077] dump_stack_lvl+0xc1/0xf0 [ 3231.970373] should_fail_ex+0x4b4/0x5b0 [ 3231.970660] ? copy_process+0x3c2/0x7320 [ 3231.970960] should_failslab+0x9/0x20 [ 3231.971237] kmem_cache_alloc_node+0x65/0x3b0 [ 3231.971561] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3231.971918] copy_process+0x3c2/0x7320 [ 3231.972215] ? lock_acquire+0x19a/0x4c0 [ 3231.972486] ? find_held_lock+0x2c/0x110 [ 3231.972784] ? __might_fault+0xe2/0x190 [ 3231.973062] ? lock_release+0x1e3/0x680 [ 3231.973354] ? __pfx_copy_process+0x10/0x10 [ 3231.973659] ? _copy_from_user+0x5c/0xf0 [ 3231.973955] kernel_clone+0xeb/0x810 [ 3231.974225] ? ksys_write+0x122/0x250 [ 3231.974505] ? __pfx_kernel_clone+0x10/0x10 [ 3231.974810] ? lock_is_held_type+0x9f/0x120 [ 3231.975136] __do_sys_clone3+0x1d5/0x250 [ 3231.975427] ? __pfx___do_sys_clone3+0x10/0x10 [ 3231.975777] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3231.976175] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3231.976592] ? fput+0x2f/0x1a0 [ 3231.976822] ? ksys_write+0x19e/0x250 [ 3231.977095] ? __pfx_ksys_write+0x10/0x10 [ 3231.977381] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3231.977755] ? syscall_enter_from_user_mode+0x21/0x50 [ 3231.978153] do_syscall_64+0x3f/0x90 [ 3231.978441] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3231.978804] RIP: 0033:0x7f729f431b19 [ 3231.979071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3231.980244] RSP: 002b:00007f729c986188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3231.980772] RAX: ffffffffffffffda RBX: 00007f729f545020 RCX: 00007f729f431b19 [ 3231.981262] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3231.981755] RBP: 00007f729c9861d0 R08: 0000000000000000 R09: 0000000000000000 [ 3231.982261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3231.982744] R13: 00007ffe00c6649f R14: 00007f729c986300 R15: 0000000000022000 [ 3231.983249] [ 3231.986481] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 3231.991384] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3246.071720] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3246.081518] No source specified 00:36:37 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x29, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x2}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x28}], 0x1}, 0x0) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:36:37 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:37 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200"], 0x1a) 00:36:37 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) 00:36:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012800)=ANY=[]) 00:36:37 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) 00:36:37 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) 00:36:37 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3246.131667] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 3246.139894] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3246.142839] FAULT_INJECTION: forcing a failure. [ 3246.142839] name failslab, interval 1, probability 0, space 0, times 0 [ 3246.144524] CPU: 0 PID: 17715 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3246.145580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3246.146632] Call Trace: [ 3246.146967] [ 3246.147274] dump_stack_lvl+0xc1/0xf0 [ 3246.147813] should_fail_ex+0x4b4/0x5b0 [ 3246.148342] ? copy_process+0x3c2/0x7320 [ 3246.148892] should_failslab+0x9/0x20 [ 3246.149403] kmem_cache_alloc_node+0x65/0x3b0 [ 3246.150008] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3246.150725] copy_process+0x3c2/0x7320 [ 3246.151276] ? lock_acquire+0x19a/0x4c0 [ 3246.151835] ? find_held_lock+0x2c/0x110 [ 3246.152372] ? __might_fault+0xe2/0x190 [ 3246.152894] ? lock_release+0x1e3/0x680 [ 3246.153413] ? __pfx_copy_process+0x10/0x10 [ 3246.153987] ? _copy_from_user+0x5c/0xf0 [ 3246.154546] kernel_clone+0xeb/0x810 [ 3246.155044] ? ksys_write+0x122/0x250 [ 3246.155533] ? __pfx_kernel_clone+0x10/0x10 [ 3246.156096] ? lock_is_held_type+0x9f/0x120 [ 3246.156659] __do_sys_clone3+0x1d5/0x250 [ 3246.157195] ? __pfx___do_sys_clone3+0x10/0x10 [ 3246.157807] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.158581] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.159310] ? fput+0x2f/0x1a0 [ 3246.159749] ? __pfx_ksys_write+0x10/0x10 [ 3246.160295] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3246.160952] ? syscall_enter_from_user_mode+0x21/0x50 [ 3246.161643] do_syscall_64+0x3f/0x90 [ 3246.162067] FAULT_INJECTION: forcing a failure. [ 3246.162067] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3246.162155] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3246.162191] RIP: 0033:0x7fefd8f24b19 [ 3246.162226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3246.166469] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3246.167457] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3246.168389] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3246.169311] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3246.170266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3246.171196] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3246.172142] [ 3246.172457] CPU: 1 PID: 17728 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3246.173052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3246.173621] Call Trace: [ 3246.173805] [ 3246.173969] dump_stack_lvl+0xc1/0xf0 [ 3246.174270] should_fail_ex+0x4b4/0x5b0 [ 3246.174567] _copy_from_user+0x30/0xf0 [ 3246.174859] copy_clone_args_from_user+0x147/0x780 [ 3246.175226] ? ksys_write+0x122/0x250 [ 3246.175505] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 3246.175895] ? ksys_write+0x20f/0x250 [ 3246.176179] ? lock_release+0x1e3/0x680 [ 3246.176473] ? __pfx_lock_release+0x10/0x10 [ 3246.176783] ? lock_is_held_type+0x9f/0x120 [ 3246.177112] __do_sys_clone3+0x8f/0x250 [ 3246.177412] ? __pfx___do_sys_clone3+0x10/0x10 [ 3246.177749] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3246.178124] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3246.178506] ? perf_trace_preemptirq_template+0x252/0x420 [ 3246.178904] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.179324] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.179748] ? fput+0x2f/0x1a0 [ 3246.180001] ? __pfx_ksys_write+0x10/0x10 [ 3246.180302] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3246.180674] ? syscall_enter_from_user_mode+0x21/0x50 [ 3246.181047] do_syscall_64+0x3f/0x90 [ 3246.181332] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3246.181699] RIP: 0033:0x7f89ec184b19 [ 3246.181966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3246.183238] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3246.183773] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3246.184276] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3246.184763] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3246.185263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3246.185746] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3246.186259] 00:36:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012800)=ANY=[]) [ 3246.275002] No source specified 00:36:37 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:37 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:37 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) 00:36:37 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) 00:36:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3246.382647] FAULT_INJECTION: forcing a failure. [ 3246.382647] name failslab, interval 1, probability 0, space 0, times 0 [ 3246.384527] CPU: 0 PID: 17743 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3246.385551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3246.386548] Call Trace: [ 3246.386874] [ 3246.387166] dump_stack_lvl+0xc1/0xf0 [ 3246.387690] should_fail_ex+0x4b4/0x5b0 [ 3246.388210] ? copy_process+0x3c2/0x7320 [ 3246.388744] should_failslab+0x9/0x20 [ 3246.389231] kmem_cache_alloc_node+0x65/0x3b0 [ 3246.389814] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3246.390500] copy_process+0x3c2/0x7320 [ 3246.391017] ? lock_acquire+0x19a/0x4c0 [ 3246.391532] ? find_held_lock+0x2c/0x110 [ 3246.392065] ? __might_fault+0xe2/0x190 [ 3246.392589] ? lock_release+0x1e3/0x680 [ 3246.393101] ? __pfx_copy_process+0x10/0x10 [ 3246.393663] ? _copy_from_user+0x5c/0xf0 [ 3246.394188] kernel_clone+0xeb/0x810 [ 3246.394690] ? ksys_write+0x122/0x250 [ 3246.395179] ? __pfx_kernel_clone+0x10/0x10 [ 3246.395756] ? lock_is_held_type+0x9f/0x120 [ 3246.396325] __do_sys_clone3+0x1d5/0x250 [ 3246.396850] ? __pfx___do_sys_clone3+0x10/0x10 [ 3246.397463] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.398222] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.398945] ? fput+0x2f/0x1a0 [ 3246.399378] ? __pfx_ksys_write+0x10/0x10 [ 3246.399900] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3246.400559] ? syscall_enter_from_user_mode+0x21/0x50 [ 3246.401226] do_syscall_64+0x3f/0x90 [ 3246.401728] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3246.402399] RIP: 0033:0x7f89ec184b19 [ 3246.402861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3246.405332] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3246.406461] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3246.407506] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3246.408553] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3246.409603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3246.410662] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3246.411729] 00:36:38 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) [ 3246.430693] loop0: detected capacity change from 0 to 512 [ 3246.437290] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3246.437953] EXT4-fs (loop0): group descriptors corrupted! 00:36:38 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3246.542855] FAULT_INJECTION: forcing a failure. [ 3246.542855] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 3246.544590] CPU: 0 PID: 17749 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3246.545701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3246.546839] Call Trace: [ 3246.547211] [ 3246.547537] dump_stack_lvl+0xc1/0xf0 [ 3246.548108] should_fail_ex+0x4b4/0x5b0 [ 3246.548633] loop0: detected capacity change from 0 to 512 [ 3246.548676] __should_fail_alloc_page+0xe0/0x110 [ 3246.549738] prepare_alloc_pages+0x178/0x500 [ 3246.550413] __alloc_pages+0x149/0x480 [ 3246.550980] ? __pfx_lock_release+0x10/0x10 [ 3246.551592] ? __pfx___alloc_pages+0x10/0x10 [ 3246.552264] ? kmem_cache_alloc_node+0x345/0x3b0 [ 3246.552889] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3246.552948] copy_process+0x456/0x7320 [ 3246.553580] EXT4-fs (loop0): group descriptors corrupted! [ 3246.554099] ? lock_acquire+0x19a/0x4c0 [ 3246.555095] ? find_held_lock+0x2c/0x110 [ 3246.555712] ? __might_fault+0xe2/0x190 [ 3246.556314] ? lock_release+0x1e3/0x680 [ 3246.556910] ? __pfx_copy_process+0x10/0x10 [ 3246.557564] ? _copy_from_user+0x5c/0xf0 [ 3246.558171] kernel_clone+0xeb/0x810 [ 3246.558777] ? ksys_write+0x122/0x250 [ 3246.559347] ? __pfx_kernel_clone+0x10/0x10 [ 3246.560011] ? lock_is_held_type+0x9f/0x120 [ 3246.560668] __do_sys_clone3+0x1d5/0x250 [ 3246.561284] ? __pfx___do_sys_clone3+0x10/0x10 [ 3246.561997] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.562866] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3246.563716] ? fput+0x2f/0x1a0 [ 3246.564214] ? __pfx_ksys_write+0x10/0x10 [ 3246.564825] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3246.565574] ? syscall_enter_from_user_mode+0x21/0x50 [ 3246.566366] do_syscall_64+0x3f/0x90 [ 3246.566935] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3246.567662] RIP: 0033:0x7f729f431b19 [ 3246.568197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3246.570673] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3246.571721] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3246.572702] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3246.573682] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3246.574666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3246.575656] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3246.576668] 00:36:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200"], 0x1a) 00:36:51 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) 00:36:51 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:52 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) 00:36:52 executing program 7: socket$nl_route(0x10, 0x3, 0x0) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:36:52 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) 00:36:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f0000012800)=ANY=[]) 00:36:52 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3260.413760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3260.431021] loop0: detected capacity change from 0 to 512 [ 3260.472692] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3260.474571] EXT4-fs (loop0): group descriptors corrupted! [ 3260.499069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3260.502634] FAULT_INJECTION: forcing a failure. [ 3260.502634] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3260.504873] CPU: 0 PID: 17772 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3260.505272] FAULT_INJECTION: forcing a failure. [ 3260.505272] name failslab, interval 1, probability 0, space 0, times 0 [ 3260.505990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3260.506011] Call Trace: [ 3260.508486] [ 3260.508832] dump_stack_lvl+0xc1/0xf0 [ 3260.509429] should_fail_ex+0x4b4/0x5b0 [ 3260.510036] __should_fail_alloc_page+0xe0/0x110 [ 3260.510771] prepare_alloc_pages+0x178/0x500 [ 3260.511451] __alloc_pages+0x149/0x480 [ 3260.512044] ? __pfx_lock_release+0x10/0x10 [ 3260.512693] ? __pfx___alloc_pages+0x10/0x10 [ 3260.513383] ? kmem_cache_alloc_node+0x345/0x3b0 [ 3260.514103] copy_process+0x456/0x7320 [ 3260.514749] ? lock_acquire+0x19a/0x4c0 [ 3260.515354] ? find_held_lock+0x2c/0x110 [ 3260.515977] ? __might_fault+0xe2/0x190 [ 3260.516592] ? lock_release+0x1e3/0x680 [ 3260.517208] ? __pfx_copy_process+0x10/0x10 [ 3260.517863] ? __might_fault+0xb7/0x190 [ 3260.518495] ? _copy_from_user+0x5c/0xf0 [ 3260.519112] kernel_clone+0xeb/0x810 [ 3260.519686] ? ksys_write+0x122/0x250 [ 3260.520270] ? __pfx_kernel_clone+0x10/0x10 [ 3260.520941] ? lock_is_held_type+0x9f/0x120 [ 3260.521611] __do_sys_clone3+0x1d5/0x250 [ 3260.522233] ? __pfx___do_sys_clone3+0x10/0x10 [ 3260.522963] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.523828] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.524691] ? fput+0x2f/0x1a0 [ 3260.525193] ? __pfx_ksys_write+0x10/0x10 [ 3260.525812] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.526588] ? syscall_enter_from_user_mode+0x21/0x50 [ 3260.527363] do_syscall_64+0x3f/0x90 [ 3260.527946] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3260.528702] RIP: 0033:0x7fefd8f24b19 [ 3260.529255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3260.531721] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3260.532727] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3260.533674] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3260.534637] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3260.535579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3260.536534] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3260.537512] [ 3260.537845] CPU: 1 PID: 17774 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3260.538389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3260.538883] Call Trace: [ 3260.539049] [ 3260.539199] dump_stack_lvl+0xc1/0xf0 [ 3260.539473] should_fail_ex+0x4b4/0x5b0 [ 3260.539735] ? prepare_creds+0x2f/0x6f0 [ 3260.539993] should_failslab+0x9/0x20 [ 3260.540248] kmem_cache_alloc+0x61/0x390 [ 3260.540523] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.540852] ? get_random_u64+0x394/0x660 [ 3260.541124] prepare_creds+0x2f/0x6f0 [ 3260.541375] copy_creds+0x7a/0xbd0 [ 3260.541614] copy_process+0xe2a/0x7320 [ 3260.541872] ? lock_acquire+0x19a/0x4c0 [ 3260.542128] ? find_held_lock+0x2c/0x110 [ 3260.542413] ? __pfx_copy_process+0x10/0x10 [ 3260.542704] ? _copy_from_user+0x5c/0xf0 [ 3260.542970] kernel_clone+0xeb/0x810 [ 3260.543216] ? ksys_write+0x122/0x250 [ 3260.543465] ? __pfx_kernel_clone+0x10/0x10 [ 3260.543751] ? lock_is_held_type+0x9f/0x120 [ 3260.544039] __do_sys_clone3+0x1d5/0x250 [ 3260.544309] ? __pfx___do_sys_clone3+0x10/0x10 [ 3260.544623] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.544996] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.545371] ? fput+0x2f/0x1a0 [ 3260.545588] ? ksys_write+0x19e/0x250 [ 3260.545833] ? __pfx_ksys_write+0x10/0x10 [ 3260.546098] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.546438] ? syscall_enter_from_user_mode+0x21/0x50 [ 3260.546771] do_syscall_64+0x3f/0x90 [ 3260.547026] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3260.547353] RIP: 0033:0x7f729f431b19 [ 3260.547591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3260.548658] RSP: 002b:00007f729c986188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3260.549121] RAX: ffffffffffffffda RBX: 00007f729f545020 RCX: 00007f729f431b19 [ 3260.549552] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3260.549986] RBP: 00007f729c9861d0 R08: 0000000000000000 R09: 0000000000000000 [ 3260.550422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3260.550858] R13: 00007ffe00c6649f R14: 00007f729c986300 R15: 0000000000022000 [ 3260.551299] 00:36:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3260.586562] loop0: detected capacity change from 0 to 512 [ 3260.593287] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3260.593866] EXT4-fs (loop0): group descriptors corrupted! 00:36:52 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) 00:36:52 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) [ 3260.643268] FAULT_INJECTION: forcing a failure. [ 3260.643268] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3260.644429] CPU: 1 PID: 17781 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3260.644964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3260.645472] Call Trace: [ 3260.645644] [ 3260.645800] dump_stack_lvl+0xc1/0xf0 [ 3260.646079] should_fail_ex+0x4b4/0x5b0 [ 3260.646361] __should_fail_alloc_page+0xe0/0x110 [ 3260.646705] prepare_alloc_pages+0x178/0x500 [ 3260.647021] __alloc_pages+0x149/0x480 [ 3260.647291] ? __pfx___alloc_pages+0x10/0x10 [ 3260.647591] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3260.647952] ? memcpy_orig+0x70/0x140 [ 3260.648225] copy_process+0x456/0x7320 [ 3260.648505] ? lock_acquire+0x19a/0x4c0 [ 3260.648782] ? find_held_lock+0x2c/0x110 [ 3260.649064] ? __might_fault+0xe2/0x190 [ 3260.649342] ? lock_release+0x1e3/0x680 [ 3260.649618] ? __pfx_copy_process+0x10/0x10 [ 3260.649930] ? _copy_from_user+0x5c/0xf0 [ 3260.650211] kernel_clone+0xeb/0x810 [ 3260.650496] ? ksys_write+0x122/0x250 [ 3260.650756] ? __pfx_kernel_clone+0x10/0x10 [ 3260.651064] ? lock_is_held_type+0x9f/0x120 [ 3260.651369] __do_sys_clone3+0x1d5/0x250 [ 3260.651648] ? __pfx___do_sys_clone3+0x10/0x10 [ 3260.651971] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.652363] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.652752] ? fput+0x2f/0x1a0 [ 3260.652986] ? __pfx_ksys_write+0x10/0x10 [ 3260.653264] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.653604] ? syscall_enter_from_user_mode+0x21/0x50 [ 3260.653954] do_syscall_64+0x3f/0x90 [ 3260.654219] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3260.654571] RIP: 0033:0x7f89ec184b19 [ 3260.654816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3260.655924] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3260.656402] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3260.656847] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3260.657292] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3260.657737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3260.658187] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3260.658659] 00:36:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:36:52 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:36:52 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3260.690705] loop0: detected capacity change from 0 to 512 [ 3260.694069] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3260.694724] EXT4-fs (loop0): group descriptors corrupted! 00:36:52 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) [ 3260.750718] FAULT_INJECTION: forcing a failure. [ 3260.750718] name failslab, interval 1, probability 0, space 0, times 0 [ 3260.752621] CPU: 0 PID: 17787 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3260.753590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3260.754554] Call Trace: [ 3260.754876] [ 3260.755154] dump_stack_lvl+0xc1/0xf0 [ 3260.755645] should_fail_ex+0x4b4/0x5b0 [ 3260.756143] ? prepare_creds+0x2f/0x6f0 [ 3260.756643] should_failslab+0x9/0x20 [ 3260.757113] kmem_cache_alloc+0x61/0x390 [ 3260.757614] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.757748] FAULT_INJECTION: forcing a failure. [ 3260.757748] name failslab, interval 1, probability 0, space 0, times 0 [ 3260.758235] ? get_random_u64+0x394/0x660 [ 3260.758281] prepare_creds+0x2f/0x6f0 [ 3260.758320] copy_creds+0x7a/0xbd0 [ 3260.758363] copy_process+0xe2a/0x7320 [ 3260.760848] ? lock_acquire+0x19a/0x4c0 [ 3260.761335] ? find_held_lock+0x2c/0x110 [ 3260.761857] ? __pfx_copy_process+0x10/0x10 [ 3260.762410] ? _copy_from_user+0x5c/0xf0 [ 3260.762907] kernel_clone+0xeb/0x810 [ 3260.763373] ? ksys_write+0x122/0x250 [ 3260.763840] ? __pfx_kernel_clone+0x10/0x10 [ 3260.764379] ? lock_is_held_type+0x9f/0x120 [ 3260.764916] __do_sys_clone3+0x1d5/0x250 [ 3260.765422] ? __pfx___do_sys_clone3+0x10/0x10 [ 3260.766001] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.766709] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.767409] ? fput+0x2f/0x1a0 [ 3260.767817] ? __pfx_ksys_write+0x10/0x10 [ 3260.768314] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.768933] ? syscall_enter_from_user_mode+0x21/0x50 [ 3260.769557] do_syscall_64+0x3f/0x90 [ 3260.770026] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3260.770659] RIP: 0033:0x7fefd8f24b19 [ 3260.771102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3260.773153] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3260.774027] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3260.774850] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3260.775659] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3260.776476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3260.777294] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3260.778129] [ 3260.778426] CPU: 1 PID: 17791 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3260.778975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3260.779494] Call Trace: [ 3260.779667] [ 3260.779823] dump_stack_lvl+0xc1/0xf0 [ 3260.780093] should_fail_ex+0x4b4/0x5b0 [ 3260.780374] ? prepare_creds+0x2f/0x6f0 [ 3260.780644] should_failslab+0x9/0x20 [ 3260.780897] kmem_cache_alloc+0x61/0x390 [ 3260.781169] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3260.781530] prepare_creds+0x2f/0x6f0 [ 3260.781793] copy_creds+0x7a/0xbd0 [ 3260.782034] ? copy_creds+0x6/0xbd0 [ 3260.782291] copy_process+0xe2a/0x7320 [ 3260.782567] ? lock_acquire+0x19a/0x4c0 [ 3260.782831] ? find_held_lock+0x2c/0x110 [ 3260.783121] ? __pfx_copy_process+0x10/0x10 [ 3260.783421] ? _copy_from_user+0xcb/0xf0 [ 3260.783699] ? _copy_from_user+0x5c/0xf0 [ 3260.783972] kernel_clone+0xeb/0x810 [ 3260.784233] ? __pfx_kernel_clone+0x10/0x10 [ 3260.784537] ? lock_release+0x1e3/0x680 [ 3260.784804] ? __pfx_lock_release+0x10/0x10 [ 3260.785092] __do_sys_clone3+0x1d5/0x250 [ 3260.785367] ? __pfx___do_sys_clone3+0x10/0x10 [ 3260.785690] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.786080] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3260.786499] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3260.786840] ? syscall_enter_from_user_mode+0x21/0x50 [ 3260.787188] do_syscall_64+0x3f/0x90 [ 3260.787449] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3260.787785] RIP: 0033:0x7f89ec184b19 [ 3260.788037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3260.789152] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3260.789637] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3260.790078] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3260.790535] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3260.790975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3260.791417] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3260.791871] 00:37:03 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:37:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:37:03 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6) 00:37:03 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c2000000"], 0x1a) 00:37:03 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6) 00:37:03 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6) 00:37:03 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:37:03 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) [ 3272.376517] loop0: detected capacity change from 0 to 512 [ 3272.377043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3272.383756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3272.386411] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3272.387038] EXT4-fs (loop0): group descriptors corrupted! 00:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3272.529260] loop0: detected capacity change from 0 to 512 [ 3272.536069] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3272.537320] EXT4-fs (loop0): group descriptors corrupted! 00:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3272.612964] loop0: detected capacity change from 0 to 512 [ 3272.618030] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3272.618990] EXT4-fs (loop0): group descriptors corrupted! 00:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3272.685114] loop0: detected capacity change from 0 to 512 [ 3272.693445] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3272.694658] EXT4-fs (loop0): group descriptors corrupted! 00:37:04 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7) 00:37:04 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c2000000"], 0x1a) 00:37:04 executing program 7: syz_80211_inject_frame(0x0, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:37:04 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7) 00:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="0300", 0x2, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3272.856031] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3272.873469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3272.886878] FAULT_INJECTION: forcing a failure. [ 3272.886878] name failslab, interval 1, probability 0, space 0, times 0 [ 3272.888234] CPU: 1 PID: 17836 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3272.889201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3272.890165] Call Trace: [ 3272.890487] [ 3272.890788] dump_stack_lvl+0xc1/0xf0 [ 3272.891296] should_fail_ex+0x4b4/0x5b0 [ 3272.891803] ? security_prepare_creds+0x116/0x190 [ 3272.892425] should_failslab+0x9/0x20 [ 3272.892910] __kmem_cache_alloc_node+0x66/0x310 [ 3272.893492] ? security_prepare_creds+0x116/0x190 [ 3272.894105] ? security_prepare_creds+0x116/0x190 [ 3272.894744] __kmalloc+0x4d/0x160 [ 3272.895186] security_prepare_creds+0x116/0x190 [ 3272.895782] prepare_creds+0x509/0x6f0 [ 3272.896284] copy_creds+0x7a/0xbd0 [ 3272.896746] copy_process+0xe2a/0x7320 [ 3272.897244] ? lock_acquire+0x19a/0x4c0 [ 3272.897742] ? find_held_lock+0x2c/0x110 [ 3272.898273] ? __pfx_copy_process+0x10/0x10 [ 3272.898858] ? _copy_from_user+0x5c/0xf0 [ 3272.899374] kernel_clone+0xeb/0x810 [ 3272.899849] ? ksys_write+0x122/0x250 [ 3272.900326] ? __pfx_kernel_clone+0x10/0x10 [ 3272.900878] ? lock_is_held_type+0x9f/0x120 [ 3272.901429] __do_sys_clone3+0x1d5/0x250 [ 3272.901953] ? __pfx___do_sys_clone3+0x10/0x10 [ 3272.902595] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3272.902766] FAULT_INJECTION: forcing a failure. [ 3272.902766] name failslab, interval 1, probability 0, space 0, times 0 [ 3272.903306] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3272.903353] ? fput+0x2f/0x1a0 [ 3272.903395] ? __pfx_ksys_write+0x10/0x10 [ 3272.903431] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3272.903467] ? syscall_enter_from_user_mode+0x21/0x50 [ 3272.903517] do_syscall_64+0x3f/0x90 [ 3272.903565] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3272.903600] RIP: 0033:0x7f729f431b19 [ 3272.909239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3272.911408] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3272.912353] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3272.913224] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3272.914105] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3272.915030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3272.915925] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3272.916837] [ 3272.917145] CPU: 0 PID: 17834 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3272.918221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3272.919273] Call Trace: [ 3272.919619] [ 3272.919921] dump_stack_lvl+0xc1/0xf0 [ 3272.920456] should_fail_ex+0x4b4/0x5b0 [ 3272.920987] ? security_prepare_creds+0x116/0x190 00:37:04 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:37:04 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7) [ 3272.921634] should_failslab+0x9/0x20 [ 3272.922296] __kmem_cache_alloc_node+0x66/0x310 [ 3272.922937] ? security_prepare_creds+0x116/0x190 [ 3272.923583] ? security_prepare_creds+0x116/0x190 [ 3272.924205] __kmalloc+0x4d/0x160 [ 3272.924668] security_prepare_creds+0x116/0x190 [ 3272.925271] prepare_creds+0x509/0x6f0 [ 3272.925782] copy_creds+0x7a/0xbd0 [ 3272.926254] copy_process+0xe2a/0x7320 [ 3272.926773] ? lock_acquire+0x19a/0x4c0 [ 3272.927276] ? find_held_lock+0x2c/0x110 [ 3272.927824] ? __pfx_copy_process+0x10/0x10 [ 3272.928391] ? _copy_from_user+0x5c/0xf0 [ 3272.928928] kernel_clone+0xeb/0x810 [ 3272.929414] ? ksys_write+0x122/0x250 [ 3272.929915] ? __pfx_kernel_clone+0x10/0x10 [ 3272.930477] ? lock_is_held_type+0x9f/0x120 [ 3272.931064] __do_sys_clone3+0x1d5/0x250 [ 3272.931589] ? __pfx___do_sys_clone3+0x10/0x10 [ 3272.932206] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3272.932946] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3272.933691] ? fput+0x2f/0x1a0 [ 3272.934120] ? __pfx_ksys_write+0x10/0x10 [ 3272.934675] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3272.935357] ? syscall_enter_from_user_mode+0x21/0x50 [ 3272.936037] do_syscall_64+0x3f/0x90 [ 3272.936563] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3272.937229] RIP: 0033:0x7f89ec184b19 [ 3272.937717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3272.939988] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3272.940456] loop0: detected capacity change from 0 to 512 [ 3272.940932] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3272.940953] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3272.943436] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3272.944336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3272.945227] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3272.946147] [ 3272.956000] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3272.957268] EXT4-fs (loop0): group descriptors corrupted! 00:37:04 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3272.995809] FAULT_INJECTION: forcing a failure. [ 3272.995809] name failslab, interval 1, probability 0, space 0, times 0 [ 3272.997599] CPU: 1 PID: 17840 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3272.998590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3272.999555] Call Trace: [ 3272.999876] [ 3273.000162] dump_stack_lvl+0xc1/0xf0 [ 3273.000672] should_fail_ex+0x4b4/0x5b0 [ 3273.001178] ? security_prepare_creds+0x116/0x190 [ 3273.001793] should_failslab+0x9/0x20 [ 3273.002274] __kmem_cache_alloc_node+0x66/0x310 [ 3273.002883] ? security_prepare_creds+0x116/0x190 [ 3273.003514] ? security_prepare_creds+0x116/0x190 [ 3273.004147] __kmalloc+0x4d/0x160 [ 3273.004602] security_prepare_creds+0x116/0x190 [ 3273.005208] prepare_creds+0x509/0x6f0 [ 3273.005711] copy_creds+0x7a/0xbd0 [ 3273.006178] copy_process+0xe2a/0x7320 [ 3273.006714] ? lock_acquire+0x19a/0x4c0 [ 3273.007212] ? find_held_lock+0x2c/0x110 [ 3273.007752] ? __pfx_copy_process+0x10/0x10 [ 3273.008316] ? _copy_from_user+0x5c/0xf0 [ 3273.008842] kernel_clone+0xeb/0x810 [ 3273.009346] ? ksys_write+0x122/0x250 [ 3273.009851] ? __pfx_kernel_clone+0x10/0x10 [ 3273.010437] ? lock_is_held_type+0x9f/0x120 [ 3273.011030] __do_sys_clone3+0x1d5/0x250 [ 3273.011565] ? __pfx___do_sys_clone3+0x10/0x10 [ 3273.012180] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3273.012925] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3273.013668] ? fput+0x2f/0x1a0 [ 3273.014105] ? __pfx_ksys_write+0x10/0x10 [ 3273.014651] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3273.015317] ? syscall_enter_from_user_mode+0x21/0x50 [ 3273.015990] do_syscall_64+0x3f/0x90 [ 3273.016499] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3273.017158] RIP: 0033:0x7fefd8f24b19 [ 3273.017629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3273.019830] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3273.020759] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3273.021629] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3273.022495] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3273.023391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3273.024271] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3273.025178] 00:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:37:04 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8) 00:37:04 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8) [ 3273.103361] loop0: detected capacity change from 0 to 512 [ 3273.114624] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3273.115830] EXT4-fs (loop0): group descriptors corrupted! 00:37:04 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8) 00:37:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3273.320788] loop0: detected capacity change from 0 to 512 [ 3273.333309] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3273.334476] EXT4-fs (loop0): group descriptors corrupted! 00:37:17 executing program 7: syz_80211_inject_frame(0x0, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:37:17 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9) [ 3285.450587] loop0: detected capacity change from 0 to 512 [ 3285.466023] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3285.466657] EXT4-fs (loop0): group descriptors corrupted! 00:37:17 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9) 00:37:17 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:37:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c2000000"], 0x1a) 00:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:37:17 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9) 00:37:17 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3285.479909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3285.543071] FAULT_INJECTION: forcing a failure. [ 3285.543071] name failslab, interval 1, probability 0, space 0, times 0 [ 3285.544830] CPU: 0 PID: 17879 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3285.545846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3285.546828] Call Trace: [ 3285.547154] [ 3285.547446] dump_stack_lvl+0xc1/0xf0 [ 3285.547954] should_fail_ex+0x4b4/0x5b0 [ 3285.548471] ? dup_fd+0x8d/0xcf0 [ 3285.548922] should_failslab+0x9/0x20 [ 3285.549415] kmem_cache_alloc+0x61/0x390 [ 3285.549935] ? __pfx_avc_has_perm+0x10/0x10 [ 3285.550506] dup_fd+0x8d/0xcf0 [ 3285.550959] ? __pfx_audit_alloc+0x10/0x10 [ 3285.551509] ? security_task_alloc+0xea/0x260 [ 3285.552101] copy_process+0x1f7e/0x7320 [ 3285.552627] ? lock_acquire+0x19a/0x4c0 [ 3285.553156] ? __pfx_copy_process+0x10/0x10 [ 3285.553740] ? _copy_from_user+0x5c/0xf0 [ 3285.554289] kernel_clone+0xeb/0x810 [ 3285.554802] ? ksys_write+0x122/0x250 [ 3285.555308] ? __pfx_kernel_clone+0x10/0x10 [ 3285.555896] ? lock_is_held_type+0x9f/0x120 [ 3285.556480] __do_sys_clone3+0x1d5/0x250 [ 3285.557026] ? __pfx___do_sys_clone3+0x10/0x10 [ 3285.557657] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3285.558431] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3285.559178] ? fput+0x2f/0x1a0 [ 3285.559632] ? __pfx_ksys_write+0x10/0x10 [ 3285.560161] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3285.560838] ? syscall_enter_from_user_mode+0x21/0x50 [ 3285.561497] do_syscall_64+0x3f/0x90 [ 3285.562009] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3285.562645] RIP: 0033:0x7f89ec184b19 [ 3285.563147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3285.565370] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3285.566283] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3285.567181] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3285.568059] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3285.568939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3285.569818] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3285.570740] [ 3285.574452] FAULT_INJECTION: forcing a failure. [ 3285.574452] name failslab, interval 1, probability 0, space 0, times 0 [ 3285.576491] CPU: 0 PID: 17880 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3285.577469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3285.578431] Call Trace: [ 3285.578771] [ 3285.579064] dump_stack_lvl+0xc1/0xf0 [ 3285.579562] should_fail_ex+0x4b4/0x5b0 [ 3285.580070] ? dup_fd+0x8d/0xcf0 [ 3285.580515] should_failslab+0x9/0x20 [ 3285.580993] kmem_cache_alloc+0x61/0x390 [ 3285.581517] ? __pfx_avc_has_perm+0x10/0x10 [ 3285.582075] dup_fd+0x8d/0xcf0 [ 3285.582502] ? __pfx_audit_alloc+0x10/0x10 [ 3285.583071] ? security_task_alloc+0xea/0x260 [ 3285.583667] copy_process+0x1f7e/0x7320 00:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3285.584184] ? lock_acquire+0x19a/0x4c0 [ 3285.584896] ? __pfx_copy_process+0x10/0x10 [ 3285.585473] ? _copy_from_user+0x5c/0xf0 [ 3285.585786] loop0: detected capacity change from 0 to 512 [ 3285.585980] kernel_clone+0xeb/0x810 [ 3285.586821] ? ksys_write+0x122/0x250 [ 3285.587318] ? __pfx_kernel_clone+0x10/0x10 [ 3285.587879] ? lock_is_held_type+0x9f/0x120 [ 3285.588437] __do_sys_clone3+0x1d5/0x250 [ 3285.588960] ? __pfx___do_sys_clone3+0x10/0x10 [ 3285.589570] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3285.590291] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3285.591028] ? fput+0x2f/0x1a0 [ 3285.591455] ? __pfx_ksys_write+0x10/0x10 [ 3285.591979] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3285.592622] ? syscall_enter_from_user_mode+0x21/0x50 [ 3285.593283] do_syscall_64+0x3f/0x90 [ 3285.593785] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3285.594422] RIP: 0033:0x7fefd8f24b19 [ 3285.594899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:37:17 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3285.597032] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3285.597982] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3285.598846] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3285.599689] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3285.600553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3285.601407] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3285.602290] [ 3285.604181] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3285.604886] EXT4-fs (loop0): group descriptors corrupted! [ 3285.621403] FAULT_INJECTION: forcing a failure. [ 3285.621403] name failslab, interval 1, probability 0, space 0, times 0 [ 3285.622144] CPU: 1 PID: 17886 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3285.622719] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3285.623280] Call Trace: [ 3285.623459] [ 3285.623625] dump_stack_lvl+0xc1/0xf0 [ 3285.623915] should_fail_ex+0x4b4/0x5b0 [ 3285.624216] ? dup_fd+0x8d/0xcf0 [ 3285.624484] should_failslab+0x9/0x20 [ 3285.624771] kmem_cache_alloc+0x61/0x390 [ 3285.625064] ? __pfx_avc_has_perm+0x10/0x10 [ 3285.625397] dup_fd+0x8d/0xcf0 [ 3285.625633] ? __pfx_audit_alloc+0x10/0x10 [ 3285.625955] ? security_task_alloc+0xea/0x260 [ 3285.626284] copy_process+0x1f7e/0x7320 [ 3285.626596] ? lock_acquire+0x19a/0x4c0 [ 3285.626907] ? __pfx_copy_process+0x10/0x10 [ 3285.627236] ? _copy_from_user+0x5c/0xf0 [ 3285.627533] kernel_clone+0xeb/0x810 [ 3285.627807] ? ksys_write+0x122/0x250 [ 3285.628073] ? __pfx_kernel_clone+0x10/0x10 [ 3285.628392] ? lock_is_held_type+0x9f/0x120 [ 3285.628703] __do_sys_clone3+0x1d5/0x250 [ 3285.629012] ? __pfx___do_sys_clone3+0x10/0x10 [ 3285.629375] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3285.629777] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3285.630190] ? fput+0x2f/0x1a0 [ 3285.630422] ? ksys_write+0x19e/0x250 [ 3285.630702] ? __pfx_ksys_write+0x10/0x10 [ 3285.630989] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3285.631356] ? syscall_enter_from_user_mode+0x21/0x50 [ 3285.631707] do_syscall_64+0x3f/0x90 [ 3285.631984] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3285.632343] RIP: 0033:0x7f729f431b19 [ 3285.632616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3285.633793] RSP: 002b:00007f729c986188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3285.634318] RAX: ffffffffffffffda RBX: 00007f729f545020 RCX: 00007f729f431b19 [ 3285.634853] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3285.635359] RBP: 00007f729c9861d0 R08: 0000000000000000 R09: 0000000000000000 [ 3285.635850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3285.636332] R13: 00007ffe00c6649f R14: 00007f729c986300 R15: 0000000000022000 [ 3285.636832] [ 3285.636934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3285.687235] loop0: detected capacity change from 0 to 512 [ 3285.693455] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3285.694104] EXT4-fs (loop0): group descriptors corrupted! 00:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1}], 0x0, &(0x7f0000012800)=ANY=[]) 00:37:17 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10) [ 3285.823135] loop0: detected capacity change from 0 to 512 [ 3285.838354] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3285.839023] EXT4-fs (loop0): group descriptors corrupted! 00:37:17 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:37:17 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10) 00:37:17 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10) 00:37:17 executing program 7: syz_80211_inject_frame(0x0, &(0x7f0000000100)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1}, {0x2}, @broadcast, @broadcast, @initial, {0x7, 0x6}}, @ntf_ch_w={0x7, 0x0, 0x1}}, 0x1b) 00:37:17 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3285.912731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="03", 0x1}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3285.961265] loop0: detected capacity change from 0 to 512 [ 3285.965342] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3285.966011] EXT4-fs (loop0): group descriptors corrupted! 00:37:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3286.061558] loop0: detected capacity change from 0 to 512 [ 3286.084613] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3288.655986] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 3288.659587] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 3288.661002] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 3288.665516] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 3288.670438] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 3288.671806] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 3290.693357] Bluetooth: hci0: command 0x0409 tx timeout [ 3292.549248] Bluetooth: hci3: command 0x0406 tx timeout [ 3292.741265] Bluetooth: hci0: command 0x041b tx timeout [ 3294.789425] Bluetooth: hci0: command 0x040f tx timeout [ 3296.837227] Bluetooth: hci0: command 0x0419 tx timeout [ 3307.539264] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3307.539791] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3307.559920] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3307.560448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3307.755424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:37:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c20000"], 0x1a) 00:37:52 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11) 00:37:52 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:37:52 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11) [ 3321.264979] loop0: detected capacity change from 0 to 512 00:37:52 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:37:52 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11) [ 3321.288094] FAULT_INJECTION: forcing a failure. [ 3321.288094] name failslab, interval 1, probability 0, space 0, times 0 [ 3321.288934] CPU: 1 PID: 18389 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3321.289483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3321.290022] Call Trace: [ 3321.290204] [ 3321.290367] dump_stack_lvl+0xc1/0xf0 [ 3321.290650] should_fail_ex+0x4b4/0x5b0 [ 3321.290932] should_failslab+0x9/0x20 [ 3321.291200] __kmem_cache_alloc_node+0x66/0x310 [ 3321.291531] ? alloc_fdtable+0x84/0x280 [ 3321.291809] ? do_raw_spin_lock+0x125/0x270 [ 3321.292121] kmalloc_trace+0x26/0xc0 [ 3321.292385] alloc_fdtable+0x84/0x280 [ 3321.292657] dup_fd+0x751/0xcf0 [ 3321.292906] ? security_task_alloc+0xea/0x260 [ 3321.293226] copy_process+0x1f7e/0x7320 [ 3321.293532] ? lock_acquire+0x19a/0x4c0 [ 3321.293816] ? __pfx_copy_process+0x10/0x10 [ 3321.294128] ? _copy_from_user+0x5c/0xf0 [ 3321.294416] kernel_clone+0xeb/0x810 [ 3321.294680] ? ksys_write+0x122/0x250 [ 3321.294941] ? __pfx_kernel_clone+0x10/0x10 [ 3321.295269] ? lock_is_held_type+0x9f/0x120 [ 3321.295588] __do_sys_clone3+0x1d5/0x250 [ 3321.295887] ? __pfx___do_sys_clone3+0x10/0x10 [ 3321.296238] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3321.296669] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3321.297092] ? fput+0x2f/0x1a0 [ 3321.297342] ? __pfx_ksys_write+0x10/0x10 [ 3321.297640] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3321.298017] ? syscall_enter_from_user_mode+0x21/0x50 [ 3321.298399] do_syscall_64+0x3f/0x90 [ 3321.298671] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3321.299044] RIP: 0033:0x7fefd8f24b19 [ 3321.299321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3321.299915] FAULT_INJECTION: forcing a failure. [ 3321.299915] name failslab, interval 1, probability 0, space 0, times 0 [ 3321.300564] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3321.300582] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3321.300594] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 00:37:52 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) 00:37:52 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3321.300604] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3321.300614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3321.300624] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3321.300647] [ 3321.307700] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3321.308645] CPU: 0 PID: 18390 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3321.309993] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3321.310026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3321.314677] Call Trace: [ 3321.315047] [ 3321.315374] dump_stack_lvl+0xc1/0xf0 [ 3321.315926] should_fail_ex+0x4b4/0x5b0 [ 3321.316495] should_failslab+0x9/0x20 [ 3321.317030] __kmem_cache_alloc_node+0x66/0x310 [ 3321.317695] ? alloc_fdtable+0x84/0x280 [ 3321.318267] ? do_raw_spin_lock+0x125/0x270 [ 3321.318881] kmalloc_trace+0x26/0xc0 [ 3321.319441] alloc_fdtable+0x84/0x280 [ 3321.319999] dup_fd+0x751/0xcf0 [ 3321.320494] ? security_task_alloc+0xea/0x260 [ 3321.321151] copy_process+0x1f7e/0x7320 [ 3321.321728] ? lock_acquire+0x19a/0x4c0 [ 3321.322322] ? __pfx_copy_process+0x10/0x10 [ 3321.322947] ? _copy_from_user+0x5c/0xf0 [ 3321.323544] kernel_clone+0xeb/0x810 [ 3321.324076] ? ksys_write+0x122/0x250 [ 3321.324622] ? __pfx_kernel_clone+0x10/0x10 [ 3321.325224] ? lock_is_held_type+0x9f/0x120 [ 3321.325854] __do_sys_clone3+0x1d5/0x250 [ 3321.326446] ? __pfx___do_sys_clone3+0x10/0x10 [ 3321.327132] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3321.327977] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3321.328789] ? fput+0x2f/0x1a0 [ 3321.329243] ? __pfx_ksys_write+0x10/0x10 [ 3321.329821] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3321.330554] ? syscall_enter_from_user_mode+0x21/0x50 [ 3321.331289] do_syscall_64+0x3f/0x90 [ 3321.331838] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3321.332550] RIP: 0033:0x7f89ec184b19 [ 3321.333071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3321.335464] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3321.336490] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3321.337460] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3321.338416] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3321.339391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3321.340344] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3321.341322] 00:37:52 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12) [ 3321.346997] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3321.360028] FAULT_INJECTION: forcing a failure. [ 3321.360028] name failslab, interval 1, probability 0, space 0, times 0 [ 3321.360887] CPU: 1 PID: 18383 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3321.361431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3321.361965] Call Trace: [ 3321.362144] [ 3321.362302] dump_stack_lvl+0xc1/0xf0 [ 3321.362583] should_fail_ex+0x4b4/0x5b0 [ 3321.362873] should_failslab+0x9/0x20 [ 3321.363135] __kmem_cache_alloc_node+0x66/0x310 [ 3321.363488] ? alloc_fdtable+0x84/0x280 [ 3321.363770] ? do_raw_spin_lock+0x125/0x270 [ 3321.364075] kmalloc_trace+0x26/0xc0 [ 3321.364338] alloc_fdtable+0x84/0x280 [ 3321.364612] dup_fd+0x751/0xcf0 [ 3321.364851] ? security_task_alloc+0xea/0x260 [ 3321.365171] copy_process+0x1f7e/0x7320 [ 3321.365446] ? lock_acquire+0x19a/0x4c0 [ 3321.365734] ? __pfx_copy_process+0x10/0x10 [ 3321.366037] ? _copy_from_user+0x5c/0xf0 [ 3321.366326] kernel_clone+0xeb/0x810 [ 3321.366590] ? ksys_write+0x122/0x250 [ 3321.366851] ? __pfx_kernel_clone+0x10/0x10 [ 3321.367165] ? lock_is_held_type+0x9f/0x120 [ 3321.367475] __do_sys_clone3+0x1d5/0x250 [ 3321.367763] ? __pfx___do_sys_clone3+0x10/0x10 [ 3321.368092] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3321.368490] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3321.368891] ? fput+0x2f/0x1a0 [ 3321.369122] ? __pfx_ksys_write+0x10/0x10 [ 3321.369405] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3321.369781] ? syscall_enter_from_user_mode+0x21/0x50 [ 3321.370160] do_syscall_64+0x3f/0x90 [ 3321.370447] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3321.370814] RIP: 0033:0x7f729f431b19 [ 3321.371083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3321.372250] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3321.372772] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3321.373274] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3321.373773] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3321.374278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3321.374776] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3321.375312] 00:37:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3321.415835] loop0: detected capacity change from 0 to 512 [ 3321.424274] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:37:53 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:05 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13) 00:38:05 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12) 00:38:05 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:05 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12) 00:38:05 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:05 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c200"], 0x1a) 00:38:05 executing program 7: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3333.734667] loop0: detected capacity change from 0 to 512 [ 3333.759378] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3333.766403] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3333.781680] FAULT_INJECTION: forcing a failure. [ 3333.781680] name failslab, interval 1, probability 0, space 0, times 0 [ 3333.783537] CPU: 0 PID: 18420 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3333.784646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3333.785735] Call Trace: [ 3333.786094] [ 3333.786420] dump_stack_lvl+0xc1/0xf0 [ 3333.786982] should_fail_ex+0x4b4/0x5b0 [ 3333.787571] ? kvmalloc_node+0xaa/0x200 [ 3333.788144] should_failslab+0x9/0x20 [ 3333.788688] __kmem_cache_alloc_node+0x66/0x310 [ 3333.789353] ? kvmalloc_node+0xaa/0x200 [ 3333.789936] ? kvmalloc_node+0xaa/0x200 [ 3333.790510] __kmalloc_node+0x50/0x160 [ 3333.791070] kvmalloc_node+0xaa/0x200 [ 3333.791659] alloc_fdtable+0xd3/0x280 [ 3333.792237] dup_fd+0x751/0xcf0 [ 3333.792746] ? security_task_alloc+0xea/0x260 [ 3333.793423] copy_process+0x1f7e/0x7320 [ 3333.794016] ? lock_acquire+0x19a/0x4c0 [ 3333.794632] ? __pfx_copy_process+0x10/0x10 [ 3333.795294] ? _copy_from_user+0x5c/0xf0 [ 3333.795918] kernel_clone+0xeb/0x810 [ 3333.796484] ? ksys_write+0x122/0x250 [ 3333.797042] ? __pfx_kernel_clone+0x10/0x10 [ 3333.797705] ? lock_is_held_type+0x9f/0x120 [ 3333.798353] __do_sys_clone3+0x1d5/0x250 [ 3333.798957] ? __pfx___do_sys_clone3+0x10/0x10 [ 3333.799665] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3333.800521] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3333.801381] ? fput+0x2f/0x1a0 [ 3333.801892] ? __pfx_ksys_write+0x10/0x10 [ 3333.802501] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3333.803259] ? syscall_enter_from_user_mode+0x21/0x50 [ 3333.804025] do_syscall_64+0x3f/0x90 [ 3333.804595] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3333.805348] RIP: 0033:0x7fefd8f24b19 [ 3333.805877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3333.808397] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3333.809460] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3333.810440] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3333.811426] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3333.812415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3333.813384] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3333.814256] 00:38:05 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:05 executing program 7: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:05 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14) 00:38:05 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13) [ 3333.985430] loop0: detected capacity change from 0 to 512 [ 3333.998234] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3334.030764] FAULT_INJECTION: forcing a failure. [ 3334.030764] name failslab, interval 1, probability 0, space 0, times 0 [ 3334.031719] CPU: 1 PID: 18441 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3334.032216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3334.032705] Call Trace: [ 3334.032890] [ 3334.033041] dump_stack_lvl+0xc1/0xf0 [ 3334.033310] should_fail_ex+0x4b4/0x5b0 [ 3334.033577] ? kvmalloc_node+0xaa/0x200 [ 3334.033838] should_failslab+0x9/0x20 [ 3334.034083] __kmem_cache_alloc_node+0x66/0x310 [ 3334.034381] ? kvmalloc_node+0xaa/0x200 [ 3334.034642] ? kvmalloc_node+0xaa/0x200 [ 3334.034900] __kmalloc_node+0x50/0x160 [ 3334.035149] kvmalloc_node+0xaa/0x200 [ 3334.035451] alloc_fdtable+0xd3/0x280 [ 3334.035714] dup_fd+0x751/0xcf0 [ 3334.035938] ? security_task_alloc+0xea/0x260 [ 3334.036238] copy_process+0x1f7e/0x7320 [ 3334.036505] ? lock_acquire+0x19a/0x4c0 [ 3334.036768] ? __pfx_copy_process+0x10/0x10 [ 3334.037051] ? _copy_from_user+0x5c/0xf0 [ 3334.037315] kernel_clone+0xeb/0x810 [ 3334.037559] ? ksys_write+0x122/0x250 [ 3334.037820] ? __pfx_kernel_clone+0x10/0x10 [ 3334.038109] ? lock_is_held_type+0x9f/0x120 [ 3334.038428] __do_sys_clone3+0x1d5/0x250 [ 3334.038700] ? __pfx___do_sys_clone3+0x10/0x10 [ 3334.039037] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3334.039414] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3334.039778] ? fput+0x2f/0x1a0 [ 3334.040002] ? __pfx_ksys_write+0x10/0x10 [ 3334.040282] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3334.040617] ? syscall_enter_from_user_mode+0x21/0x50 [ 3334.040947] do_syscall_64+0x3f/0x90 [ 3334.041209] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3334.041540] RIP: 0033:0x7f729f431b19 [ 3334.041772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3334.042841] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3334.043324] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3334.043754] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3334.044199] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3334.044689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3334.045138] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3334.045597] 00:38:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3334.076939] loop0: detected capacity change from 0 to 512 00:38:05 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1c2"], 0x1a) [ 3334.080791] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:05 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14) [ 3334.148314] loop0: detected capacity change from 0 to 512 [ 3334.150394] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3334.170483] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3334.170523] FAULT_INJECTION: forcing a failure. [ 3334.170523] name failslab, interval 1, probability 0, space 0, times 0 [ 3334.172503] CPU: 1 PID: 18450 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3334.173003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3334.173567] Call Trace: [ 3334.173745] [ 3334.173894] dump_stack_lvl+0xc1/0xf0 [ 3334.174155] should_fail_ex+0x4b4/0x5b0 [ 3334.174415] should_failslab+0x9/0x20 [ 3334.174660] __kmem_cache_alloc_node+0x66/0x310 [ 3334.174957] ? alloc_fdtable+0x84/0x280 [ 3334.175222] ? do_raw_spin_lock+0x125/0x270 [ 3334.175525] kmalloc_trace+0x26/0xc0 [ 3334.175765] alloc_fdtable+0x84/0x280 [ 3334.176017] dup_fd+0x751/0xcf0 [ 3334.176245] ? security_task_alloc+0xea/0x260 [ 3334.176542] copy_process+0x1f7e/0x7320 [ 3334.176833] ? lock_acquire+0x19a/0x4c0 [ 3334.177099] ? __pfx_copy_process+0x10/0x10 [ 3334.177388] ? _copy_from_user+0x5c/0xf0 [ 3334.177677] kernel_clone+0xeb/0x810 [ 3334.177923] ? ksys_write+0x122/0x250 [ 3334.178171] ? __pfx_kernel_clone+0x10/0x10 [ 3334.178457] ? lock_is_held_type+0x9f/0x120 [ 3334.178754] __do_sys_clone3+0x1d5/0x250 [ 3334.179023] ? __pfx___do_sys_clone3+0x10/0x10 [ 3334.179363] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3334.179735] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3334.180103] ? fput+0x2f/0x1a0 [ 3334.180324] ? __pfx_ksys_write+0x10/0x10 [ 3334.180586] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3334.180921] ? syscall_enter_from_user_mode+0x21/0x50 [ 3334.181265] do_syscall_64+0x3f/0x90 [ 3334.181524] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3334.181846] RIP: 0033:0x7f729f431b19 [ 3334.182080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3334.183148] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3334.183637] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3334.184072] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3334.184518] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3334.184948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3334.185376] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3334.185822] 00:38:05 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13) 00:38:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3334.242868] loop0: detected capacity change from 0 to 512 [ 3334.244507] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:05 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15) [ 3334.288888] FAULT_INJECTION: forcing a failure. [ 3334.288888] name failslab, interval 1, probability 0, space 0, times 0 [ 3334.289965] CPU: 1 PID: 18455 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3334.290523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3334.291067] Call Trace: [ 3334.291242] [ 3334.291417] dump_stack_lvl+0xc1/0xf0 [ 3334.291680] should_fail_ex+0x4b4/0x5b0 [ 3334.291962] ? kvmalloc_node+0xaa/0x200 [ 3334.292227] should_failslab+0x9/0x20 [ 3334.292472] __kmem_cache_alloc_node+0x66/0x310 [ 3334.292771] ? kvmalloc_node+0xaa/0x200 [ 3334.293037] ? kvmalloc_node+0xaa/0x200 [ 3334.293297] __kmalloc_node+0x50/0x160 [ 3334.293547] kvmalloc_node+0xaa/0x200 [ 3334.293801] alloc_fdtable+0xd3/0x280 [ 3334.294067] dup_fd+0x751/0xcf0 [ 3334.294303] ? security_task_alloc+0xea/0x260 [ 3334.294608] copy_process+0x1f7e/0x7320 [ 3334.294900] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3334.295272] ? lock_acquire+0x19a/0x4c0 [ 3334.295570] ? __pfx_copy_process+0x10/0x10 [ 3334.295851] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3334.296240] ? __pfx___sanitizer_cov_trace_const_cmp8+0x10/0x10 [ 3334.296631] kernel_clone+0xeb/0x810 [ 3334.296877] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3334.297206] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3334.297539] ? __pfx_kernel_clone+0x10/0x10 [ 3334.297824] ? lock_is_held_type+0x9f/0x120 [ 3334.298126] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3334.298465] __do_sys_clone3+0x1d5/0x250 [ 3334.298737] ? __pfx___do_sys_clone3+0x10/0x10 [ 3334.299042] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3334.299427] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3334.299770] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3334.300114] ? syscall_enter_from_user_mode+0x21/0x50 [ 3334.300453] ? syscall_enter_from_user_mode+0x2b/0x50 [ 3334.300788] do_syscall_64+0x3f/0x90 [ 3334.301041] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3334.301365] RIP: 0033:0x7f89ec184b19 [ 3334.301602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3334.302700] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3334.303177] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3334.303630] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3334.304057] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3334.304499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3334.304927] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3334.305381] 00:38:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3334.404813] loop0: detected capacity change from 0 to 512 [ 3334.417740] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3348.406787] loop0: detected capacity change from 0 to 512 [ 3348.409061] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:20 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16) 00:38:20 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) 00:38:20 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48de1"], 0x1a) 00:38:20 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400), 0x0, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:20 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14) 00:38:20 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:20 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15) 00:38:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8", 0x2d, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:20 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) [ 3348.451889] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:38:20 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) [ 3348.478732] loop7: detected capacity change from 0 to 512 00:38:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8", 0x2d, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3348.500810] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 3348.502105] EXT4-fs (loop7): group descriptors corrupted! [ 3348.509978] FAULT_INJECTION: forcing a failure. [ 3348.509978] name failslab, interval 1, probability 0, space 0, times 0 [ 3348.511788] CPU: 0 PID: 18489 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3348.512876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3348.513963] Call Trace: [ 3348.514318] [ 3348.514636] dump_stack_lvl+0xc1/0xf0 [ 3348.515190] should_fail_ex+0x4b4/0x5b0 [ 3348.515773] ? kvmalloc_node+0xaa/0x200 [ 3348.516353] should_failslab+0x9/0x20 [ 3348.516884] __kmem_cache_alloc_node+0x66/0x310 [ 3348.517535] ? kvmalloc_node+0xaa/0x200 [ 3348.518105] ? kasan_set_track+0x25/0x30 [ 3348.518686] ? kvmalloc_node+0xaa/0x200 [ 3348.519257] __kmalloc_node+0x50/0x160 [ 3348.519815] kvmalloc_node+0xaa/0x200 [ 3348.520375] alloc_fdtable+0x13f/0x280 [ 3348.520940] dup_fd+0x751/0xcf0 [ 3348.521430] ? security_task_alloc+0xea/0x260 [ 3348.522079] copy_process+0x1f7e/0x7320 [ 3348.522651] ? lock_acquire+0x19a/0x4c0 [ 3348.523233] ? __pfx_copy_process+0x10/0x10 [ 3348.523882] ? _copy_from_user+0x5c/0xf0 [ 3348.524460] kernel_clone+0xeb/0x810 [ 3348.525000] ? ksys_write+0x122/0x250 [ 3348.525536] ? __pfx_kernel_clone+0x10/0x10 [ 3348.526169] ? lock_is_held_type+0x9f/0x120 [ 3348.526792] __do_sys_clone3+0x1d5/0x250 [ 3348.527375] ? __pfx___do_sys_clone3+0x10/0x10 [ 3348.528061] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3348.528868] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3348.529679] ? fput+0x2f/0x1a0 [ 3348.530160] ? __pfx_ksys_write+0x10/0x10 [ 3348.530743] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3348.531460] ? syscall_enter_from_user_mode+0x21/0x50 [ 3348.532208] do_syscall_64+0x3f/0x90 [ 3348.532748] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3348.533455] RIP: 0033:0x7fefd8f24b19 [ 3348.533974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3348.536333] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3348.537342] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3348.538279] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3348.538618] loop0: detected capacity change from 0 to 512 [ 3348.539209] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3348.540573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3348.541511] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3348.542476] 00:38:20 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3348.549488] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8", 0x2d, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:20 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 1) [ 3348.642046] loop0: detected capacity change from 0 to 512 [ 3348.646015] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:20 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3348.672385] FAULT_INJECTION: forcing a failure. [ 3348.672385] name failslab, interval 1, probability 0, space 0, times 0 [ 3348.673197] CPU: 1 PID: 18502 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3348.673753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3348.674308] Call Trace: [ 3348.674495] [ 3348.674658] dump_stack_lvl+0xc1/0xf0 [ 3348.674949] should_fail_ex+0x4b4/0x5b0 [ 3348.675239] should_failslab+0x9/0x20 [ 3348.675520] kmem_cache_alloc_lru+0x7a/0x680 [ 3348.675840] ? selinux_socket_create+0x9b/0x5b0 [ 3348.676174] ? sock_alloc_inode+0x27/0x1d0 [ 3348.676481] ? sock_alloc_inode+0x27/0x1d0 [ 3348.676783] sock_alloc_inode+0x27/0x1d0 [ 3348.677070] ? __pfx_sock_alloc_inode+0x10/0x10 [ 3348.677404] alloc_inode+0x63/0x240 [ 3348.677669] new_inode_pseudo+0x17/0x80 [ 3348.677958] sock_alloc+0x40/0x270 [ 3348.678216] __sock_create+0xc1/0x820 [ 3348.678497] __sys_socket+0x137/0x250 [ 3348.678772] ? __pfx___sys_socket+0x10/0x10 [ 3348.679076] ? ksys_write+0x19e/0x250 [ 3348.679358] ? __pfx_ksys_write+0x10/0x10 [ 3348.679679] __x64_sys_socket+0x73/0xb0 [ 3348.679964] ? syscall_enter_from_user_mode+0x21/0x50 [ 3348.680332] do_syscall_64+0x3f/0x90 [ 3348.680604] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3348.680972] RIP: 0033:0x7fcba4fd3197 [ 3348.681234] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3348.682471] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3348.682996] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3348.683483] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3348.683981] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3348.684471] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000001 [ 3348.684958] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3348.685455] [ 3348.685808] socket: no more sockets 00:38:32 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 2) 00:38:32 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:32 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17) 00:38:32 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f", 0x44, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:32 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16) 00:38:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd48d"], 0x1a) 00:38:32 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15) [ 3360.483108] loop0: detected capacity change from 0 to 512 [ 3360.498424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3360.505649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3360.513939] FAULT_INJECTION: forcing a failure. [ 3360.513939] name failslab, interval 1, probability 0, space 0, times 0 [ 3360.515700] CPU: 0 PID: 18528 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3360.516867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3360.517957] Call Trace: [ 3360.518318] [ 3360.518641] dump_stack_lvl+0xc1/0xf0 [ 3360.519211] should_fail_ex+0x4b4/0x5b0 [ 3360.519810] ? kvmalloc_node+0xaa/0x200 [ 3360.520398] should_failslab+0x9/0x20 [ 3360.520936] __kmem_cache_alloc_node+0x66/0x310 [ 3360.521594] ? kvmalloc_node+0xaa/0x200 [ 3360.522174] ? kasan_set_track+0x25/0x30 [ 3360.522758] ? kvmalloc_node+0xaa/0x200 [ 3360.523337] __kmalloc_node+0x50/0x160 [ 3360.523870] kvmalloc_node+0xaa/0x200 [ 3360.524405] alloc_fdtable+0x13f/0x280 [ 3360.524942] dup_fd+0x751/0xcf0 [ 3360.525420] ? security_task_alloc+0xea/0x260 [ 3360.526047] copy_process+0x1f7e/0x7320 [ 3360.526602] ? lock_acquire+0x19a/0x4c0 [ 3360.527160] ? __pfx_copy_process+0x10/0x10 [ 3360.527783] ? _copy_from_user+0x5c/0xf0 [ 3360.528340] kernel_clone+0xeb/0x810 [ 3360.528863] ? ksys_write+0x122/0x250 [ 3360.529385] ? __pfx_kernel_clone+0x10/0x10 [ 3360.529985] ? lock_is_held_type+0x9f/0x120 [ 3360.530582] __do_sys_clone3+0x1d5/0x250 [ 3360.531149] ? __pfx___do_sys_clone3+0x10/0x10 [ 3360.531839] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3360.532646] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3360.533458] ? fput+0x2f/0x1a0 [ 3360.533944] ? __pfx_ksys_write+0x10/0x10 [ 3360.534527] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3360.535251] ? syscall_enter_from_user_mode+0x21/0x50 [ 3360.535988] do_syscall_64+0x3f/0x90 [ 3360.536527] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3360.537244] RIP: 0033:0x7f89ec184b19 [ 3360.537761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3360.540148] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3360.541158] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3360.542109] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3360.543055] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3360.544026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3360.544981] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3360.545949] [ 3360.547996] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3360.549318] EXT4-fs (loop0): group descriptors corrupted! [ 3360.601892] perf: interrupt took too long (9815 > 9782), lowering kernel.perf_event_max_sample_rate to 20000 00:38:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4", 0x2e, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3360.618943] FAULT_INJECTION: forcing a failure. [ 3360.618943] name failslab, interval 1, probability 0, space 0, times 0 [ 3360.620660] CPU: 0 PID: 18526 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3360.621755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3360.622850] Call Trace: [ 3360.623216] [ 3360.623540] dump_stack_lvl+0xc1/0xf0 [ 3360.624113] should_fail_ex+0x4b4/0x5b0 [ 3360.624685] ? copy_fs_struct+0x49/0x350 [ 3360.625260] should_failslab+0x9/0x20 [ 3360.625794] kmem_cache_alloc+0x61/0x390 [ 3360.626378] copy_fs_struct+0x49/0x350 [ 3360.626939] copy_process+0x36a6/0x7320 [ 3360.627513] ? lock_acquire+0x19a/0x4c0 [ 3360.628128] ? __pfx_copy_process+0x10/0x10 [ 3360.628765] ? _copy_from_user+0x5c/0xf0 [ 3360.629326] kernel_clone+0xeb/0x810 [ 3360.629867] ? ksys_write+0x122/0x250 [ 3360.630408] ? __pfx_kernel_clone+0x10/0x10 [ 3360.631034] ? lock_is_held_type+0x9f/0x120 [ 3360.631666] __do_sys_clone3+0x1d5/0x250 [ 3360.632255] ? __pfx___do_sys_clone3+0x10/0x10 [ 3360.632930] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3360.633735] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3360.634547] ? fput+0x2f/0x1a0 [ 3360.635024] ? __pfx_ksys_write+0x10/0x10 [ 3360.635612] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3360.636365] ? syscall_enter_from_user_mode+0x21/0x50 [ 3360.637093] do_syscall_64+0x3f/0x90 [ 3360.637640] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3360.638352] RIP: 0033:0x7f729f431b19 [ 3360.638865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3360.641266] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3360.642291] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3360.643247] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3360.644213] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3360.645166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3360.646128] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3360.647107] 00:38:32 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16) [ 3360.727780] loop0: detected capacity change from 0 to 512 00:38:32 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18) [ 3360.740568] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4", 0x2e, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:45 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19) 00:38:45 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:45 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17) 00:38:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9bd4"], 0x1a) 00:38:45 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17) 00:38:45 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 3) 00:38:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4", 0x2e, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:45 executing program 2: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3373.871951] FAULT_INJECTION: forcing a failure. [ 3373.871951] name failslab, interval 1, probability 0, space 0, times 0 [ 3373.872809] CPU: 1 PID: 18555 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3373.873338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3373.873870] Call Trace: [ 3373.874052] [ 3373.874211] dump_stack_lvl+0xc1/0xf0 [ 3373.874494] should_fail_ex+0x4b4/0x5b0 [ 3373.874766] ? copy_process+0x20e8/0x7320 [ 3373.875056] should_failslab+0x9/0x20 [ 3373.875315] kmem_cache_alloc+0x61/0x390 [ 3373.875597] copy_process+0x20e8/0x7320 [ 3373.875904] ? lock_acquire+0x19a/0x4c0 [ 3373.876187] ? __pfx_copy_process+0x10/0x10 [ 3373.876496] ? _copy_from_user+0x5c/0xf0 [ 3373.876778] kernel_clone+0xeb/0x810 [ 3373.877045] ? ksys_write+0x122/0x250 [ 3373.877313] ? __pfx_kernel_clone+0x10/0x10 [ 3373.877620] ? lock_is_held_type+0x9f/0x120 [ 3373.877929] __do_sys_clone3+0x1d5/0x250 [ 3373.878211] ? __pfx___do_sys_clone3+0x10/0x10 [ 3373.878543] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3373.878943] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3373.879338] ? fput+0x2f/0x1a0 [ 3373.879572] ? __pfx_ksys_write+0x10/0x10 [ 3373.879865] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3373.880217] ? syscall_enter_from_user_mode+0x21/0x50 [ 3373.880575] do_syscall_64+0x3f/0x90 [ 3373.880842] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3373.881194] RIP: 0033:0x7f729f431b19 [ 3373.881445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3373.882665] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3373.883197] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3373.883707] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3373.884218] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3373.884728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3373.885233] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3373.885755] [ 3373.895127] FAULT_INJECTION: forcing a failure. [ 3373.895127] name failslab, interval 1, probability 0, space 0, times 0 [ 3373.896017] CPU: 1 PID: 18558 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3373.896579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3373.897147] Call Trace: [ 3373.897335] [ 3373.897500] dump_stack_lvl+0xc1/0xf0 [ 3373.897791] should_fail_ex+0x4b4/0x5b0 [ 3373.898087] ? copy_fs_struct+0x49/0x350 [ 3373.898395] should_failslab+0x9/0x20 [ 3373.898668] kmem_cache_alloc+0x61/0x390 [ 3373.898966] copy_fs_struct+0x49/0x350 [ 3373.899262] copy_process+0x36a6/0x7320 [ 3373.899565] ? lock_acquire+0x19a/0x4c0 [ 3373.899869] ? __pfx_copy_process+0x10/0x10 [ 3373.900192] ? _copy_from_user+0x5c/0xf0 [ 3373.900494] kernel_clone+0xeb/0x810 [ 3373.900774] ? ksys_write+0x122/0x250 [ 3373.901049] ? __pfx_kernel_clone+0x10/0x10 [ 3373.901368] ? lock_is_held_type+0x9f/0x120 [ 3373.901687] __do_sys_clone3+0x1d5/0x250 [ 3373.901991] ? __pfx___do_sys_clone3+0x10/0x10 [ 3373.902341] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3373.902763] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3373.903158] ? fput+0x2f/0x1a0 [ 3373.903405] ? __pfx_ksys_write+0x10/0x10 [ 3373.903688] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3373.904074] ? syscall_enter_from_user_mode+0x21/0x50 [ 3373.904443] do_syscall_64+0x3f/0x90 [ 3373.904727] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3373.905098] RIP: 0033:0x7f89ec184b19 [ 3373.905369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3373.906621] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3373.907145] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3373.907640] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3373.908166] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3373.908659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3373.909162] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3373.909676] [ 3373.909865] FAULT_INJECTION: forcing a failure. [ 3373.909865] name failslab, interval 1, probability 0, space 0, times 0 [ 3373.911693] CPU: 0 PID: 18556 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3373.912812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3373.913865] Call Trace: [ 3373.914207] [ 3373.914521] dump_stack_lvl+0xc1/0xf0 [ 3373.915065] should_fail_ex+0x4b4/0x5b0 [ 3373.915514] loop0: detected capacity change from 0 to 512 [ 3373.915598] ? copy_fs_struct+0x49/0x350 [ 3373.916516] should_failslab+0x9/0x20 [ 3373.917031] kmem_cache_alloc+0x61/0x390 [ 3373.917597] copy_fs_struct+0x49/0x350 [ 3373.918146] copy_process+0x36a6/0x7320 [ 3373.918703] ? lock_acquire+0x19a/0x4c0 [ 3373.919265] ? __pfx_copy_process+0x10/0x10 [ 3373.919898] ? _copy_from_user+0x5c/0xf0 [ 3373.920456] kernel_clone+0xeb/0x810 [ 3373.920983] ? ksys_write+0x122/0x250 [ 3373.921506] ? __pfx_kernel_clone+0x10/0x10 [ 3373.922113] ? lock_is_held_type+0x9f/0x120 [ 3373.922718] __do_sys_clone3+0x1d5/0x250 [ 3373.923285] ? __pfx___do_sys_clone3+0x10/0x10 [ 3373.923952] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3373.924735] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3373.925531] ? fput+0x2f/0x1a0 [ 3373.925998] ? __pfx_ksys_write+0x10/0x10 [ 3373.926567] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3373.927271] ? syscall_enter_from_user_mode+0x21/0x50 [ 3373.927995] do_syscall_64+0x3f/0x90 [ 3373.928531] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3373.929212] RIP: 0033:0x7fefd8f24b19 [ 3373.929702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3373.931999] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3373.932993] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3373.933917] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3373.934838] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3373.935758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3373.936697] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3373.937628] [ 3373.938663] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3373.950882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3373.956482] FAULT_INJECTION: forcing a failure. [ 3373.956482] name failslab, interval 1, probability 0, space 0, times 0 [ 3373.958058] CPU: 0 PID: 18566 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 00:38:45 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20) [ 3373.959107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3373.960328] Call Trace: [ 3373.960675] [ 3373.960981] dump_stack_lvl+0xc1/0xf0 [ 3373.961512] should_fail_ex+0x4b4/0x5b0 [ 3373.962052] ? security_inode_alloc+0x38/0x160 [ 3373.962670] should_failslab+0x9/0x20 [ 3373.963184] kmem_cache_alloc+0x61/0x390 [ 3373.963744] security_inode_alloc+0x38/0x160 [ 3373.964368] inode_init_always+0xbb2/0xea0 [ 3373.964951] alloc_inode+0x84/0x240 [ 3373.965448] new_inode_pseudo+0x17/0x80 [ 3373.965980] sock_alloc+0x40/0x270 [ 3373.966459] __sock_create+0xc1/0x820 [ 3373.966990] __sys_socket+0x137/0x250 [ 3373.967508] ? __pfx___sys_socket+0x10/0x10 [ 3373.968098] ? ksys_write+0x19e/0x250 [ 3373.968611] ? __pfx_ksys_write+0x10/0x10 [ 3373.969173] __x64_sys_socket+0x73/0xb0 [ 3373.969706] ? syscall_enter_from_user_mode+0x21/0x50 [ 3373.970399] do_syscall_64+0x3f/0x90 [ 3373.970927] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3373.971601] RIP: 0033:0x7fcba4fd3197 [ 3373.972125] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3373.974405] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3373.975402] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3373.976331] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3373.977254] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3373.978184] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000001 [ 3373.979114] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3373.980074] [ 3373.980640] socket: no more sockets 00:38:45 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18) 00:38:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3374.086227] loop0: detected capacity change from 0 to 512 [ 3374.098224] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:38:45 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18) 00:38:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:45 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f9b"], 0x1a) 00:38:45 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) 00:38:45 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21) 00:38:45 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:46 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19) [ 3374.445051] FAULT_INJECTION: forcing a failure. [ 3374.445051] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3374.446811] CPU: 0 PID: 18587 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3374.447804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3374.448785] Call Trace: [ 3374.449112] [ 3374.449409] dump_stack_lvl+0xc1/0xf0 [ 3374.449932] should_fail_ex+0x4b4/0x5b0 [ 3374.450452] _copy_from_user+0x30/0xf0 [ 3374.450955] copy_clone_args_from_user+0x147/0x780 [ 3374.451587] ? ksys_write+0x122/0x250 [ 3374.452109] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 3374.452784] ? ksys_write+0x20f/0x250 [ 3374.453134] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3374.453253] ? lock_release+0x1e3/0x680 [ 3374.454839] ? __pfx_lock_release+0x10/0x10 [ 3374.455419] ? lock_is_held_type+0x9f/0x120 [ 3374.455996] __do_sys_clone3+0x8f/0x250 [ 3374.456529] ? __pfx___do_sys_clone3+0x10/0x10 [ 3374.457147] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3374.457824] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3374.458504] ? perf_trace_preemptirq_template+0x252/0x420 [ 3374.459229] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3374.460002] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3374.460761] ? fput+0x2f/0x1a0 [ 3374.461213] ? __pfx_ksys_write+0x10/0x10 [ 3374.461771] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3374.462450] ? syscall_enter_from_user_mode+0x21/0x50 [ 3374.463119] do_syscall_64+0x3f/0x90 [ 3374.463638] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3374.464330] RIP: 0033:0x7f418241bb19 [ 3374.464810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3374.467059] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3374.468031] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3374.468926] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3374.469827] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3374.470722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3374.471622] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3374.472550] [ 3374.491599] loop0: detected capacity change from 0 to 512 [ 3374.501315] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3374.514556] FAULT_INJECTION: forcing a failure. [ 3374.514556] name failslab, interval 1, probability 0, space 0, times 0 [ 3374.516397] CPU: 1 PID: 18590 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3374.516413] FAULT_INJECTION: forcing a failure. [ 3374.516413] name failslab, interval 1, probability 0, space 0, times 0 [ 3374.517400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3374.517418] Call Trace: [ 3374.517426] [ 3374.517437] dump_stack_lvl+0xc1/0xf0 [ 3374.520746] should_fail_ex+0x4b4/0x5b0 [ 3374.521259] ? copy_process+0x20e8/0x7320 [ 3374.521793] should_failslab+0x9/0x20 [ 3374.522272] kmem_cache_alloc+0x61/0x390 [ 3374.522796] copy_process+0x20e8/0x7320 [ 3374.523309] ? lock_acquire+0x19a/0x4c0 [ 3374.523862] ? __pfx_copy_process+0x10/0x10 [ 3374.524450] ? _copy_from_user+0x5c/0xf0 [ 3374.524998] kernel_clone+0xeb/0x810 [ 3374.525514] ? __pfx_kernel_clone+0x10/0x10 [ 3374.526106] ? lock_release+0x1e3/0x680 [ 3374.526630] ? __pfx_lock_release+0x10/0x10 [ 3374.527204] __do_sys_clone3+0x1d5/0x250 [ 3374.527745] ? __pfx___do_sys_clone3+0x10/0x10 [ 3374.528398] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3374.529171] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3374.529939] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3374.530623] ? syscall_enter_from_user_mode+0x21/0x50 [ 3374.531316] do_syscall_64+0x3f/0x90 [ 3374.531834] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3374.532512] RIP: 0033:0x7f89ec184b19 [ 3374.532994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3374.535267] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3374.536200] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3374.537113] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3374.538018] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3374.538902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3374.539805] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3374.540740] [ 3374.541055] CPU: 0 PID: 18594 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3374.542089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3374.543106] Call Trace: [ 3374.543446] [ 3374.543741] dump_stack_lvl+0xc1/0xf0 [ 3374.544295] should_fail_ex+0x4b4/0x5b0 [ 3374.544827] ? copy_process+0x2267/0x7320 [ 3374.545375] should_failslab+0x9/0x20 [ 3374.545874] kmem_cache_alloc+0x61/0x390 [ 3374.546412] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3374.547088] copy_process+0x2267/0x7320 [ 3374.547619] ? lock_acquire+0x19a/0x4c0 [ 3374.548168] ? __pfx_copy_process+0x10/0x10 [ 3374.548751] ? _copy_from_user+0x5c/0xf0 [ 3374.549296] kernel_clone+0xeb/0x810 [ 3374.549794] ? ksys_write+0x122/0x250 [ 3374.550298] ? __pfx_kernel_clone+0x10/0x10 [ 3374.550874] ? lock_is_held_type+0x9f/0x120 [ 3374.551447] __do_sys_clone3+0x1d5/0x250 [ 3374.551996] ? __pfx___do_sys_clone3+0x10/0x10 [ 3374.552621] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3374.553371] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3374.554118] ? fput+0x2f/0x1a0 [ 3374.554562] ? __pfx_ksys_write+0x10/0x10 [ 3374.555101] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3374.555766] ? syscall_enter_from_user_mode+0x21/0x50 [ 3374.556470] do_syscall_64+0x3f/0x90 [ 3374.556978] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3374.557639] RIP: 0033:0x7f729f431b19 [ 3374.558114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3374.560321] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3374.561258] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3374.562136] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3374.563016] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3374.563896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3374.564773] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3374.565682] 00:38:58 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 4) 00:38:58 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc9f"], 0x1a) 00:38:58 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20) 00:38:58 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:38:58 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19) 00:38:58 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef0100010000", 0x3f, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:38:58 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) 00:38:58 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22) [ 3386.787335] FAULT_INJECTION: forcing a failure. [ 3386.787335] name failslab, interval 1, probability 0, space 0, times 0 [ 3386.788137] CPU: 1 PID: 18607 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3386.788674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3386.789211] Call Trace: [ 3386.789402] [ 3386.789559] dump_stack_lvl+0xc1/0xf0 [ 3386.789838] should_fail_ex+0x4b4/0x5b0 [ 3386.790117] ? copy_process+0x20e8/0x7320 [ 3386.790409] should_failslab+0x9/0x20 [ 3386.790674] kmem_cache_alloc+0x61/0x390 [ 3386.790956] copy_process+0x20e8/0x7320 [ 3386.791244] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3386.791645] ? lock_acquire+0x19a/0x4c0 [ 3386.791926] ? __pfx_copy_process+0x10/0x10 [ 3386.792239] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3386.792611] ? copy_clone_args_from_user+0x186/0x780 [ 3386.792956] ? __sanitizer_cov_trace_pc+0x60/0x70 [ 3386.793295] kernel_clone+0xeb/0x810 [ 3386.793560] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3386.793908] ? __pfx_kernel_clone+0x10/0x10 [ 3386.794218] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3386.794563] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3386.794919] __do_sys_clone3+0x1d5/0x250 [ 3386.795209] ? __pfx___do_sys_clone3+0x10/0x10 [ 3386.795538] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3386.795891] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3386.796294] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3386.796662] ? __pfx___x64_sys_clone3+0x10/0x10 [ 3386.796989] do_syscall_64+0x3f/0x90 [ 3386.797264] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3386.797611] RIP: 0033:0x7fefd8f24b19 [ 3386.797863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3386.799036] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3386.799532] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3386.800007] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3386.800473] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3386.800938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3386.801402] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3386.801880] [ 3386.808431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3386.835003] loop0: detected capacity change from 0 to 512 [ 3386.850116] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3386.851579] EXT4-fs (loop0): group descriptors corrupted! [ 3386.853600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3386.857685] FAULT_INJECTION: forcing a failure. [ 3386.857685] name failslab, interval 1, probability 0, space 0, times 0 [ 3386.859461] CPU: 0 PID: 18618 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3386.860557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3386.861587] Call Trace: [ 3386.861932] [ 3386.862237] dump_stack_lvl+0xc1/0xf0 [ 3386.862770] should_fail_ex+0x4b4/0x5b0 [ 3386.863309] ? copy_process+0x3c2/0x7320 [ 3386.863863] should_failslab+0x9/0x20 [ 3386.864390] kmem_cache_alloc_node+0x65/0x3b0 [ 3386.864989] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3386.865689] copy_process+0x3c2/0x7320 [ 3386.866227] ? lock_acquire+0x19a/0x4c0 [ 3386.866761] ? find_held_lock+0x2c/0x110 [ 3386.867320] ? __might_fault+0xe2/0x190 [ 3386.867866] ? lock_release+0x1e3/0x680 [ 3386.868425] ? __pfx_copy_process+0x10/0x10 [ 3386.869029] ? _copy_from_user+0x5c/0xf0 [ 3386.869581] kernel_clone+0xeb/0x810 00:38:58 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20) [ 3386.870098] ? ksys_write+0x122/0x250 [ 3386.870693] ? __pfx_kernel_clone+0x10/0x10 [ 3386.871289] ? lock_is_held_type+0x9f/0x120 [ 3386.871891] __do_sys_clone3+0x1d5/0x250 [ 3386.872459] ? __pfx___do_sys_clone3+0x10/0x10 [ 3386.873113] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3386.873888] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3386.874663] ? fput+0x2f/0x1a0 [ 3386.875125] ? __pfx_ksys_write+0x10/0x10 [ 3386.875692] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3386.876409] ? syscall_enter_from_user_mode+0x21/0x50 [ 3386.877114] do_syscall_64+0x3f/0x90 [ 3386.877633] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3386.878311] RIP: 0033:0x7f418241bb19 [ 3386.878806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3386.881206] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3386.882248] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3386.883236] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3386.884235] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3386.885208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3386.886176] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3386.887172] 00:38:58 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21) 00:38:58 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23) 00:38:58 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) 00:38:58 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3387.052122] FAULT_INJECTION: forcing a failure. [ 3387.052122] name failslab, interval 1, probability 0, space 0, times 0 [ 3387.053233] CPU: 1 PID: 18628 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3387.053769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3387.054301] Call Trace: [ 3387.054481] [ 3387.054640] dump_stack_lvl+0xc1/0xf0 [ 3387.054917] should_fail_ex+0x4b4/0x5b0 [ 3387.055194] ? copy_process+0x2267/0x7320 [ 3387.055486] should_failslab+0x9/0x20 [ 3387.055750] kmem_cache_alloc+0x61/0x390 [ 3387.056041] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3387.056404] copy_process+0x2267/0x7320 [ 3387.056684] ? lock_acquire+0x19a/0x4c0 [ 3387.056973] ? __pfx_copy_process+0x10/0x10 [ 3387.057280] ? _copy_from_user+0x5c/0xf0 [ 3387.057567] kernel_clone+0xeb/0x810 [ 3387.057828] ? ksys_write+0x122/0x250 [ 3387.058095] ? __pfx_kernel_clone+0x10/0x10 [ 3387.058403] ? lock_is_held_type+0x9f/0x120 [ 3387.058712] __do_sys_clone3+0x1d5/0x250 [ 3387.058994] ? __pfx___do_sys_clone3+0x10/0x10 [ 3387.059325] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3387.059724] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3387.060128] ? fput+0x2f/0x1a0 [ 3387.060366] ? __pfx_ksys_write+0x10/0x10 [ 3387.060649] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3387.061001] ? syscall_enter_from_user_mode+0x21/0x50 [ 3387.061357] do_syscall_64+0x3f/0x90 [ 3387.061625] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3387.061973] RIP: 0033:0x7fefd8f24b19 [ 3387.062223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3387.063387] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3387.063880] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3387.064355] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3387.064821] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3387.065278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3387.065740] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3387.066222] [ 3387.102714] loop0: detected capacity change from 0 to 512 [ 3387.108657] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3387.109296] EXT4-fs (loop0): group descriptors corrupted! [ 3387.120042] FAULT_INJECTION: forcing a failure. [ 3387.120042] name failslab, interval 1, probability 0, space 0, times 0 [ 3387.121618] CPU: 0 PID: 18633 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3387.122659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3387.123695] Call Trace: [ 3387.124046] [ 3387.124353] dump_stack_lvl+0xc1/0xf0 [ 3387.124887] should_fail_ex+0x4b4/0x5b0 [ 3387.125426] ? create_new_namespaces+0x30/0xb30 [ 3387.126059] should_failslab+0x9/0x20 [ 3387.126576] kmem_cache_alloc+0x61/0x390 [ 3387.127130] create_new_namespaces+0x30/0xb30 [ 3387.127740] ? security_capable+0x99/0xc0 [ 3387.128313] copy_namespaces+0x414/0x500 [ 3387.128874] copy_process+0x2b78/0x7320 [ 3387.129416] ? lock_acquire+0x19a/0x4c0 [ 3387.129967] ? __pfx_copy_process+0x10/0x10 [ 3387.130570] ? _copy_from_user+0x5c/0xf0 [ 3387.131120] kernel_clone+0xeb/0x810 [ 3387.131634] ? ksys_write+0x122/0x250 [ 3387.132178] ? __pfx_kernel_clone+0x10/0x10 [ 3387.132776] ? lock_is_held_type+0x9f/0x120 [ 3387.133371] __do_sys_clone3+0x1d5/0x250 [ 3387.133929] ? __pfx___do_sys_clone3+0x10/0x10 [ 3387.134580] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3387.135353] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3387.136150] ? fput+0x2f/0x1a0 [ 3387.136603] ? __pfx_ksys_write+0x10/0x10 [ 3387.137154] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3387.137843] ? syscall_enter_from_user_mode+0x21/0x50 [ 3387.138539] do_syscall_64+0x3f/0x90 [ 3387.139058] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3387.139726] RIP: 0033:0x7f729f431b19 [ 3387.140243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3387.142500] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3387.143467] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3387.144385] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3387.145286] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3387.146196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3387.147106] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3387.148040] [ 3389.580715] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 3389.582728] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 3389.584072] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 3389.586942] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 3389.588565] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 3389.589764] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 3391.621364] Bluetooth: hci0: command 0x0409 tx timeout [ 3393.669248] Bluetooth: hci0: command 0x041b tx timeout [ 3395.717228] Bluetooth: hci0: command 0x040f tx timeout [ 3397.766227] Bluetooth: hci0: command 0x0419 tx timeout [ 3408.128639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3408.129571] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3408.160267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3408.161553] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3408.512724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:39:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7bc"], 0x1a) 00:39:33 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21) 00:39:33 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) 00:39:33 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:39:33 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22) 00:39:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:39:33 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 5) 00:39:33 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24) [ 3421.835004] loop0: detected capacity change from 0 to 512 [ 3421.837470] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:39:33 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23) [ 3421.865213] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3421.869383] FAULT_INJECTION: forcing a failure. [ 3421.869383] name failslab, interval 1, probability 0, space 0, times 0 [ 3421.870184] CPU: 1 PID: 19118 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3421.870758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3421.871328] Call Trace: [ 3421.871522] [ 3421.871690] dump_stack_lvl+0xc1/0xf0 [ 3421.871989] should_fail_ex+0x4b4/0x5b0 [ 3421.872292] ? sk_prot_alloc+0x157/0x280 [ 3421.872600] should_failslab+0x9/0x20 [ 3421.872883] __kmem_cache_alloc_node+0x66/0x310 [ 3421.873228] ? sk_prot_alloc+0x157/0x280 [ 3421.873526] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 3421.873896] ? sk_prot_alloc+0x157/0x280 [ 3421.874194] __kmalloc+0x4d/0x160 [ 3421.874459] sk_prot_alloc+0x157/0x280 [ 3421.874746] sk_alloc+0x38/0x7b0 [ 3421.875002] __netlink_create+0x63/0x340 [ 3421.875311] netlink_create+0x3bb/0x5f0 [ 3421.875615] ? __pfx_genl_bind+0x10/0x10 [ 3421.875914] __sock_create+0x376/0x820 [ 3421.876210] __sys_socket+0x137/0x250 [ 3421.876486] ? __pfx___sys_socket+0x10/0x10 [ 3421.876801] ? ksys_write+0x19e/0x250 [ 3421.877069] ? __pfx_ksys_write+0x10/0x10 [ 3421.877378] __x64_sys_socket+0x73/0xb0 [ 3421.877656] ? syscall_enter_from_user_mode+0x21/0x50 [ 3421.878038] do_syscall_64+0x3f/0x90 [ 3421.878316] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3421.878692] RIP: 0033:0x7fcba4fd3197 [ 3421.878947] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3421.880218] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3421.880730] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3421.881238] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3421.881748] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3421.882248] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000001 [ 3421.882756] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3421.883261] [ 3421.887889] FAULT_INJECTION: forcing a failure. [ 3421.887889] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3421.888760] CPU: 1 PID: 19117 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3421.889338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3421.889913] Call Trace: [ 3421.890099] [ 3421.890265] dump_stack_lvl+0xc1/0xf0 [ 3421.890554] should_fail_ex+0x4b4/0x5b0 [ 3421.890852] __should_fail_alloc_page+0xe0/0x110 [ 3421.891212] prepare_alloc_pages+0x178/0x500 [ 3421.891550] __alloc_pages+0x149/0x480 [ 3421.891843] ? __pfx_lock_release+0x10/0x10 [ 3421.892165] ? __pfx___alloc_pages+0x10/0x10 [ 3421.892512] ? kmem_cache_alloc_node+0x345/0x3b0 [ 3421.892868] copy_process+0x456/0x7320 [ 3421.893166] ? lock_acquire+0x19a/0x4c0 [ 3421.893464] ? find_held_lock+0x2c/0x110 [ 3421.893774] ? __might_fault+0xe2/0x190 [ 3421.894080] ? lock_release+0x1e3/0x680 [ 3421.894379] ? __pfx_copy_process+0x10/0x10 [ 3421.894707] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.895150] kernel_clone+0xeb/0x810 [ 3421.895438] ? __pfx_kernel_clone+0x10/0x10 [ 3421.895759] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3421.896148] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3421.896555] ? __do_sys_clone3+0x1bd/0x250 [ 3421.896861] __do_sys_clone3+0x1d5/0x250 [ 3421.897155] ? __pfx___do_sys_clone3+0x10/0x10 [ 3421.897497] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.897906] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.898305] ? fput+0x2f/0x1a0 [ 3421.898536] ? __pfx_ksys_write+0x10/0x10 [ 3421.898820] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3421.899177] ? syscall_enter_from_user_mode+0x21/0x50 [ 3421.899539] do_syscall_64+0x3f/0x90 [ 3421.899804] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3421.900149] RIP: 0033:0x7f418241bb19 [ 3421.900402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3421.901653] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3421.902176] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3421.902673] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3421.903164] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3421.903677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3421.904172] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3421.904690] [ 3421.909484] FAULT_INJECTION: forcing a failure. [ 3421.909484] name failslab, interval 1, probability 0, space 0, times 0 [ 3421.910494] CPU: 1 PID: 19115 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3421.911078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3421.911634] Call Trace: [ 3421.911825] [ 3421.911995] dump_stack_lvl+0xc1/0xf0 [ 3421.912287] should_fail_ex+0x4b4/0x5b0 [ 3421.912615] ? copy_process+0x2267/0x7320 [ 3421.912921] should_failslab+0x9/0x20 [ 3421.913199] kmem_cache_alloc+0x61/0x390 [ 3421.913507] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3421.913884] copy_process+0x2267/0x7320 [ 3421.914183] ? lock_acquire+0x19a/0x4c0 [ 3421.914484] ? __pfx_copy_process+0x10/0x10 [ 3421.914822] ? _copy_from_user+0x5c/0xf0 [ 3421.915106] kernel_clone+0xeb/0x810 [ 3421.915390] ? ksys_write+0x122/0x250 [ 3421.915658] ? __pfx_kernel_clone+0x10/0x10 [ 3421.915988] ? lock_is_held_type+0x9f/0x120 [ 3421.916289] __do_sys_clone3+0x1d5/0x250 [ 3421.916602] ? __pfx___do_sys_clone3+0x10/0x10 [ 3421.916941] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.917370] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.917765] ? fput+0x2f/0x1a0 [ 3421.918011] ? __pfx_ksys_write+0x10/0x10 [ 3421.918294] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3421.918671] ? syscall_enter_from_user_mode+0x21/0x50 [ 3421.919025] do_syscall_64+0x3f/0x90 [ 3421.919316] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3421.919658] RIP: 0033:0x7f89ec184b19 [ 3421.919924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3421.921089] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3421.921632] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3421.922150] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3421.922653] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3421.923159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3421.923673] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3421.924199] [ 3421.945951] FAULT_INJECTION: forcing a failure. [ 3421.945951] name failslab, interval 1, probability 0, space 0, times 0 [ 3421.947683] CPU: 0 PID: 19121 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3421.948783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3421.949853] Call Trace: [ 3421.950210] [ 3421.950523] dump_stack_lvl+0xc1/0xf0 [ 3421.951075] should_fail_ex+0x4b4/0x5b0 [ 3421.951626] ? create_new_namespaces+0x30/0xb30 [ 3421.952274] should_failslab+0x9/0x20 [ 3421.952807] kmem_cache_alloc+0x61/0x390 [ 3421.953381] create_new_namespaces+0x30/0xb30 [ 3421.953994] ? security_capable+0x99/0xc0 [ 3421.954583] copy_namespaces+0x414/0x500 00:39:33 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22) [ 3421.955152] copy_process+0x2b78/0x7320 [ 3421.955874] ? lock_acquire+0x19a/0x4c0 [ 3421.956462] ? __pfx_copy_process+0x10/0x10 [ 3421.957084] ? _copy_from_user+0x5c/0xf0 [ 3421.957650] kernel_clone+0xeb/0x810 [ 3421.958185] ? ksys_write+0x122/0x250 [ 3421.958711] ? __pfx_kernel_clone+0x10/0x10 [ 3421.959330] ? lock_is_held_type+0x9f/0x120 [ 3421.959949] __do_sys_clone3+0x1d5/0x250 [ 3421.960517] ? __pfx___do_sys_clone3+0x10/0x10 [ 3421.961181] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.961957] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3421.962761] ? fput+0x2f/0x1a0 [ 3421.963221] ? __pfx_ksys_write+0x10/0x10 [ 3421.963792] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3421.964513] ? syscall_enter_from_user_mode+0x21/0x50 [ 3421.965232] do_syscall_64+0x3f/0x90 [ 3421.965770] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3421.966471] RIP: 0033:0x7fefd8f24b19 [ 3421.966975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3421.969329] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3421.970327] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3421.971261] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3421.972212] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3421.973131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3421.974034] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3421.974962] 00:39:33 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) [ 3421.997437] FAULT_INJECTION: forcing a failure. [ 3421.997437] name failslab, interval 1, probability 0, space 0, times 0 [ 3421.998268] CPU: 1 PID: 19125 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3421.998806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3421.999343] Call Trace: [ 3421.999533] [ 3421.999693] dump_stack_lvl+0xc1/0xf0 [ 3421.999970] should_fail_ex+0x4b4/0x5b0 [ 3422.000254] ? prepare_creds+0x2f/0x6f0 [ 3422.000552] should_failslab+0x9/0x20 [ 3422.000826] kmem_cache_alloc+0x61/0x390 [ 3422.001105] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3422.001466] ? get_random_u64+0x394/0x660 [ 3422.001764] prepare_creds+0x2f/0x6f0 [ 3422.002041] copy_creds+0x7a/0xbd0 [ 3422.002296] copy_process+0xe2a/0x7320 [ 3422.002570] ? lock_acquire+0x19a/0x4c0 [ 3422.002848] ? find_held_lock+0x2c/0x110 [ 3422.003145] ? __pfx_copy_process+0x10/0x10 [ 3422.003456] ? _copy_from_user+0x5c/0xf0 [ 3422.003741] kernel_clone+0xeb/0x810 [ 3422.004010] ? ksys_write+0x122/0x250 [ 3422.004273] ? __pfx_kernel_clone+0x10/0x10 [ 3422.004596] ? lock_is_held_type+0x9f/0x120 [ 3422.004906] __do_sys_clone3+0x1d5/0x250 [ 3422.005191] ? __pfx___do_sys_clone3+0x10/0x10 [ 3422.005521] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3422.005925] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3422.006324] ? fput+0x2f/0x1a0 [ 3422.006560] ? __pfx_ksys_write+0x10/0x10 [ 3422.006866] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3422.007233] ? syscall_enter_from_user_mode+0x21/0x50 [ 3422.007590] do_syscall_64+0x3f/0x90 [ 3422.007877] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3422.008226] RIP: 0033:0x7f418241bb19 [ 3422.008504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3422.009767] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3422.010294] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3422.010807] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3422.011301] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3422.011802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3422.012301] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3422.012828] 00:39:46 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:39:46 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 6) 00:39:46 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7"], 0x1a) 00:39:46 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23) 00:39:46 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25) 00:39:46 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:39:46 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6) [ 3434.853426] loop0: detected capacity change from 0 to 512 00:39:46 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24) [ 3434.860186] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3434.862298] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3434.876798] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3434.894671] FAULT_INJECTION: forcing a failure. [ 3434.894671] name failslab, interval 1, probability 0, space 0, times 0 [ 3434.896424] CPU: 0 PID: 19142 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3434.897506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3434.898563] Call Trace: [ 3434.898912] [ 3434.899225] dump_stack_lvl+0xc1/0xf0 [ 3434.899767] should_fail_ex+0x4b4/0x5b0 [ 3434.900311] ? create_new_namespaces+0x30/0xb30 [ 3434.900963] should_failslab+0x9/0x20 [ 3434.901480] kmem_cache_alloc+0x61/0x390 [ 3434.902045] create_new_namespaces+0x30/0xb30 [ 3434.902669] ? security_capable+0x99/0xc0 [ 3434.903252] copy_namespaces+0x414/0x500 [ 3434.903816] copy_process+0x2b78/0x7320 [ 3434.904403] ? lock_acquire+0x19a/0x4c0 [ 3434.904984] ? __pfx_copy_process+0x10/0x10 [ 3434.905624] ? _copy_from_user+0x5c/0xf0 [ 3434.906189] kernel_clone+0xeb/0x810 [ 3434.906733] ? ksys_write+0x122/0x250 [ 3434.907270] ? __pfx_kernel_clone+0x10/0x10 [ 3434.907900] ? lock_is_held_type+0x9f/0x120 [ 3434.908523] __do_sys_clone3+0x1d5/0x250 00:39:46 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f01", 0x35, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3434.909132] ? __pfx___do_sys_clone3+0x10/0x10 [ 3434.909959] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3434.910770] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3434.911578] ? fput+0x2f/0x1a0 [ 3434.912048] ? __pfx_ksys_write+0x10/0x10 [ 3434.912641] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3434.913361] ? syscall_enter_from_user_mode+0x21/0x50 [ 3434.914092] do_syscall_64+0x3f/0x90 [ 3434.914637] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3434.915353] RIP: 0033:0x7f89ec184b19 [ 3434.915863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3434.918289] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3434.919289] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3434.920225] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3434.921155] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3434.922092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3434.923030] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3434.924010] [ 3434.936868] loop0: detected capacity change from 0 to 512 00:39:46 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24) [ 3434.973602] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:39:46 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3435.034284] loop0: detected capacity change from 0 to 512 [ 3435.044056] FAULT_INJECTION: forcing a failure. [ 3435.044056] name failslab, interval 1, probability 0, space 0, times 0 [ 3435.044894] CPU: 1 PID: 19158 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3435.045426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3435.045960] Call Trace: [ 3435.046137] [ 3435.046295] dump_stack_lvl+0xc1/0xf0 [ 3435.046580] should_fail_ex+0x4b4/0x5b0 [ 3435.046864] ? copy_net_ns+0xe2/0x770 [ 3435.047139] should_failslab+0x9/0x20 [ 3435.047400] __kmem_cache_alloc_node+0x66/0x310 [ 3435.047731] ? copy_net_ns+0xe2/0x770 [ 3435.048000] ? copy_pid_ns+0x107/0xa90 [ 3435.048286] ? copy_net_ns+0xe2/0x770 [ 3435.048554] __kmalloc+0x4d/0x160 [ 3435.048806] copy_net_ns+0xe2/0x770 [ 3435.049070] ? copy_cgroup_ns+0xa7/0x710 [ 3435.049365] create_new_namespaces+0x3f6/0xb30 [ 3435.049694] copy_namespaces+0x414/0x500 [ 3435.049981] copy_process+0x2b78/0x7320 [ 3435.050262] ? lock_acquire+0x19a/0x4c0 [ 3435.050552] ? __pfx_copy_process+0x10/0x10 [ 3435.050865] ? _copy_from_user+0x5c/0xf0 [ 3435.051153] kernel_clone+0xeb/0x810 [ 3435.051420] ? ksys_write+0x122/0x250 [ 3435.051686] ? __pfx_kernel_clone+0x10/0x10 [ 3435.051994] ? lock_is_held_type+0x9f/0x120 [ 3435.052299] __do_sys_clone3+0x1d5/0x250 [ 3435.052594] ? __pfx___do_sys_clone3+0x10/0x10 [ 3435.052927] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3435.053342] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3435.053761] ? fput+0x2f/0x1a0 [ 3435.054012] ? ksys_write+0x19e/0x250 [ 3435.054293] ? __pfx_ksys_write+0x10/0x10 [ 3435.054597] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3435.054954] ? syscall_enter_from_user_mode+0x21/0x50 [ 3435.055333] do_syscall_64+0x3f/0x90 [ 3435.055612] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3435.055988] RIP: 0033:0x7f729f431b19 [ 3435.056238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3435.057517] RSP: 002b:00007f729c986188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3435.058056] RAX: ffffffffffffffda RBX: 00007f729f545020 RCX: 00007f729f431b19 [ 3435.058554] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3435.059056] RBP: 00007f729c9861d0 R08: 0000000000000000 R09: 0000000000000000 [ 3435.059570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3435.060069] R13: 00007ffe00c6649f R14: 00007f729c986300 R15: 0000000000022000 [ 3435.060589] [ 3435.061611] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:39:59 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 7) 00:39:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:39:59 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 7) 00:39:59 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26) 00:39:59 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:39:59 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25) 00:39:59 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25) 00:39:59 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0"], 0x1a) [ 3447.705017] FAULT_INJECTION: forcing a failure. [ 3447.705017] name failslab, interval 1, probability 0, space 0, times 0 [ 3447.706428] CPU: 0 PID: 19168 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3447.707409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3447.708390] Call Trace: [ 3447.708710] [ 3447.709014] dump_stack_lvl+0xc1/0xf0 [ 3447.709514] should_fail_ex+0x4b4/0x5b0 [ 3447.710022] should_failslab+0x9/0x20 [ 3447.710505] __kmem_cache_alloc_node+0x66/0x310 [ 3447.711110] ? selinux_sk_alloc_security+0x94/0x210 [ 3447.711740] kmalloc_trace+0x26/0xc0 [ 3447.712222] selinux_sk_alloc_security+0x94/0x210 [ 3447.712844] security_sk_alloc+0x5a/0xb0 [ 3447.713373] sk_prot_alloc+0x20b/0x280 [ 3447.713865] sk_alloc+0x38/0x7b0 [ 3447.714321] __netlink_create+0x63/0x340 [ 3447.714847] netlink_create+0x3bb/0x5f0 [ 3447.715366] ? __pfx_genl_bind+0x10/0x10 [ 3447.715879] __sock_create+0x376/0x820 [ 3447.716376] __sys_socket+0x137/0x250 [ 3447.716887] ? __pfx___sys_socket+0x10/0x10 [ 3447.717427] ? ksys_write+0x19e/0x250 [ 3447.717909] ? __pfx_ksys_write+0x10/0x10 [ 3447.718435] __x64_sys_socket+0x73/0xb0 [ 3447.718936] ? syscall_enter_from_user_mode+0x21/0x50 [ 3447.719594] do_syscall_64+0x3f/0x90 [ 3447.720084] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3447.720715] RIP: 0033:0x7fcba4fd3197 [ 3447.721182] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3447.723282] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3447.724182] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3447.725052] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3447.725903] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3447.726751] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000001 [ 3447.727592] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3447.728449] [ 3447.741358] loop0: detected capacity change from 0 to 512 [ 3447.741771] FAULT_INJECTION: forcing a failure. [ 3447.741771] name failslab, interval 1, probability 0, space 0, times 0 [ 3447.742904] CPU: 1 PID: 19178 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3447.743457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3447.743987] Call Trace: [ 3447.744164] [ 3447.744327] dump_stack_lvl+0xc1/0xf0 [ 3447.744612] should_fail_ex+0x4b4/0x5b0 [ 3447.744898] ? security_prepare_creds+0x116/0x190 [ 3447.745238] should_failslab+0x9/0x20 [ 3447.745516] __kmem_cache_alloc_node+0x66/0x310 [ 3447.745842] ? security_prepare_creds+0x116/0x190 [ 3447.746189] ? security_prepare_creds+0x116/0x190 [ 3447.746528] __kmalloc+0x4d/0x160 [ 3447.746769] security_prepare_creds+0x116/0x190 [ 3447.747102] prepare_creds+0x509/0x6f0 [ 3447.747383] copy_creds+0x7a/0xbd0 [ 3447.747646] copy_process+0xe2a/0x7320 [ 3447.747921] ? lock_acquire+0x19a/0x4c0 [ 3447.748205] ? find_held_lock+0x2c/0x110 [ 3447.748507] ? __pfx_copy_process+0x10/0x10 [ 3447.748839] ? _copy_from_user+0x5c/0xf0 [ 3447.749123] kernel_clone+0xeb/0x810 [ 3447.749395] ? ksys_write+0x122/0x250 [ 3447.749665] ? __pfx_kernel_clone+0x10/0x10 [ 3447.749975] ? lock_is_held_type+0x9f/0x120 [ 3447.750290] __do_sys_clone3+0x1d5/0x250 [ 3447.750582] ? __pfx___do_sys_clone3+0x10/0x10 [ 3447.750926] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3447.751341] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3447.751779] ? fput+0x2f/0x1a0 [ 3447.752035] ? __pfx_ksys_write+0x10/0x10 [ 3447.752344] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3447.752700] ? syscall_enter_from_user_mode+0x21/0x50 [ 3447.753092] do_syscall_64+0x3f/0x90 [ 3447.753393] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3447.753772] RIP: 0033:0x7f418241bb19 [ 3447.754042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3447.755314] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3447.755858] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3447.756366] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3447.756888] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3447.757394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3447.757898] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3447.758413] [ 3447.764814] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3447.766313] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3447.801925] FAULT_INJECTION: forcing a failure. [ 3447.801925] name failslab, interval 1, probability 0, space 0, times 0 [ 3447.803521] CPU: 0 PID: 19182 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3447.804512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3447.805502] Call Trace: [ 3447.805835] [ 3447.806129] dump_stack_lvl+0xc1/0xf0 [ 3447.806644] should_fail_ex+0x4b4/0x5b0 [ 3447.807169] ? copy_net_ns+0xe2/0x770 [ 3447.807687] should_failslab+0x9/0x20 [ 3447.808171] __kmem_cache_alloc_node+0x66/0x310 [ 3447.808779] ? copy_net_ns+0xe2/0x770 [ 3447.809275] ? copy_pid_ns+0x107/0xa90 [ 3447.809794] ? copy_net_ns+0xe2/0x770 [ 3447.810296] __kmalloc+0x4d/0x160 [ 3447.810740] copy_net_ns+0xe2/0x770 [ 3447.811214] ? copy_cgroup_ns+0xa7/0x710 [ 3447.811719] create_new_namespaces+0x3f6/0xb30 [ 3447.812321] copy_namespaces+0x414/0x500 [ 3447.812883] copy_process+0x2b78/0x7320 [ 3447.813399] ? lock_acquire+0x19a/0x4c0 [ 3447.813923] ? __pfx_copy_process+0x10/0x10 [ 3447.814488] ? _copy_from_user+0x5c/0xf0 [ 3447.815007] kernel_clone+0xeb/0x810 [ 3447.815491] ? ksys_write+0x122/0x250 [ 3447.815969] ? __pfx_kernel_clone+0x10/0x10 [ 3447.816532] ? lock_is_held_type+0x9f/0x120 [ 3447.817095] __do_sys_clone3+0x1d5/0x250 [ 3447.817621] ? __pfx___do_sys_clone3+0x10/0x10 [ 3447.818231] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3447.818965] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3447.819686] ? fput+0x2f/0x1a0 [ 3447.820107] ? __pfx_ksys_write+0x10/0x10 [ 3447.820624] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3447.821288] ? syscall_enter_from_user_mode+0x21/0x50 [ 3447.821945] do_syscall_64+0x3f/0x90 [ 3447.822433] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3447.823068] RIP: 0033:0x7f89ec184b19 [ 3447.823534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3447.825666] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3447.826575] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3447.827423] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3447.828263] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3447.829113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3447.829970] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3447.830843] 00:39:59 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 8) 00:39:59 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 3447.839471] FAULT_INJECTION: forcing a failure. [ 3447.839471] name failslab, interval 1, probability 0, space 0, times 0 [ 3447.841397] CPU: 0 PID: 19179 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3447.842402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3447.843404] Call Trace: [ 3447.843729] [ 3447.844024] dump_stack_lvl+0xc1/0xf0 [ 3447.844533] should_fail_ex+0x4b4/0x5b0 [ 3447.845067] ? copy_net_ns+0xe2/0x770 [ 3447.845570] should_failslab+0x9/0x20 [ 3447.846047] __kmem_cache_alloc_node+0x66/0x310 [ 3447.846634] ? copy_net_ns+0xe2/0x770 [ 3447.847144] ? copy_pid_ns+0x107/0xa90 [ 3447.847663] ? copy_net_ns+0xe2/0x770 [ 3447.848168] __kmalloc+0x4d/0x160 [ 3447.848620] copy_net_ns+0xe2/0x770 [ 3447.849114] ? copy_cgroup_ns+0xa7/0x710 [ 3447.849636] create_new_namespaces+0x3f6/0xb30 [ 3447.850235] copy_namespaces+0x414/0x500 [ 3447.850772] copy_process+0x2b78/0x7320 [ 3447.851293] ? lock_acquire+0x19a/0x4c0 [ 3447.851816] ? __pfx_copy_process+0x10/0x10 [ 3447.852391] ? _copy_from_user+0x5c/0xf0 [ 3447.852925] kernel_clone+0xeb/0x810 [ 3447.853419] ? ksys_write+0x122/0x250 [ 3447.853905] ? __pfx_kernel_clone+0x10/0x10 [ 3447.854478] ? lock_is_held_type+0x9f/0x120 [ 3447.855048] __do_sys_clone3+0x1d5/0x250 [ 3447.855580] ? __pfx___do_sys_clone3+0x10/0x10 [ 3447.856189] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3447.856952] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3447.857701] ? fput+0x2f/0x1a0 [ 3447.858142] ? __pfx_ksys_write+0x10/0x10 [ 3447.858674] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3447.859330] ? syscall_enter_from_user_mode+0x21/0x50 [ 3447.859994] do_syscall_64+0x3f/0x90 [ 3447.860502] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3447.861151] RIP: 0033:0x7fefd8f24b19 [ 3447.861621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3447.863790] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3447.864724] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3447.865626] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3447.866492] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3447.867356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3447.868223] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3447.869132] 00:39:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff", 0x38, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:39:59 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26) 00:39:59 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26) 00:39:59 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 9) 00:39:59 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27) [ 3447.994063] loop0: detected capacity change from 0 to 512 [ 3448.002712] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3448.028316] FAULT_INJECTION: forcing a failure. [ 3448.028316] name failslab, interval 1, probability 0, space 0, times 0 [ 3448.029140] CPU: 1 PID: 19199 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3448.029674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3448.030205] Call Trace: [ 3448.030395] [ 3448.030556] dump_stack_lvl+0xc1/0xf0 [ 3448.030833] should_fail_ex+0x4b4/0x5b0 [ 3448.031111] ? copy_net_ns+0x12e/0x770 [ 3448.031391] should_failslab+0x9/0x20 [ 3448.031654] kmem_cache_alloc+0x61/0x390 [ 3448.031938] copy_net_ns+0x12e/0x770 [ 3448.032203] ? copy_cgroup_ns+0xa7/0x710 [ 3448.032500] create_new_namespaces+0x3f6/0xb30 [ 3448.032839] copy_namespaces+0x414/0x500 [ 3448.033127] copy_process+0x2b78/0x7320 [ 3448.033419] ? lock_acquire+0x19a/0x4c0 [ 3448.033710] ? __pfx_copy_process+0x10/0x10 [ 3448.034018] ? _copy_from_user+0x5c/0xf0 [ 3448.034304] kernel_clone+0xeb/0x810 [ 3448.034572] ? ksys_write+0x122/0x250 [ 3448.034841] ? __pfx_kernel_clone+0x10/0x10 [ 3448.035146] ? lock_is_held_type+0x9f/0x120 [ 3448.035454] __do_sys_clone3+0x1d5/0x250 [ 3448.035741] ? __pfx___do_sys_clone3+0x10/0x10 [ 3448.036068] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3448.036467] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3448.036874] ? fput+0x2f/0x1a0 [ 3448.037108] ? __pfx_ksys_write+0x10/0x10 [ 3448.037393] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3448.037745] ? syscall_enter_from_user_mode+0x21/0x50 [ 3448.038099] do_syscall_64+0x3f/0x90 [ 3448.038369] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3448.038713] RIP: 0033:0x7f729f431b19 [ 3448.038961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3448.040119] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3448.040606] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3448.041105] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3448.041575] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3448.042041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3448.042518] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3448.042998] [ 3448.044289] FAULT_INJECTION: forcing a failure. [ 3448.044289] name failslab, interval 1, probability 0, space 0, times 0 [ 3448.045055] CPU: 1 PID: 19201 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3448.045587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3448.046150] Call Trace: [ 3448.046341] [ 3448.046504] dump_stack_lvl+0xc1/0xf0 [ 3448.046781] should_fail_ex+0x4b4/0x5b0 [ 3448.047065] ? dup_fd+0x8d/0xcf0 [ 3448.047320] should_failslab+0x9/0x20 [ 3448.047591] kmem_cache_alloc+0x61/0x390 [ 3448.047875] ? __pfx_avc_has_perm+0x10/0x10 [ 3448.048190] dup_fd+0x8d/0xcf0 [ 3448.048429] ? __pfx_audit_alloc+0x10/0x10 [ 3448.048724] ? security_task_alloc+0xea/0x260 [ 3448.049065] copy_process+0x1f7e/0x7320 [ 3448.049365] ? lock_acquire+0x19a/0x4c0 [ 3448.049653] ? __pfx_copy_process+0x10/0x10 [ 3448.049964] ? _copy_from_user+0x5c/0xf0 [ 3448.050256] kernel_clone+0xeb/0x810 [ 3448.050539] ? ksys_write+0x122/0x250 [ 3448.050810] ? __pfx_kernel_clone+0x10/0x10 [ 3448.051115] ? lock_is_held_type+0x9f/0x120 [ 3448.051444] __do_sys_clone3+0x1d5/0x250 [ 3448.051736] ? __pfx___do_sys_clone3+0x10/0x10 [ 3448.052076] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3448.052483] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3448.052921] ? fput+0x2f/0x1a0 [ 3448.053150] ? __pfx_ksys_write+0x10/0x10 [ 3448.053456] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3448.053808] ? syscall_enter_from_user_mode+0x21/0x50 [ 3448.054164] do_syscall_64+0x3f/0x90 [ 3448.054430] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3448.054781] RIP: 0033:0x7f418241bb19 [ 3448.055051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3448.056331] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3448.056843] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3448.057313] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3448.057786] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3448.058258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3448.058740] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3448.059220] 00:39:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:39:59 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 8) 00:39:59 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 10) 00:39:59 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28) 00:39:59 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27) 00:39:59 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0"], 0x1a) [ 3448.228361] loop0: detected capacity change from 0 to 512 [ 3448.233893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3448.239664] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3448.240872] FAULT_INJECTION: forcing a failure. [ 3448.240872] name failslab, interval 1, probability 0, space 0, times 0 [ 3448.241876] CPU: 1 PID: 19210 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3448.242410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3448.242943] Call Trace: [ 3448.243154] [ 3448.243312] dump_stack_lvl+0xc1/0xf0 [ 3448.243588] should_fail_ex+0x4b4/0x5b0 [ 3448.243865] ? copy_net_ns+0x12e/0x770 [ 3448.244135] should_failslab+0x9/0x20 [ 3448.244396] kmem_cache_alloc+0x61/0x390 [ 3448.244682] copy_net_ns+0x12e/0x770 [ 3448.244953] ? copy_cgroup_ns+0xa7/0x710 [ 3448.245234] create_new_namespaces+0x3f6/0xb30 [ 3448.245559] copy_namespaces+0x414/0x500 [ 3448.245842] copy_process+0x2b78/0x7320 [ 3448.245894] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3448.246116] ? lock_acquire+0x19a/0x4c0 [ 3448.247487] ? __pfx_copy_process+0x10/0x10 [ 3448.247794] ? _copy_from_user+0x5c/0xf0 [ 3448.248079] kernel_clone+0xeb/0x810 [ 3448.248347] ? ksys_write+0x122/0x250 [ 3448.248615] ? __pfx_kernel_clone+0x10/0x10 [ 3448.248933] ? lock_is_held_type+0x9f/0x120 [ 3448.249238] __do_sys_clone3+0x1d5/0x250 [ 3448.249519] ? __pfx___do_sys_clone3+0x10/0x10 [ 3448.249845] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3448.250245] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3448.250642] ? fput+0x2f/0x1a0 [ 3448.250875] ? __pfx_ksys_write+0x10/0x10 [ 3448.251162] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3448.251512] ? syscall_enter_from_user_mode+0x21/0x50 [ 3448.251862] do_syscall_64+0x3f/0x90 [ 3448.252133] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3448.252498] RIP: 0033:0x7f89ec184b19 [ 3448.252772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3448.253988] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3448.254511] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3448.254996] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3448.255483] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3448.255967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3448.256453] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3448.256956] 00:40:15 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 9) 00:40:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0"], 0x1a) 00:40:15 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:40:15 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28) 00:40:15 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:40:15 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 11) [ 3463.879847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:40:15 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29) 00:40:15 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 27) [ 3463.910439] FAULT_INJECTION: forcing a failure. [ 3463.910439] name failslab, interval 1, probability 0, space 0, times 0 [ 3463.912483] CPU: 0 PID: 19230 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3463.913495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3463.914481] Call Trace: [ 3463.914803] [ 3463.915089] dump_stack_lvl+0xc1/0xf0 [ 3463.915599] should_fail_ex+0x4b4/0x5b0 [ 3463.916122] should_failslab+0x9/0x20 [ 3463.916596] __kmem_cache_alloc_node+0x66/0x310 [ 3463.917213] ? alloc_fdtable+0x84/0x280 [ 3463.917741] ? do_raw_spin_lock+0x125/0x270 [ 3463.918298] kmalloc_trace+0x26/0xc0 [ 3463.918768] alloc_fdtable+0x84/0x280 [ 3463.919265] dup_fd+0x751/0xcf0 [ 3463.919703] ? security_task_alloc+0xea/0x260 [ 3463.920289] copy_process+0x1f7e/0x7320 [ 3463.920805] ? lock_acquire+0x19a/0x4c0 [ 3463.921349] ? __pfx_copy_process+0x10/0x10 [ 3463.921915] ? _copy_from_user+0x5c/0xf0 [ 3463.922437] kernel_clone+0xeb/0x810 [ 3463.922926] ? ksys_write+0x122/0x250 [ 3463.923400] ? __pfx_kernel_clone+0x10/0x10 [ 3463.923957] ? lock_is_held_type+0x9f/0x120 [ 3463.924518] __do_sys_clone3+0x1d5/0x250 [ 3463.925063] ? __pfx___do_sys_clone3+0x10/0x10 [ 3463.925666] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3463.926384] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3463.927110] ? fput+0x2f/0x1a0 [ 3463.927553] ? __pfx_ksys_write+0x10/0x10 [ 3463.928073] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3463.928721] ? syscall_enter_from_user_mode+0x21/0x50 [ 3463.929384] do_syscall_64+0x3f/0x90 [ 3463.929557] FAULT_INJECTION: forcing a failure. [ 3463.929557] name failslab, interval 1, probability 0, space 0, times 0 [ 3463.929864] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3463.931783] RIP: 0033:0x7f418241bb19 [ 3463.932241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3463.934389] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3463.935319] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3463.936181] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3463.937052] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3463.937903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3463.938752] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3463.939618] [ 3463.939921] CPU: 1 PID: 19238 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3463.940904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3463.941873] Call Trace: [ 3463.942193] [ 3463.942479] dump_stack_lvl+0xc1/0xf0 [ 3463.942982] should_fail_ex+0x4b4/0x5b0 [ 3463.943496] should_failslab+0x9/0x20 [ 3463.943975] kmem_cache_alloc_lru+0x7a/0x680 [ 3463.944534] ? __d_alloc+0x31/0x9c0 [ 3463.945025] ? __d_alloc+0x31/0x9c0 [ 3463.945490] __d_alloc+0x31/0x9c0 [ 3463.945937] d_alloc_pseudo+0x1d/0x70 [ 3463.946426] alloc_file_pseudo+0xd2/0x260 [ 3463.946961] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 3463.947570] ? do_raw_spin_unlock+0x53/0x220 [ 3463.948151] ? _raw_spin_unlock+0x1e/0x40 [ 3463.948676] ? alloc_fd+0x2eb/0x760 [ 3463.949167] sock_alloc_file+0x53/0x1e0 [ 3463.949695] __sys_socket+0x1ac/0x250 [ 3463.950086] loop0: detected capacity change from 0 to 512 [ 3463.950180] ? __pfx___sys_socket+0x10/0x10 [ 3463.951365] ? ksys_write+0x19e/0x250 [ 3463.951847] ? __pfx_ksys_write+0x10/0x10 [ 3463.952380] __x64_sys_socket+0x73/0xb0 [ 3463.952889] ? syscall_enter_from_user_mode+0x21/0x50 [ 3463.953556] do_syscall_64+0x3f/0x90 [ 3463.954048] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3463.954678] RIP: 0033:0x7fcba4fd3197 [ 3463.955135] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3463.957262] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3463.957732] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3463.958158] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3463.958181] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3463.960517] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3463.961410] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000001 [ 3463.962270] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3463.963149] [ 3463.978076] FAULT_INJECTION: forcing a failure. [ 3463.978076] name failslab, interval 1, probability 0, space 0, times 0 [ 3463.979777] CPU: 1 PID: 19237 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3463.980768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3463.981751] Call Trace: [ 3463.982076] [ 3463.982362] dump_stack_lvl+0xc1/0xf0 [ 3463.982864] should_fail_ex+0x4b4/0x5b0 [ 3463.983373] ? copy_net_ns+0x12e/0x770 [ 3463.983876] should_failslab+0x9/0x20 [ 3463.984352] kmem_cache_alloc+0x61/0x390 [ 3463.984885] copy_net_ns+0x12e/0x770 [ 3463.985406] ? copy_cgroup_ns+0xa7/0x710 [ 3463.985916] create_new_namespaces+0x3f6/0xb30 [ 3463.986508] copy_namespaces+0x414/0x500 [ 3463.987041] copy_process+0x2b78/0x7320 [ 3463.987556] ? lock_acquire+0x19a/0x4c0 [ 3463.988077] ? __pfx_copy_process+0x10/0x10 [ 3463.988636] ? _copy_from_user+0x5c/0xf0 [ 3463.989167] kernel_clone+0xeb/0x810 [ 3463.989653] ? ksys_write+0x122/0x250 [ 3463.990136] ? __pfx_kernel_clone+0x10/0x10 [ 3463.990695] ? lock_is_held_type+0x9f/0x120 [ 3463.991252] __do_sys_clone3+0x1d5/0x250 [ 3463.991770] ? __pfx___do_sys_clone3+0x10/0x10 [ 3463.992378] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3463.993125] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3463.993851] ? fput+0x2f/0x1a0 [ 3463.994297] ? __pfx_ksys_write+0x10/0x10 [ 3463.994825] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3463.995492] ? syscall_enter_from_user_mode+0x21/0x50 [ 3463.995595] FAULT_INJECTION: forcing a failure. [ 3463.995595] name failslab, interval 1, probability 0, space 0, times 0 [ 3463.996150] do_syscall_64+0x3f/0x90 [ 3463.997951] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3463.998582] RIP: 0033:0x7fefd8f24b19 [ 3463.999034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3464.001154] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3464.002046] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3464.002883] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3464.003725] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3464.004609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3464.005470] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3464.006344] [ 3464.006639] CPU: 0 PID: 19241 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3464.007634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3464.008606] Call Trace: [ 3464.008931] [ 3464.009233] dump_stack_lvl+0xc1/0xf0 [ 3464.009736] should_fail_ex+0x4b4/0x5b0 [ 3464.010241] should_failslab+0x9/0x20 [ 3464.010722] __kmem_cache_alloc_node+0x66/0x310 [ 3464.011306] ? copy_net_ns+0x17c/0x770 [ 3464.011819] kmalloc_trace+0x26/0xc0 [ 3464.012287] copy_net_ns+0x17c/0x770 [ 3464.012772] ? copy_cgroup_ns+0xa7/0x710 [ 3464.013299] create_new_namespaces+0x3f6/0xb30 [ 3464.013898] copy_namespaces+0x414/0x500 [ 3464.014422] copy_process+0x2b78/0x7320 [ 3464.014935] ? lock_acquire+0x19a/0x4c0 [ 3464.015457] ? __pfx_copy_process+0x10/0x10 [ 3464.016021] ? _copy_from_user+0x5c/0xf0 [ 3464.016539] kernel_clone+0xeb/0x810 [ 3464.017038] ? ksys_write+0x122/0x250 [ 3464.017524] ? __pfx_kernel_clone+0x10/0x10 [ 3464.018084] ? lock_is_held_type+0x9f/0x120 [ 3464.018646] __do_sys_clone3+0x1d5/0x250 [ 3464.019168] ? __pfx___do_sys_clone3+0x10/0x10 [ 3464.019770] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3464.020493] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3464.021230] ? fput+0x2f/0x1a0 [ 3464.021652] ? ksys_write+0x19e/0x250 [ 3464.022124] ? __pfx_ksys_write+0x10/0x10 [ 3464.022647] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3464.023296] ? syscall_enter_from_user_mode+0x21/0x50 [ 3464.023952] do_syscall_64+0x3f/0x90 [ 3464.024440] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3464.025088] RIP: 0033:0x7f729f431b19 [ 3464.025545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3464.027661] RSP: 002b:00007f729c986188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3464.028568] RAX: ffffffffffffffda RBX: 00007f729f545020 RCX: 00007f729f431b19 [ 3464.029417] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3464.030273] RBP: 00007f729c9861d0 R08: 0000000000000000 R09: 0000000000000000 [ 3464.031116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3464.031955] R13: 00007ffe00c6649f R14: 00007f729c986300 R15: 0000000000022000 [ 3464.032819] 00:40:15 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:40:15 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 12) 00:40:15 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30) 00:40:15 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 28) [ 3464.173940] loop0: detected capacity change from 0 to 512 [ 3464.215716] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:40:15 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29) 00:40:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=ANY=[], 0x1a) 00:40:15 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:40:15 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3464.378348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3464.398627] FAULT_INJECTION: forcing a failure. [ 3464.398627] name failslab, interval 1, probability 0, space 0, times 0 [ 3464.400487] CPU: 0 PID: 19256 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3464.401470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3464.402425] Call Trace: [ 3464.402744] [ 3464.403027] dump_stack_lvl+0xc1/0xf0 [ 3464.403529] should_fail_ex+0x4b4/0x5b0 [ 3464.404032] should_failslab+0x9/0x20 [ 3464.404507] __kmem_cache_alloc_node+0x66/0x310 [ 3464.405102] ? copy_net_ns+0x17c/0x770 [ 3464.405611] kmalloc_trace+0x26/0xc0 [ 3464.406079] copy_net_ns+0x17c/0x770 [ 3464.406558] ? copy_cgroup_ns+0xa7/0x710 [ 3464.407065] create_new_namespaces+0x3f6/0xb30 [ 3464.407652] copy_namespaces+0x414/0x500 [ 3464.408202] copy_process+0x2b78/0x7320 [ 3464.408717] ? lock_acquire+0x19a/0x4c0 [ 3464.408765] loop0: detected capacity change from 0 to 512 [ 3464.409250] ? __pfx_copy_process+0x10/0x10 [ 3464.410477] ? _copy_from_user+0x5c/0xf0 [ 3464.410991] kernel_clone+0xeb/0x810 [ 3464.411476] ? ksys_write+0x122/0x250 [ 3464.411959] ? __pfx_kernel_clone+0x10/0x10 [ 3464.412526] ? lock_is_held_type+0x9f/0x120 [ 3464.413102] __do_sys_clone3+0x1d5/0x250 [ 3464.413628] ? __pfx___do_sys_clone3+0x10/0x10 [ 3464.414241] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3464.414971] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3464.415697] ? fput+0x2f/0x1a0 [ 3464.416125] ? __pfx_ksys_write+0x10/0x10 [ 3464.416646] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3464.417310] ? syscall_enter_from_user_mode+0x21/0x50 [ 3464.417947] do_syscall_64+0x3f/0x90 [ 3464.418430] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3464.419054] RIP: 0033:0x7f89ec184b19 [ 3464.419512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3464.420115] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3464.421614] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3464.421646] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3464.421668] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3464.424866] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3464.425773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3464.426617] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3464.427505] [ 3464.685868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:40:27 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31) [ 3475.820126] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:40:27 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000140)=ANY=[@ANYBLOB="f0ab1d2509704cbb4dfea495602e3ec7dc6edd0e5506b59c570ad6d1856f2a24a872325ef0d1afa5033ab4ba77e0de3ab34436504721094515588bae944304034c9fa43909d6bc7d543fa1573e9f8a24162e12e2268136ed02b2ef1fbbf2739d0195aabfb5dee434fbcdc64d2b51c4b7809911fbd0e583"], 0x1a) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, &(0x7f00000000c0)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x1}, @device_a, @device_b, @initial, {0x4, 0x9}}, @sa_query_req={0x8, 0x0, 0xea}}, 0x1c) syz_80211_inject_frame(&(0x7f0000000100), &(0x7f0000000340)=ANY=[@ANYBLOB="5a0000000802110000012aa4e3886b458317a84a6eb76434d3dca187a6429d111c9cc0d5b96aec096c4d9531444eb99d77cdd926b8c697d798d4e37a4170b44ffe78848b8381caa6ff850e22065e739ffdfe2e3a37d491a19e1132beb5338e7b7957456070179ab81a93b74a0a6462d87491f8cf5c5f94e9d00619598b9f6862606b2b647b1bce2524d88816bf49922a0000000000000009014aafe53fb86d49cdd298130664f1aebd2b8e7eb81b1219cd8bbaac4272af4e8a9a5c1d5ddce991ffd3bbffd8ceb8c11b9cd5e2af7a338f27a48a16bb4ccb6ffb6a9809655fb7c8320abada51d4fb474ff6e010da8afb426a601eddbeb70f563f525ac0241fe8e4ad72150166cd237b36acb9710f84bad4c506ad8ce6dd77f01fcdcacf83ec5e79f13d4b2c203fe10c"], 0xa) syz_80211_inject_frame(&(0x7f00000001c0)=@broadcast, &(0x7f0000000200)=@mgmt_frame=@action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x1}, {0x3f}, @broadcast, @device_a, @initial, {0xf, 0x9}}, @delba={0x3, 0x2, {{0x0, 0x1, 0xc}, 0x16, {0xbd, 0x6}}}}, 0x26) syz_80211_inject_frame(&(0x7f0000000080), &(0x7f0000000480)=@data_frame={@no_qos=@type10={{0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7ff8}, @from_mac=@broadcast, @device_a, @broadcast, {0x1, 0x5}}, @a_msdu=[{@device_a, @broadcast, 0x65, "ca2e491512e854325ef8fed02c841f9e15a99f9a2da6fcb6ac05d927d1acb638b470cb765d1aee7b30acc2749b34f402f751458bb082ec6266b6359a29fded0059cc3143c398959cf42cb25af65f701a5305a0378ba03db1baba73b232787101b6e509797f"}, {@broadcast, @broadcast, 0x7, "4414421e1aa16f"}, {@broadcast, @broadcast, 0x1000, "f7676b9b124c8f5b5b1fab6894203f461f82c9a1db0c793b278a126fa602aca8d3bbab8f7675e8df3d9b56d4e44670a2fb8d32622307ba730d06554ba00f218e53752dca2926e21421cbd0da24b1633246eeec72fbee8aa50f778db78cdf3ceb2969c9d53c7aef6bf069c8423d447a6be63f2e84b5fbb662f6ccdfd3f2a1561bb98749a776907aca26802d2e9d86ab9db56c43873f7575d738862dfca1cae5260737dab6914720f481c424d32a544a86cd6851a497cd174f4119cf833f8f25a8568180bebceb2bd512d1db41ce1ae30a40256d44f0695047c07eeb1927700aaa9d5bf9d6d52c0b2a8b63895a0c50a7eb3ea098eaa251453bd13ad167f27137f641fcafe951e2ed2afa16e01a835c26b6f72fd26e87e57507c16a0d21dc9d6ed7272c6403f3cbbb9b52f3d02f94af73f86421b95024d7a427a61a0933e3394d263e53980934a877e498b67887aa90e1d13357b0e185a106c14fd510072a6bd26d785c46772190318ea85b1632f196b5f9687ea96a2c7a197a8f0798db2464c6b058e8f21ea470ee29fff8618a93a8803a50b55410f5a2e13f81a6193e296d6c2e5ec2ec1643be606fecd2a27311a01bc6d91c2ac17cf068a7d7d6a756c193f1dace1264df112cf14b1a0fa87f2b9c1d1e7345dcff1eb986f156fefcb39de135f3306a87f929c8cf1a750993fe027ba269a39b2b255af5ca21d42bfdb600080754f017c86996588afaab9db02f82e1ed67a304714a1d45e4e47c3fa2909c6fbe8c6c2dc9fc6b74e5cfd4f2add0b972396203da875b6364e50fa0f32a5bd0d2612db3d7d3ecc995d95a0db093892c8e4f29964697ac4b53c219530b188832d75ad9399ff3c32d14fc62e0fa3da42869b2f1ef41fd22849acb5919bbcbbd359d3e88b4130d20e0155a5715e5dc7d219506c23e8b4b15255ee3fc2f54440299b536d3b07d7f7e37d7b6030a52803eef8da0b21c4b35e805ce636fe67a8a2f524e8b4430a3f2663c6c5c59119f18e59b3bffd719fd9719dbc78ee717fae29a2082b7d7a5bdec538f9983ac72832d993a487fea6073f2c66f9f9f08a1a20635c8e7a2aaa17d52bc6d7bea4ce5f8fe270b4b8ed5bc42bc5f37aea8cc147b20f0bfa78a43e924c22e36491bf7b6578070ab7f7afeb1da72ba66bbbca64dbf0cd441c41dd7befdb05d876f8e7172294d36ac77bd9fce4bc2763e0fd1aa94de1886fb64859025452fe88f397ebd3034259be4588d52090c0d7aa8a31bbdccee1b1a419640da1e5445f0ed40351e4ce9eb606ca896a3aa6e6431f7843d01711f19bfb66ebc4515d79480be9d427cb2a8dcee937b866a2b615f041f3e9805d81b59aba9c2fa180e63c35678365d0ccbfdac7bc50747f4c2d90d1ee055e6ec60a97a3d4962ec57bf0b1b3b8acaf08de079847542a0bd088dfacee1f571d805538cc15707a677dead4c8a3585cf0f8bda431617d5e3ad7cc6cb3eceadd623c1238d4fbfbbfc255de82122ce8c28f9c3dbbcfa4c8cddc6fe89c623e1e7bc3b71f6b20a1e52e072ab6939d49c8236d631b0e1be0e50e42ec072e9220b535290629c70e04e3fb3cbadb797b558cfc8097d47450e9a67e8cc289597904d2e731dfafdd2c4c20ba3e4fa80d30879ee8d73f0b07abfd58d7bf844b4a5afa855d34fd6117745bb32ced6497a7d5a2dc7d0df4ab104a9464e0697528bad83e0d381b69688ca310fc5ed54bf0a1e248d181ba0790016bf81145cb3ea5a0c8548f1448f76c796bbe1180490fc08d0f9ee343bacfcd23d269bd250242ae30b2141996ec620e2247b1e2a79746d850c7806b9ac75e357d4cab1e4a759942ae2358f04e83ef606647368666128de1fb8317b3a0a2f34603b72eafbbbd43e5a7f3bfe951a1011bdbd561bce44b56bbb7519b37a6b68adf4234c4567d2cbd21e5bff433b213e78d4b61686f6f28ecf3dc5a690873d9e755b9a98ec99cd8988f074f7ec0777951df96735cd42f12cb54c57c5c696496bd3517e43704185a196d4f38d6f35aa33c1afbc4f0099aa52b64165033717e344c2005eadf133ef6ea4943cf3983c997a7329ca8aa4aad397bd98bb961319513fe6caad66156753405dcb1898cc3134d96c671b3101185536d23e9ffc73882763dc5fb2f6288aafa73a6a6c02f073713c1e1bebfcdd098f953a01788be0dedcea79c9be120f99b0e39fcfe511984452b24efeb17f7373dec068f7ed39aec661f509f3b2df396fad55ebb72dd712d020f690dedb79bc4ce713944a76bbc5c886a7f08b413398bc8c4c42668a570e255370bc39b67a53ebdeb1791fa99185124aad18bceacdec6aa46e559a7c935466aaffc103aa5a54e9be2b71a913428315003a70daf4b4c2aa08efb57b6f39ad82d2bb62865c9d9650b4300bcfa98f0fa50cdce3a26dcb9fe5c76ac5a064705689a846e033e1adeca5ff9d263c4a95c3614517c2b93764f28c76fc2c542808c587364b3cb98e6f71b94c4dc131d491875aa42489e626f1be7c1099ea77ee485146d8fd7453a46e28f660f822b8c499c9c152bbee22c4314be4a1e121e785585e6195727244faced8fdee70eebef37229b3e4cbb265be3393d027c81a747d352af356d7bca0af94f83d00aa5dbbb01b0b4d7d1cc8cd05764b0c7112f69f6cb755338ea78a14065f5e1131fad24ede9010bb9a37c79003675ffa4573db5c5538956d5140b37d2f52334e93828d0ecbf7ce5e96de60fd7694550fbdfd86f0e411d89d2511f72e310f83075f74ab2b9523b318eb7faf85d2a104691c874f67cfeccb31e484b199b9f4c1917396a88a46f4f793281da17bcbce46ba2e888d9a33369c3af663102aef04a7e4b92c498419ee9e0ef20a9dbbfdfeb1f65be222b4be43c7328e65d44635278a69cfc7da507b2560358a9afdd30196a21764058d5fac5dd5633cc6e4b8ad68dc1f7b5e7adc7d9871b0a07b3c20aa10352c3d4c3b0656c0a35e8d5133ce96bf4be807f907ba71f1bd515632366f96d71ea7e53b14c9bda18f7d899b38b4cae380dba1ab136e2b4c96311e0770492716f90ff5d1c9b85f77d4626de836781077da3dbaad6bc99503fef6625a34665c68c2e1a37e39bae6ddc8ef5426bd3b7632e13d225148fcacaad95e45159d3961cacb0f54a1da3682a3480788a7b96500258de31a96a7f8f854ff16defc409b67a65f6500c931241e9b5aa293e9214bd520b705e6a031a0dcb74b9d74663e04deb1afafd46ea7b9bdc77170ca5491fa58934f652766b2cc43cee9d30e71074211d50c52d395683fc0d1ae087c6bcddf80ee3ca2b58a41d8f46fbf1b7afe7f1c1da0f5521ba8b2a2e4421fa8fcdd35cb901bc9827afe7d0f98de1a4783163859bf553b5c82f271f503c337964eca86dbdebecd7fa007f3d9638762e13878befde515c721bcc39299c789ae2ba4904b6a170013e77fe38fbd2a892bb92e1f4ef4aba3480205d522e8febff654ce1ffae3fb55a6c38b0139ead6f12a460c1df4c2b1c23e524f19f1b5b401de6705cf29a499bfdbfd0927f0b9c6925ee23e4f38bdcd5f20d356f5f2fc318ec25057927970ee9bf4f2e88ed7fd1cecf9f181f3e797e02b3075026c9116b1b45471af6c956f1361b90e2380993cdc71df5cf079da639c5dfc6cec77cd81b80effcd58bf0bc136d26780e97b20af33b865d7261de699adc7a96b2a4225750e91a9b57f8a286e20c484af7e652ccc91835112b3999832c9411224659db33c535f10a8ad585c6e814abe0b235d42ec1b64f9c2304c9e877281d632842e66a03739ea9ea81d306c66c234437f379f1032383a4ea7e0b1f67a4c2c5034bae9e67dcee8b80a61eee4b4f78c4ffb0c9094d9bc104d87048f91bb1afd8bfea0cbf78b656eb4e144d1bfa6319de0fe63881c014a33fc6f761851ba92ced1ced3df4f309bf5cccb75c84835a89ddb80c1be8700308525ab8bf9d6d8b17c97702149bddae4db4e183e2e5dc9c26853c74b693dc08b1399864ca5f639df700db0fdb61ce024786704aadfdb89294017029370c6d6b824deca995b7367953867491aa03e4a8e5bf8c14869bcba64cc8f0b5ce3012c5a2e1e1cbd8e0620cf73591d261ee99302f31b664493f1c619a73a8a1769f60a3d331f1ab49a6d438d9c92a08b9c03bdca6d752efe2b1f76ae238bbdc6065b0ff654659d28394e0c5c1450eb32d9845352e1362bddac411143cfa64fb1ca82c497166bce43bbad3aef530e416c02935711525f170ee06e5088999d93f2792e7eee47a72ca042b7d46d535aa391fc4fa6af76d78dbae02f51cd7a4eb55d900ad95b5523eb196a74ec7eaaa2b0a3aabd47f7855345a66ff42c7f740899aa0c1faf052be86b0c01df200715b76cb8001d3e9ff21969b0f03fb615dc7a35a0b77dae3f06b7b73c68ac3aa9fd970cf590a15498097c7044094a0e5b8820f52017bc2b437fdceba8df4ae7ead9cefc9c7295b680cbdd8bb12da268d9de97d9b763fa5b725fe49541a8304ec38593b157992205090b8bde2675d140aa0d850ec03acfbb23a194921498d8e61f1a4ecee23b15ecb9abd4efc5975a13910b93b517ff6a07a56495cfc40f75832467344303ed1ee1d440c3c42bb13cf7f8fb766c84591df850d383abb69553ef27bb1ecbfa93b067698cefc55d0ca87909b1d39143a12f88e0fe1db83eb05a7c7d1dae099f430dd8c1136084dafe1e6b78cda5af4137847a57440d58d5372b0e290a73a864a197851dba0d2c3dcba711bee8131af4d40168719b618f8201aad185e6aa4d14f0e719a40bd22d80859d54d8847e59cb7c90d1dabeb4076a1be2fb8bf3f9423fddf2a10792981b1a06a80c4f3da11965d93320ca1a522931a86682d9e78e9590d4441fd4da648f741c315a8eda8827211e70da2ae7d6253a99dc67791256a0aeff855e171b62dcfcd1533db2ae25aab2e367701ad8c8927eccb72a87ea29bad301926dfbc1cbd963b5d68f2a5ff24cacf9f75b14f35a785e99f4ca948b9c02088717e865c50282d7d50b0113b378e4d255a2a6bcce2a17feab19058e5a9c066bc7f58169162afa6480c29e4c246d60d32107a5ee2de2a34087380ebf870f12b2d58f95cdb75c1b394388b3a7c69e6522922085ccc5e7ad6ff5a01565188ba417437bb1de49281c70b153774bd39c08dd1ec9426fc7f7eb97f4711bfe7a35210389c487572d035b775e476170948ca34f5e8df8cceffea41cfa26b02107aa591a8318d213e4840319705f7b5f531c2f4c0d8284268b91a0f72157db5726e77db7c37209e3a6581a2f84a738ef9a0877b76b2bc8def3070abb46b83e1781aac21d479ae83cf76479bf213491081ec4e11dce5c05cde0560c8294039a15be114ae6ceff0167a0d280ee2fda9fd819995d3dd8433a89f958161bb0bb2b1c61815a1fe7425c5291bdefae59bfab102210b305d6ce9ae5fee6ee0ada03e7068067704ef202dce5b2f10d547c7f310935f3936bcfcddf69506212b08c33af6fc59298f9d3fa8912bc8a44ba186eaac638aacf4646cb5bb0fc0167cdcb2ed095fadd3b4beaf78b56cf4cd1eab560eae9a42a765988031bcc6485d893a36c706ce33df045e6e4abb3d91c3b70c40ce49834219f2e1bec8a6e75740605c342e4620aa0311f33272790f8b9122595762f5fd57fb3fa48954cc798aec235117f332be8dd4755aa0c325a760e22116453087bb89b109c506865028e21962226a30d7997b354b562ed30df316fcb29b4ee92759de5326856a929e83dc50c1aca9653b12fb9475cc2365a56ecd655e86eed6ed9410c343e87"}]}, 0x10b4) 00:40:27 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:40:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) 00:40:27 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 13) 00:40:27 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 10) 00:40:27 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 29) 00:40:27 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30) [ 3475.870448] FAULT_INJECTION: forcing a failure. [ 3475.870448] name failslab, interval 1, probability 0, space 0, times 0 [ 3475.871515] CPU: 1 PID: 19278 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3475.872019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3475.872510] Call Trace: [ 3475.872679] [ 3475.872828] dump_stack_lvl+0xc1/0xf0 [ 3475.873095] should_fail_ex+0x4b4/0x5b0 [ 3475.873356] ? kvmalloc_node+0xaa/0x200 [ 3475.873620] should_failslab+0x9/0x20 [ 3475.873865] __kmem_cache_alloc_node+0x66/0x310 [ 3475.874166] ? kvmalloc_node+0xaa/0x200 [ 3475.874430] ? kvmalloc_node+0xaa/0x200 [ 3475.874693] __kmalloc_node+0x50/0x160 [ 3475.874946] kvmalloc_node+0xaa/0x200 [ 3475.875211] alloc_fdtable+0xd3/0x280 [ 3475.875498] dup_fd+0x751/0xcf0 [ 3475.875728] ? security_task_alloc+0xea/0x260 [ 3475.876028] copy_process+0x1f7e/0x7320 [ 3475.876294] ? lock_acquire+0x19a/0x4c0 [ 3475.876562] ? __pfx_copy_process+0x10/0x10 [ 3475.876849] ? _copy_from_user+0x5c/0xf0 [ 3475.876913] loop0: detected capacity change from 0 to 512 [ 3475.877123] kernel_clone+0xeb/0x810 [ 3475.877148] ? ksys_write+0x122/0x250 [ 3475.877168] ? __pfx_kernel_clone+0x10/0x10 [ 3475.877199] ? lock_is_held_type+0x9f/0x120 [ 3475.878962] __do_sys_clone3+0x1d5/0x250 [ 3475.879260] ? __pfx___do_sys_clone3+0x10/0x10 [ 3475.879573] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3475.879948] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3475.880321] ? fput+0x2f/0x1a0 [ 3475.880542] ? __pfx_ksys_write+0x10/0x10 [ 3475.880808] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3475.881143] ? syscall_enter_from_user_mode+0x21/0x50 [ 3475.881484] do_syscall_64+0x3f/0x90 [ 3475.881737] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3475.882064] RIP: 0033:0x7f418241bb19 [ 3475.882306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3475.883392] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3475.883856] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3475.884294] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3475.884728] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3475.884754] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 3475.885172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3475.885184] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3475.885208] [ 3475.892049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3475.892713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3475.917419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3475.919503] FAULT_INJECTION: forcing a failure. [ 3475.919503] name failslab, interval 1, probability 0, space 0, times 0 [ 3475.921416] CPU: 0 PID: 19283 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3475.922483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3475.923526] Call Trace: [ 3475.923872] [ 3475.924187] dump_stack_lvl+0xc1/0xf0 [ 3475.924736] should_fail_ex+0x4b4/0x5b0 [ 3475.925306] should_failslab+0x9/0x20 [ 3475.925829] __kmem_cache_alloc_node+0x66/0x310 [ 3475.926459] ? copy_net_ns+0x17c/0x770 [ 3475.927024] kmalloc_trace+0x26/0xc0 [ 3475.927533] copy_net_ns+0x17c/0x770 [ 3475.928055] ? copy_cgroup_ns+0xa7/0x710 [ 3475.928605] create_new_namespaces+0x3f6/0xb30 [ 3475.929261] copy_namespaces+0x414/0x500 [ 3475.929829] copy_process+0x2b78/0x7320 [ 3475.930383] ? lock_acquire+0x19a/0x4c0 [ 3475.930945] ? __pfx_copy_process+0x10/0x10 [ 3475.931556] ? _copy_from_user+0x5c/0xf0 [ 3475.932111] kernel_clone+0xeb/0x810 [ 3475.932640] ? ksys_write+0x122/0x250 [ 3475.933164] ? __pfx_kernel_clone+0x10/0x10 [ 3475.933772] ? lock_is_held_type+0x9f/0x120 [ 3475.934369] __do_sys_clone3+0x1d5/0x250 [ 3475.934935] ? __pfx___do_sys_clone3+0x10/0x10 [ 3475.935606] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3475.936405] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3475.937223] ? fput+0x2f/0x1a0 [ 3475.937698] ? __pfx_ksys_write+0x10/0x10 [ 3475.938264] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3475.938975] ? syscall_enter_from_user_mode+0x21/0x50 [ 3475.939679] do_syscall_64+0x3f/0x90 [ 3475.940218] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3475.940911] RIP: 0033:0x7fefd8f24b19 [ 3475.941420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3475.943764] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3475.944757] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3475.945692] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3475.946621] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3475.947551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3475.948481] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3475.949461] [ 3475.952935] FAULT_INJECTION: forcing a failure. [ 3475.952935] name failslab, interval 1, probability 0, space 0, times 0 [ 3475.954770] CPU: 0 PID: 19277 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3475.955852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3475.956906] Call Trace: [ 3475.957287] [ 3475.957601] dump_stack_lvl+0xc1/0xf0 [ 3475.958142] should_fail_ex+0x4b4/0x5b0 [ 3475.958703] ? proc_net_ns_init+0x42/0x410 [ 3475.959275] should_failslab+0x9/0x20 [ 3475.959802] kmem_cache_alloc+0x61/0x390 [ 3475.960367] ? __pfx_lock_acquire+0x10/0x10 [ 3475.960956] ? __pfx_proc_net_ns_init+0x10/0x10 [ 3475.961606] proc_net_ns_init+0x42/0x410 [ 3475.962161] ops_init+0xbb/0x6b0 [ 3475.962665] setup_net+0x3d9/0x990 [ 3475.963185] ? down_read_killable+0x1d7/0x4e0 [ 3475.963813] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3475.964479] ? __pfx_setup_net+0x10/0x10 [ 3475.965168] copy_net_ns+0x321/0x770 [ 3475.965708] create_new_namespaces+0x3f6/0xb30 [ 3475.966356] copy_namespaces+0x414/0x500 [ 3475.966932] copy_process+0x2b78/0x7320 [ 3475.967501] ? lock_acquire+0x19a/0x4c0 [ 3475.968073] ? __pfx_copy_process+0x10/0x10 [ 3475.968672] ? _copy_from_user+0x5c/0xf0 [ 3475.969260] kernel_clone+0xeb/0x810 [ 3475.969788] ? ksys_write+0x122/0x250 [ 3475.970313] ? __pfx_kernel_clone+0x10/0x10 [ 3475.970929] ? lock_is_held_type+0x9f/0x120 [ 3475.971544] __do_sys_clone3+0x1d5/0x250 [ 3475.972117] ? __pfx___do_sys_clone3+0x10/0x10 [ 3475.972784] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3475.973586] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3475.974382] ? fput+0x2f/0x1a0 [ 3475.974839] ? __pfx_ksys_write+0x10/0x10 [ 3475.975406] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3475.976110] ? syscall_enter_from_user_mode+0x21/0x50 [ 3475.976824] do_syscall_64+0x3f/0x90 [ 3475.977399] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3475.978100] RIP: 0033:0x7f729f431b19 [ 3475.978603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3475.980932] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3475.981932] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3475.982869] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3475.983802] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3475.984730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3475.985693] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3475.986655] [ 3476.006829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:40:27 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 14) 00:40:27 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31) 00:40:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) [ 3476.040933] FAULT_INJECTION: forcing a failure. [ 3476.040933] name failslab, interval 1, probability 0, space 0, times 0 [ 3476.042008] CPU: 1 PID: 19294 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3476.042515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3476.043016] Call Trace: [ 3476.043184] [ 3476.043333] dump_stack_lvl+0xc1/0xf0 [ 3476.043594] should_fail_ex+0x4b4/0x5b0 [ 3476.043857] ? proc_net_ns_init+0x42/0x410 [ 3476.044127] should_failslab+0x9/0x20 [ 3476.044373] kmem_cache_alloc+0x61/0x390 [ 3476.044639] ? __pfx_lock_acquire+0x10/0x10 [ 3476.044920] ? __pfx_proc_net_ns_init+0x10/0x10 [ 3476.045242] proc_net_ns_init+0x42/0x410 [ 3476.045505] ops_init+0xbb/0x6b0 [ 3476.045742] setup_net+0x3d9/0x990 [ 3476.045983] ? down_read_killable+0x1d7/0x4e0 [ 3476.046279] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3476.046595] ? __pfx_setup_net+0x10/0x10 [ 3476.046870] copy_net_ns+0x321/0x770 [ 3476.047124] create_new_namespaces+0x3f6/0xb30 [ 3476.047436] copy_namespaces+0x414/0x500 [ 3476.047719] copy_process+0x2b78/0x7320 [ 3476.047987] ? lock_acquire+0x19a/0x4c0 [ 3476.048278] ? __pfx_copy_process+0x10/0x10 [ 3476.048572] ? _copy_from_user+0x5c/0xf0 [ 3476.048860] kernel_clone+0xeb/0x810 [ 3476.049130] ? ksys_write+0x122/0x250 [ 3476.049403] ? __pfx_kernel_clone+0x10/0x10 [ 3476.049693] ? lock_is_held_type+0x9f/0x120 [ 3476.049981] __do_sys_clone3+0x1d5/0x250 [ 3476.050248] ? __pfx___do_sys_clone3+0x10/0x10 [ 3476.050566] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3476.050938] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3476.051307] ? fput+0x2f/0x1a0 [ 3476.051526] ? __pfx_ksys_write+0x10/0x10 [ 3476.051790] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3476.052124] ? syscall_enter_from_user_mode+0x21/0x50 [ 3476.052459] do_syscall_64+0x3f/0x90 [ 3476.052712] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3476.053038] RIP: 0033:0x7f89ec184b19 [ 3476.053300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3476.054379] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3476.054841] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3476.055277] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3476.055708] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3476.056141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3476.056574] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3476.057024] 00:40:27 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:40:27 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 30) [ 3476.137613] loop0: detected capacity change from 0 to 512 [ 3476.144358] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 00:40:27 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32) 00:40:27 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) 00:40:27 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 15) 00:40:27 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32) [ 3476.207234] FAULT_INJECTION: forcing a failure. [ 3476.207234] name failslab, interval 1, probability 0, space 0, times 0 [ 3476.208035] CPU: 1 PID: 19307 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3476.208565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3476.209109] Call Trace: [ 3476.209292] [ 3476.209462] dump_stack_lvl+0xc1/0xf0 [ 3476.209746] should_fail_ex+0x4b4/0x5b0 [ 3476.209923] FAULT_INJECTION: forcing a failure. [ 3476.209923] name failslab, interval 1, probability 0, space 0, times 0 [ 3476.210022] ? kvmalloc_node+0xaa/0x200 [ 3476.211693] should_failslab+0x9/0x20 [ 3476.211939] __kmem_cache_alloc_node+0x66/0x310 [ 3476.212240] ? kvmalloc_node+0xaa/0x200 [ 3476.212506] ? kasan_set_track+0x25/0x30 [ 3476.212768] ? kvmalloc_node+0xaa/0x200 [ 3476.213028] __kmalloc_node+0x50/0x160 [ 3476.213316] kvmalloc_node+0xaa/0x200 [ 3476.213605] alloc_fdtable+0x13f/0x280 [ 3476.213867] dup_fd+0x751/0xcf0 [ 3476.214092] ? security_task_alloc+0xea/0x260 [ 3476.214407] copy_process+0x1f7e/0x7320 [ 3476.214669] ? lock_acquire+0x19a/0x4c0 [ 3476.214934] ? __pfx_copy_process+0x10/0x10 [ 3476.215225] ? _copy_from_user+0x5c/0xf0 [ 3476.215500] kernel_clone+0xeb/0x810 [ 3476.215746] ? ksys_write+0x122/0x250 [ 3476.215991] ? __pfx_kernel_clone+0x10/0x10 [ 3476.216320] ? lock_is_held_type+0x9f/0x120 [ 3476.216610] __do_sys_clone3+0x1d5/0x250 [ 3476.216877] ? __pfx___do_sys_clone3+0x10/0x10 [ 3476.217195] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3476.217571] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3476.217944] ? fput+0x2f/0x1a0 [ 3476.218165] ? __pfx_ksys_write+0x10/0x10 [ 3476.218438] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3476.218761] ? syscall_enter_from_user_mode+0x21/0x50 [ 3476.219089] do_syscall_64+0x3f/0x90 [ 3476.219346] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3476.219670] RIP: 0033:0x7f418241bb19 [ 3476.219904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3476.220989] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3476.221470] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3476.221902] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3476.222342] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3476.222776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3476.223207] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3476.223661] [ 3476.223815] CPU: 0 PID: 19303 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3476.224932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3476.226055] Call Trace: [ 3476.226413] [ 3476.226732] dump_stack_lvl+0xc1/0xf0 [ 3476.227292] should_fail_ex+0x4b4/0x5b0 [ 3476.227869] ? copy_net_ns+0x12e/0x770 [ 3476.228433] should_failslab+0x9/0x20 [ 3476.228963] kmem_cache_alloc+0x61/0x390 [ 3476.229566] copy_net_ns+0x12e/0x770 [ 3476.230105] ? copy_cgroup_ns+0xa7/0x710 [ 3476.230686] create_new_namespaces+0x3f6/0xb30 [ 3476.231348] copy_namespaces+0x414/0x500 [ 3476.231932] copy_process+0x2b78/0x7320 [ 3476.232502] ? lock_acquire+0x19a/0x4c0 [ 3476.233079] ? __pfx_copy_process+0x10/0x10 [ 3476.233743] ? _copy_from_user+0x5c/0xf0 [ 3476.234337] kernel_clone+0xeb/0x810 [ 3476.234876] ? ksys_write+0x122/0x250 [ 3476.235419] ? __pfx_kernel_clone+0x10/0x10 [ 3476.236047] ? lock_is_held_type+0x9f/0x120 [ 3476.236680] __do_sys_clone3+0x1d5/0x250 [ 3476.237289] ? __pfx___do_sys_clone3+0x10/0x10 [ 3476.237968] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3476.238792] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3476.239604] ? fput+0x2f/0x1a0 [ 3476.240097] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3476.240820] ? syscall_enter_from_user_mode+0x21/0x50 [ 3476.241561] do_syscall_64+0x3f/0x90 [ 3476.242104] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3476.242841] RIP: 0033:0x7fefd8f24b19 [ 3476.243364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3476.245821] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3476.246851] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3476.247813] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3476.248788] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3476.249763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3476.250745] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3476.251743] [ 3476.327112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3476.334064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3476.337224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:40:41 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 16) 00:40:41 executing program 1: r0 = syz_io_uring_complete(0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r0, 0xc080661a, &(0x7f00000001c0)={@id={0x2, 0x0, @b}}) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7"], 0x1a) syz_80211_inject_frame(&(0x7f00000003c0)=@broadcast, &(0x7f0000000400)=@mgmt_frame=@reassoc_req={@wo_ht={{0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @broadcast, @broadcast, @initial, {0x8, 0x6}}, 0x8, 0x4, @device_a, {0x0, 0x6, @default_ap_ssid}, @void, @void}, 0x2a) mknodat$null(r0, &(0x7f0000000240)='./file0\x00', 0xc000, 0x103) syz_80211_inject_frame(&(0x7f0000000280), &(0x7f00000002c0)=@mgmt_frame=@probe_response={@wo_ht={{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x40}, @device_a, @device_a, @initial, {0xb, 0x6}}, 0x4, @random=0x3ff, 0x4, @void, @val={0x1, 0x1, [{0x0, 0x1}]}, @void, @val={0x4, 0x6, {0x2, 0x1, 0x4}}, @val={0x6, 0x2}, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x5, 0x40}}, [{0xdd, 0x8, "536a5cd712c1ebb5"}, {0xdd, 0x13, "a48d2ee76b51e9e966f61468fcf9ccdb2e2f32"}, {0xdd, 0x19, "6de2a91abd68c870deeef17700b5c2faee1150ed10728e62a8"}, {0xdd, 0x75, "6df3f47024edd9962cad842e90dead3346bb4084d015c29dc104e9bc8a5a47e37758be3ae6ef19611dd3e34696b2f92d2c06d9c8b3f1c887f294d0b155382810adc5d0bfbfa220a125ea1c642a377f3afef139cac59eca9a1ad3826aa8e99e4b112883a245ef3ad61e031f8016cea9204efef0c68a"}]}, 0xf5) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, &(0x7f00000000c0)=@data_frame={@qos_no_ht={{@type01={{0x0, 0x2, 0x9, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x6}, @broadcast, @random="82656cb0709a", @device_a, {0x0, 0x5}}, {0x3, 0x1, 0x2, 0x0, 0x1}}, {@type00={{0x0, 0x2, 0xd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x9}, @device_a, @device_a, @initial, {0x3, 0x40}}, {0xc, 0x0, 0x1, 0x1, 0x8}}}, @random="5d1b9df6db5f8dcf4157f491c20386eeb9a671b2878b154d5ef7929ba0ac04ef8404297bd86f94549a94e35df1f88c655a1afab2129c10aab2bd5bdea77b7eec5742b3e36947b5b8a2c1187f81e81f2d550276d45ebd412cfe82eeeaa4e7aaa9e341c94c30f8cc48152c82e2b07f2e20151643eb65d6ad3459c9013feb776ffb5c73a8a35f307598aa46c809d953cc55658d23ac18c88721353b30"}, 0xcf) 00:40:41 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33) 00:40:41 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 31) 00:40:41 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) 00:40:41 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33) 00:40:41 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 11) 00:40:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, 0x0) [ 3490.000909] loop0: detected capacity change from 0 to 512 [ 3490.045063] FAULT_INJECTION: forcing a failure. [ 3490.045063] name failslab, interval 1, probability 0, space 0, times 0 [ 3490.046549] CPU: 1 PID: 19331 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3490.047559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3490.048539] Call Trace: [ 3490.048878] [ 3490.049174] dump_stack_lvl+0xc1/0xf0 [ 3490.049703] should_fail_ex+0x4b4/0x5b0 [ 3490.050211] ? alloc_empty_file+0x76/0x1e0 [ 3490.050767] should_failslab+0x9/0x20 [ 3490.051250] kmem_cache_alloc+0x61/0x390 [ 3490.051781] ? __pfx_lock_release+0x10/0x10 [ 3490.052334] alloc_empty_file+0x76/0x1e0 [ 3490.052871] alloc_file+0x5e/0x800 [ 3490.053365] alloc_file_pseudo+0x16e/0x260 [ 3490.053916] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 3490.054528] ? do_raw_spin_unlock+0x53/0x220 [ 3490.055104] ? _raw_spin_unlock+0x1e/0x40 [ 3490.055640] ? alloc_fd+0x2eb/0x760 [ 3490.056120] sock_alloc_file+0x53/0x1e0 [ 3490.056656] __sys_socket+0x1ac/0x250 [ 3490.057151] ? __pfx___sys_socket+0x10/0x10 [ 3490.057739] ? ksys_write+0x19e/0x250 [ 3490.058217] ? __pfx_ksys_write+0x10/0x10 [ 3490.058755] __x64_sys_socket+0x73/0xb0 [ 3490.059255] ? syscall_enter_from_user_mode+0x21/0x50 [ 3490.059926] do_syscall_64+0x3f/0x90 [ 3490.060419] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3490.061070] RIP: 0033:0x7fcba4fd3197 [ 3490.061547] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3490.063756] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3490.064698] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3490.065598] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3490.066469] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3490.067334] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000002 [ 3490.068203] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3490.069093] [ 3490.075955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3490.081238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3490.092433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3490.099920] FAULT_INJECTION: forcing a failure. [ 3490.099920] name failslab, interval 1, probability 0, space 0, times 0 [ 3490.101573] CPU: 1 PID: 19333 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3490.102588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3490.103598] Call Trace: [ 3490.103927] [ 3490.104226] dump_stack_lvl+0xc1/0xf0 [ 3490.104751] should_fail_ex+0x4b4/0x5b0 [ 3490.105283] ? __proc_create+0x2b3/0x8b0 [ 3490.105812] should_failslab+0x9/0x20 [ 3490.106312] kmem_cache_alloc+0x61/0x390 [ 3490.106862] __proc_create+0x2b3/0x8b0 [ 3490.107366] ? __pfx___proc_create+0x10/0x10 [ 3490.107950] ? mark_held_locks+0x9e/0xe0 [ 3490.108474] _proc_mkdir+0xb2/0x200 [ 3490.108959] ? __pfx__proc_mkdir+0x10/0x10 [ 3490.109515] ? kmem_cache_alloc+0x328/0x390 [ 3490.110092] ? __pfx_proc_net_ns_init+0x10/0x10 [ 3490.110678] proc_net_ns_init+0x265/0x410 [ 3490.111215] ops_init+0xbb/0x6b0 [ 3490.111683] setup_net+0x3d9/0x990 [ 3490.112169] ? down_read_killable+0x1d7/0x4e0 [ 3490.112758] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3490.113411] ? __pfx_setup_net+0x10/0x10 [ 3490.113960] copy_net_ns+0x321/0x770 [ 3490.114479] create_new_namespaces+0x3f6/0xb30 [ 3490.115092] copy_namespaces+0x414/0x500 [ 3490.115642] copy_process+0x2b78/0x7320 [ 3490.116177] ? lock_acquire+0x19a/0x4c0 [ 3490.116708] FAULT_INJECTION: forcing a failure. [ 3490.116708] name failslab, interval 1, probability 0, space 0, times 0 [ 3490.116720] ? __pfx_copy_process+0x10/0x10 [ 3490.118577] ? _copy_from_user+0x5c/0xf0 [ 3490.119106] kernel_clone+0xeb/0x810 [ 3490.119596] ? ksys_write+0x122/0x250 [ 3490.120084] ? __pfx_kernel_clone+0x10/0x10 [ 3490.120655] ? lock_is_held_type+0x9f/0x120 [ 3490.121216] __do_sys_clone3+0x1d5/0x250 [ 3490.121751] ? __pfx___do_sys_clone3+0x10/0x10 [ 3490.122367] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.123102] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.123835] ? fput+0x2f/0x1a0 [ 3490.124257] ? __pfx_ksys_write+0x10/0x10 [ 3490.124784] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3490.125451] ? syscall_enter_from_user_mode+0x21/0x50 [ 3490.126111] do_syscall_64+0x3f/0x90 [ 3490.126609] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3490.127243] RIP: 0033:0x7f89ec184b19 [ 3490.127705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3490.129863] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3490.130779] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3490.131629] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3490.132478] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3490.133346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3490.134192] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3490.135073] [ 3490.135382] CPU: 0 PID: 19334 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3490.136379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3490.137363] Call Trace: [ 3490.137682] [ 3490.137969] dump_stack_lvl+0xc1/0xf0 [ 3490.138478] should_fail_ex+0x4b4/0x5b0 [ 3490.138988] ? proc_net_ns_init+0x42/0x410 [ 3490.139509] should_failslab+0x9/0x20 [ 3490.139994] kmem_cache_alloc+0x61/0x390 [ 3490.140507] ? __pfx_lock_acquire+0x10/0x10 [ 3490.141048] ? __pfx_proc_net_ns_init+0x10/0x10 [ 3490.141640] proc_net_ns_init+0x42/0x410 [ 3490.142150] ops_init+0xbb/0x6b0 [ 3490.142607] setup_net+0x3d9/0x990 [ 3490.143078] ? down_read_killable+0x1d7/0x4e0 [ 3490.143658] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3490.144281] ? __pfx_setup_net+0x10/0x10 [ 3490.144816] copy_net_ns+0x321/0x770 [ 3490.145329] create_new_namespaces+0x3f6/0xb30 [ 3490.145924] copy_namespaces+0x414/0x500 [ 3490.146451] copy_process+0x2b78/0x7320 [ 3490.146967] ? lock_acquire+0x19a/0x4c0 [ 3490.147490] ? __pfx_copy_process+0x10/0x10 [ 3490.148061] ? _copy_from_user+0x5c/0xf0 [ 3490.148581] kernel_clone+0xeb/0x810 [ 3490.149066] ? ksys_write+0x122/0x250 [ 3490.149560] ? __pfx_kernel_clone+0x10/0x10 [ 3490.150122] ? lock_is_held_type+0x9f/0x120 [ 3490.150680] __do_sys_clone3+0x1d5/0x250 [ 3490.151201] ? __pfx___do_sys_clone3+0x10/0x10 [ 3490.151818] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.152544] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.153296] ? fput+0x2f/0x1a0 [ 3490.153717] ? __pfx_ksys_write+0x10/0x10 [ 3490.154244] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3490.154889] ? syscall_enter_from_user_mode+0x21/0x50 [ 3490.155556] do_syscall_64+0x3f/0x90 [ 3490.156043] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3490.156676] RIP: 0033:0x7fefd8f24b19 [ 3490.157141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3490.159285] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3490.160206] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3490.161065] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3490.161928] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3490.162784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3490.163634] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3490.164509] 00:40:41 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, 0x0) [ 3490.173466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:40:41 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) [ 3490.220703] FAULT_INJECTION: forcing a failure. [ 3490.220703] name failslab, interval 1, probability 0, space 0, times 0 [ 3490.222135] CPU: 1 PID: 19335 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3490.223068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3490.224070] Call Trace: [ 3490.224404] [ 3490.224702] dump_stack_lvl+0xc1/0xf0 [ 3490.225226] should_fail_ex+0x4b4/0x5b0 [ 3490.225794] ? __proc_create+0x2b3/0x8b0 [ 3490.226325] should_failslab+0x9/0x20 [ 3490.226825] kmem_cache_alloc+0x61/0x390 [ 3490.227368] __proc_create+0x2b3/0x8b0 [ 3490.227872] ? __pfx___proc_create+0x10/0x10 [ 3490.228453] ? mark_held_locks+0x9e/0xe0 [ 3490.228993] _proc_mkdir+0xb2/0x200 [ 3490.229475] ? __pfx__proc_mkdir+0x10/0x10 [ 3490.230017] ? kmem_cache_alloc+0x328/0x390 [ 3490.230589] ? __pfx_proc_net_ns_init+0x10/0x10 [ 3490.231190] proc_net_ns_init+0x265/0x410 [ 3490.231731] ops_init+0xbb/0x6b0 [ 3490.232196] setup_net+0x3d9/0x990 [ 3490.232674] ? down_read_killable+0x1d7/0x4e0 [ 3490.233274] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3490.233862] ? __pfx_setup_net+0x10/0x10 [ 3490.234423] copy_net_ns+0x321/0x770 [ 3490.234898] create_new_namespaces+0x3f6/0xb30 [ 3490.235519] copy_namespaces+0x414/0x500 [ 3490.236062] copy_process+0x2b78/0x7320 [ 3490.236594] ? lock_acquire+0x19a/0x4c0 [ 3490.237085] ? __pfx_copy_process+0x10/0x10 [ 3490.237692] ? _copy_from_user+0x5c/0xf0 [ 3490.238187] kernel_clone+0xeb/0x810 [ 3490.238687] ? ksys_write+0x122/0x250 [ 3490.239149] ? __pfx_kernel_clone+0x10/0x10 [ 3490.239722] ? lock_is_held_type+0x9f/0x120 [ 3490.240256] __do_sys_clone3+0x1d5/0x250 [ 3490.240788] ? __pfx___do_sys_clone3+0x10/0x10 [ 3490.241375] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.242123] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.242806] ? fput+0x2f/0x1a0 [ 3490.243245] ? __pfx_ksys_write+0x10/0x10 [ 3490.243735] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3490.244404] ? syscall_enter_from_user_mode+0x21/0x50 [ 3490.245024] do_syscall_64+0x3f/0x90 [ 3490.245537] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3490.246141] RIP: 0033:0x7f729f431b19 [ 3490.246617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3490.248782] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3490.249740] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3490.250635] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3490.251520] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3490.252399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3490.253285] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3490.254171] [ 3490.289060] loop0: detected capacity change from 0 to 512 00:40:41 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 17) [ 3490.315470] FAULT_INJECTION: forcing a failure. [ 3490.315470] name failslab, interval 1, probability 0, space 0, times 0 [ 3490.316971] CPU: 1 PID: 19343 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3490.317906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3490.318924] Call Trace: [ 3490.319235] [ 3490.319531] dump_stack_lvl+0xc1/0xf0 [ 3490.320049] should_fail_ex+0x4b4/0x5b0 [ 3490.320580] ? copy_fs_struct+0x49/0x350 [ 3490.321112] should_failslab+0x9/0x20 [ 3490.321624] kmem_cache_alloc+0x61/0x390 [ 3490.322165] copy_fs_struct+0x49/0x350 [ 3490.322689] copy_process+0x36a6/0x7320 [ 3490.323230] ? lock_acquire+0x19a/0x4c0 [ 3490.323770] ? __pfx_copy_process+0x10/0x10 [ 3490.324313] ? _copy_from_user+0x5c/0xf0 [ 3490.324855] kernel_clone+0xeb/0x810 [ 3490.325341] ? ksys_write+0x122/0x250 [ 3490.325842] ? __pfx_kernel_clone+0x10/0x10 [ 3490.326378] ? lock_is_held_type+0x9f/0x120 [ 3490.326960] __do_sys_clone3+0x1d5/0x250 [ 3490.327463] ? __pfx___do_sys_clone3+0x10/0x10 [ 3490.328102] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.328797] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3490.329562] ? fput+0x2f/0x1a0 [ 3490.329973] ? __pfx_ksys_write+0x10/0x10 [ 3490.330508] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3490.331120] ? syscall_enter_from_user_mode+0x21/0x50 [ 3490.331806] do_syscall_64+0x3f/0x90 [ 3490.332274] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3490.332925] RIP: 0033:0x7f418241bb19 [ 3490.333416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3490.335595] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3490.336528] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3490.337409] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3490.338276] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3490.339144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3490.340022] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3490.340914] [ 3495.045255] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3499.461287] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3501.772362] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 3501.777426] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 3501.782040] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 3501.786204] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 3501.790539] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 3501.792043] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 3503.814294] Bluetooth: hci0: command 0x0409 tx timeout [ 3505.861231] Bluetooth: hci0: command 0x041b tx timeout [ 3507.909309] Bluetooth: hci0: command 0x040f tx timeout [ 3509.957258] Bluetooth: hci0: command 0x0419 tx timeout [ 3517.671391] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3517.672538] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3517.735727] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3517.736985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3518.081175] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.085446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.088801] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.091949] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.397363] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.401251] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.402527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3518.404989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3525.099943] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 00:41:24 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000480), 0x100, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000680)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000500)={0x108, 0x0, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x49}, @void, @val={0xc, 0x99, {0x5d82, 0x1e}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x20, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "b08eba4d145de8fd76cf20e97269e8562b3d39e41558d7e7"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "85b1d9b7f941d47a103c64b064dda806b13708974f673ce1"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "082c79d25884505c7f3813e9655559aba5f9bb8578ec9bbb"}], @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "367ddb5fe73c14b05fb053ff745ae96fc75f8a2067908714"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}]]}, 0x108}, 0x1, 0x0, 0x0, 0x40000080}, 0x20000000) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x1a) syz_80211_inject_frame(&(0x7f0000000080)=@device_b, &(0x7f00000000c0)=@mgmt_frame=@beacon={@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x9}, @device_b, @device_b, @random="7c534736a62f", {0xa, 0x20}}, 0x2, @default, 0x8408, @void, @void, @val={0x3, 0x1, 0xac}, @void, @val={0x6, 0x2, 0x4}, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x80, 0x3, 0x4}}, @val={0x2d, 0x1a, {0x800, 0x3, 0x2, 0x0, {0x6, 0x3, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x300, 0x81, 0xff}}, @val={0x72, 0x6}, @void, @void, [{0xdd, 0x55, "0dea140e10a9922e5245864cb07f9fb01162ced04b9b67bac075710c7bcf178c2c2b5f4d540dad9040e176d8795193150b8e53f1750fa1abac61f32d8cdeb531998cdb8f587896335b57f83359b0d95316741e5354"}, {0xdd, 0xec, "82f36303774f4f4f44d89f5586e0da6699ad5252be914594be0203d53e42be78d37bbfe03f32db976ff5286f9f204e0561e8acd1adcd76a958bacfe708d71f625325748ea223ec23f225ea257adb6de22388d13bb3237a55086cbaca9ac1b96da3255326eee3a69993ff1d1e3d44da6bbae87da09131021c702d7f50fc303a6575d0200dd16c8d36de42fbd430e38b6f7c60530bb0947a03dbc3dfe399ee9e5d189a6154438e531e44f127b7038a6a6a0785e599d14160788e9054bcf8aff5a456d6e7cc3beb56bdb431e3e59ff5bbb5b8b03bfc9c27a8710f3de6ad2209864f815a859be3f35250fa0686fa"}, {0xdd, 0xe0, "7deb53e9906d99426e8068cc04e4f6d91e2d10092f6c04b5395b008c2f5b970021e19673cf6a1561429e7c4620dbeffa3dd8e42092efa42e08e7b45b53bc0363c4ebf810aeec480ededd5fd4bcc8605a2fcedd375bab8fbfd218dcb17bc58016f9476f8df7a3014cf3399da13e6cb0819c859a624cabae9495bb7e71f1d0fe6731d91908aeeec366e6a9834d99df15be57c6a2ace4202521bff28c5a27402d255236978f9ae038f6eab025cee4ca12515146c9022698f52a585cfdb73d51999ecf41199c6c63b074cf0dd151be5e29891263d80054fe2cada43b55323d13e6cc"}, {0xdd, 0x77, "b93af854f6b572f2b0cd43e16c4140107007efac6f9aa09d9fac3bd25c50f216fcf34ddd4d271388d3912a3b4cf398bf866057cb5450589577ddae76242c63b45cb9ae0bb5c79b2ad0d8cac251c09653a3ee9e82a18e6efeca9b2d89803b1f4ebc9ae482b93a973ba5d1635daf0f26df259c8da17aa76b"}, {0xdd, 0xb3, "355f93b587c611900c85e3d546362f05c7e77599ecaa720446f35190cbd9f3281e47171b49d7ec20ddf0425397bf53b0348f773bac98f947e0ca5ad5dbd1f2edba2d1a1f3f737459b297cf7a7ac27363fe5f8f7877aa2632becd5ce80f9b4a48bf38f575d91705b649134a33c517c751ff0b0741f5953f8a4f094908cf2bef8f03399543fae079918501481ed2baa62f6e4d4c41d7aa8b8ba6858ad4f76dc7e0b0cf50e8a1931c209c6aaf4a5e8080389ad930"}]}, 0x3aa) [ 3532.734820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:41:24 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:41:24 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 12) 00:41:24 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 32) 00:41:24 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, 0x0) 00:41:24 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34) 00:41:24 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 18) 00:41:24 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34) [ 3532.781497] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3532.792564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3532.814611] loop0: detected capacity change from 0 to 512 00:41:24 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 19) 00:41:24 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35) [ 3533.030810] FAULT_INJECTION: forcing a failure. [ 3533.030810] name failslab, interval 1, probability 0, space 0, times 0 [ 3533.032407] CPU: 1 PID: 19837 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3533.033427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3533.034481] Call Trace: [ 3533.034808] [ 3533.035203] dump_stack_lvl+0xc1/0xf0 [ 3533.035727] should_fail_ex+0x4b4/0x5b0 [ 3533.036249] ? copy_process+0x20e8/0x7320 [ 3533.036793] should_failslab+0x9/0x20 [ 3533.037292] kmem_cache_alloc+0x61/0x390 [ 3533.037835] copy_process+0x20e8/0x7320 [ 3533.038360] ? lock_acquire+0x19a/0x4c0 [ 3533.038900] ? __pfx_copy_process+0x10/0x10 [ 3533.039471] ? _copy_from_user+0x5c/0xf0 [ 3533.040002] kernel_clone+0xeb/0x810 [ 3533.040493] ? ksys_write+0x122/0x250 [ 3533.040979] ? __pfx_kernel_clone+0x10/0x10 [ 3533.041545] ? lock_is_held_type+0x9f/0x120 [ 3533.042121] __do_sys_clone3+0x1d5/0x250 [ 3533.042648] ? __pfx___do_sys_clone3+0x10/0x10 [ 3533.043271] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.044021] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.044762] ? fput+0x2f/0x1a0 [ 3533.045199] ? __pfx_ksys_write+0x10/0x10 [ 3533.045730] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3533.046425] ? syscall_enter_from_user_mode+0x21/0x50 [ 3533.047090] do_syscall_64+0x3f/0x90 [ 3533.047589] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3533.048235] RIP: 0033:0x7f418241bb19 [ 3533.048701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3533.050896] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3533.051826] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3533.052686] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3533.053553] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3533.054428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3533.055296] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3533.056190] 00:41:24 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:41:24 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 13) [ 3533.120618] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3533.133143] FAULT_INJECTION: forcing a failure. [ 3533.133143] name failslab, interval 1, probability 0, space 0, times 0 [ 3533.134626] CPU: 0 PID: 19841 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3533.135610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3533.136583] Call Trace: [ 3533.136904] [ 3533.137201] dump_stack_lvl+0xc1/0xf0 [ 3533.137702] should_fail_ex+0x4b4/0x5b0 [ 3533.138249] ? __proc_create+0x2b3/0x8b0 [ 3533.138749] should_failslab+0x9/0x20 [ 3533.139224] kmem_cache_alloc+0x61/0x390 [ 3533.139742] __proc_create+0x2b3/0x8b0 [ 3533.140239] ? __pfx___proc_create+0x10/0x10 [ 3533.140794] ? mark_held_locks+0x9e/0xe0 [ 3533.141315] _proc_mkdir+0xb2/0x200 [ 3533.141770] ? __pfx__proc_mkdir+0x10/0x10 [ 3533.142312] ? kmem_cache_alloc+0x328/0x390 [ 3533.142859] ? __pfx_netfilter_net_init+0x10/0x10 [ 3533.143587] netfilter_net_init+0x215/0x300 [ 3533.144130] ops_init+0xbb/0x6b0 [ 3533.144588] setup_net+0x3d9/0x990 [ 3533.145050] ? down_read_killable+0x1d7/0x4e0 [ 3533.145629] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3533.146283] ? __pfx_setup_net+0x10/0x10 [ 3533.146822] copy_net_ns+0x321/0x770 [ 3533.147298] create_new_namespaces+0x3f6/0xb30 [ 3533.147898] copy_namespaces+0x414/0x500 [ 3533.148431] copy_process+0x2b78/0x7320 [ 3533.148947] ? lock_acquire+0x19a/0x4c0 [ 3533.149470] ? __pfx_copy_process+0x10/0x10 [ 3533.150044] ? _copy_from_user+0x5c/0xf0 [ 3533.150567] kernel_clone+0xeb/0x810 [ 3533.151045] ? ksys_write+0x122/0x250 [ 3533.151528] ? __pfx_kernel_clone+0x10/0x10 [ 3533.152085] ? lock_is_held_type+0x9f/0x120 [ 3533.152645] __do_sys_clone3+0x1d5/0x250 [ 3533.153164] ? __pfx___do_sys_clone3+0x10/0x10 [ 3533.153773] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.154508] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.155230] ? fput+0x2f/0x1a0 [ 3533.155662] ? __pfx_ksys_write+0x10/0x10 [ 3533.156185] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3533.156832] ? syscall_enter_from_user_mode+0x21/0x50 [ 3533.157532] do_syscall_64+0x3f/0x90 [ 3533.158012] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3533.158650] RIP: 0033:0x7f729f431b19 [ 3533.159115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3533.161234] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3533.162143] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3533.162988] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3533.163840] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3533.164681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3533.165649] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3533.166651] [ 3533.167132] cannot create netfilter proc entry [ 3533.185867] FAULT_INJECTION: forcing a failure. [ 3533.185867] name failslab, interval 1, probability 0, space 0, times 0 [ 3533.187925] CPU: 1 PID: 19846 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3533.188914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3533.189899] Call Trace: [ 3533.190223] [ 3533.190513] dump_stack_lvl+0xc1/0xf0 [ 3533.191026] should_fail_ex+0x4b4/0x5b0 [ 3533.191549] ? security_file_alloc+0x38/0x170 [ 3533.192136] should_failslab+0x9/0x20 [ 3533.192626] kmem_cache_alloc+0x61/0x390 [ 3533.193166] security_file_alloc+0x38/0x170 [ 3533.193713] ? kmem_cache_alloc+0x328/0x390 [ 3533.194291] init_file+0x99/0x250 [ 3533.194761] alloc_empty_file+0x94/0x1e0 [ 3533.195293] alloc_file+0x5e/0x800 [ 3533.195778] alloc_file_pseudo+0x16e/0x260 [ 3533.196318] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 3533.196915] ? do_raw_spin_unlock+0x53/0x220 [ 3533.197474] ? _raw_spin_unlock+0x1e/0x40 [ 3533.198007] ? alloc_fd+0x2eb/0x760 [ 3533.198490] sock_alloc_file+0x53/0x1e0 [ 3533.199007] __sys_socket+0x1ac/0x250 [ 3533.199492] ? __pfx___sys_socket+0x10/0x10 [ 3533.200028] ? ksys_write+0x19e/0x250 [ 3533.200507] ? __pfx_ksys_write+0x10/0x10 [ 3533.201028] __x64_sys_socket+0x73/0xb0 [ 3533.201525] ? syscall_enter_from_user_mode+0x21/0x50 [ 3533.202188] do_syscall_64+0x3f/0x90 [ 3533.202675] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3533.203307] RIP: 0033:0x7fcba4fd3197 [ 3533.203762] Code: f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3533.205871] RSP: 002b:00007fcba25460c8 EFLAGS: 00000287 ORIG_RAX: 0000000000000029 [ 3533.206778] RAX: ffffffffffffffda RBX: 00007fcba50e4f60 RCX: 00007fcba4fd3197 [ 3533.207625] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 3533.208468] RBP: 00007fcba25471d0 R08: 0000000000000000 R09: 0000000000000000 [ 3533.209311] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000002 [ 3533.210161] R13: 0000000000000000 R14: 00000000200000c0 R15: 0000000000022000 [ 3533.211023] 00:41:24 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 20) 00:41:24 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 33) 00:41:24 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35) 00:41:24 executing program 1: ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={r0, 0x3, 0xffffffffffffffff, 0x100}) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7"], 0x1a) [ 3533.335638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:41:24 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36) [ 3533.358860] FAULT_INJECTION: forcing a failure. [ 3533.358860] name failslab, interval 1, probability 0, space 0, times 0 [ 3533.360592] CPU: 1 PID: 19852 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3533.361583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3533.362603] Call Trace: [ 3533.362927] [ 3533.363225] dump_stack_lvl+0xc1/0xf0 [ 3533.363743] should_fail_ex+0x4b4/0x5b0 [ 3533.364274] ? __proc_create+0x2b3/0x8b0 [ 3533.364782] should_failslab+0x9/0x20 [ 3533.365274] kmem_cache_alloc+0x61/0x390 [ 3533.365832] __proc_create+0x2b3/0x8b0 [ 3533.366328] ? __pfx___proc_create+0x10/0x10 [ 3533.366892] ? mark_held_locks+0x9e/0xe0 [ 3533.367429] _proc_mkdir+0xb2/0x200 [ 3533.367907] ? __pfx__proc_mkdir+0x10/0x10 [ 3533.368436] ? kmem_cache_alloc+0x328/0x390 [ 3533.369000] ? __pfx_netfilter_net_init+0x10/0x10 [ 3533.369613] netfilter_net_init+0x215/0x300 [ 3533.370194] ops_init+0xbb/0x6b0 [ 3533.370658] setup_net+0x3d9/0x990 [ 3533.371135] ? down_read_killable+0x1d7/0x4e0 [ 3533.371723] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3533.372350] ? __pfx_setup_net+0x10/0x10 [ 3533.372887] copy_net_ns+0x321/0x770 [ 3533.373384] create_new_namespaces+0x3f6/0xb30 [ 3533.373997] copy_namespaces+0x414/0x500 [ 3533.374528] copy_process+0x2b78/0x7320 [ 3533.375057] ? lock_acquire+0x19a/0x4c0 [ 3533.375583] ? __pfx_copy_process+0x10/0x10 [ 3533.376149] ? _copy_from_user+0x5c/0xf0 [ 3533.376679] kernel_clone+0xeb/0x810 [ 3533.377167] ? ksys_write+0x122/0x250 [ 3533.377661] ? __pfx_kernel_clone+0x10/0x10 [ 3533.378235] ? lock_is_held_type+0x9f/0x120 [ 3533.378807] __do_sys_clone3+0x1d5/0x250 [ 3533.379353] ? __pfx___do_sys_clone3+0x10/0x10 [ 3533.379983] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.380745] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.381497] ? fput+0x2f/0x1a0 [ 3533.381959] ? __pfx_ksys_write+0x10/0x10 [ 3533.382498] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3533.383183] ? syscall_enter_from_user_mode+0x21/0x50 [ 3533.383839] do_syscall_64+0x3f/0x90 [ 3533.384341] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3533.384993] RIP: 0033:0x7f89ec184b19 [ 3533.385469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3533.387676] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3533.388605] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3533.389486] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3533.390363] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3533.391242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3533.392119] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3533.393021] [ 3533.393693] cannot create netfilter proc entry [ 3533.397710] FAULT_INJECTION: forcing a failure. [ 3533.397710] name failslab, interval 1, probability 0, space 0, times 0 [ 3533.400397] CPU: 1 PID: 19851 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3533.401412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3533.402430] Call Trace: [ 3533.402769] [ 3533.403069] dump_stack_lvl+0xc1/0xf0 [ 3533.403593] should_fail_ex+0x4b4/0x5b0 [ 3533.404109] ? __proc_create+0x2b3/0x8b0 [ 3533.404617] should_failslab+0x9/0x20 [ 3533.405109] kmem_cache_alloc+0x61/0x390 [ 3533.405641] __proc_create+0x2b3/0x8b0 [ 3533.406155] ? __pfx___proc_create+0x10/0x10 [ 3533.406731] ? mark_held_locks+0x9e/0xe0 [ 3533.407265] _proc_mkdir+0xb2/0x200 [ 3533.407730] ? __pfx__proc_mkdir+0x10/0x10 [ 3533.408259] ? kmem_cache_alloc+0x328/0x390 [ 3533.408816] ? __pfx_proc_net_ns_init+0x10/0x10 [ 3533.409414] proc_net_ns_init+0x265/0x410 [ 3533.409958] ops_init+0xbb/0x6b0 [ 3533.410429] setup_net+0x3d9/0x990 [ 3533.410897] ? down_read_killable+0x1d7/0x4e0 [ 3533.411490] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3533.412118] ? __pfx_setup_net+0x10/0x10 [ 3533.412669] copy_net_ns+0x321/0x770 [ 3533.413188] create_new_namespaces+0x3f6/0xb30 [ 3533.413802] copy_namespaces+0x414/0x500 [ 3533.414384] copy_process+0x2b78/0x7320 [ 3533.414909] ? lock_acquire+0x19a/0x4c0 [ 3533.415449] ? __pfx_copy_process+0x10/0x10 [ 3533.416036] ? _copy_from_user+0x5c/0xf0 [ 3533.416575] kernel_clone+0xeb/0x810 [ 3533.417072] ? ksys_write+0x122/0x250 [ 3533.417567] ? __pfx_kernel_clone+0x10/0x10 [ 3533.418162] ? lock_is_held_type+0x9f/0x120 [ 3533.418755] __do_sys_clone3+0x1d5/0x250 [ 3533.419298] ? __pfx___do_sys_clone3+0x10/0x10 [ 3533.419932] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.420693] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.421445] ? fput+0x2f/0x1a0 [ 3533.421897] ? __pfx_ksys_write+0x10/0x10 [ 3533.422448] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3533.423120] ? syscall_enter_from_user_mode+0x21/0x50 [ 3533.423793] do_syscall_64+0x3f/0x90 [ 3533.424299] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3533.424950] RIP: 0033:0x7fefd8f24b19 [ 3533.425425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3533.427675] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3533.428603] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3533.429486] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3533.430375] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3533.431258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3533.432153] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3533.433066] 00:41:25 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:41:25 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 21) 00:41:25 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 34) [ 3533.648336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3533.648835] FAULT_INJECTION: forcing a failure. [ 3533.648835] name failslab, interval 1, probability 0, space 0, times 0 [ 3533.651505] CPU: 0 PID: 19862 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3533.652500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3533.653482] Call Trace: [ 3533.653831] [ 3533.654130] dump_stack_lvl+0xc1/0xf0 [ 3533.654643] should_fail_ex+0x4b4/0x5b0 [ 3533.655160] ? copy_process+0x2267/0x7320 [ 3533.655709] should_failslab+0x9/0x20 [ 3533.656198] kmem_cache_alloc+0x61/0x390 [ 3533.656727] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3533.657393] copy_process+0x2267/0x7320 [ 3533.657938] ? lock_acquire+0x19a/0x4c0 [ 3533.658470] ? __pfx_copy_process+0x10/0x10 [ 3533.659053] ? _copy_from_user+0x5c/0xf0 [ 3533.659586] kernel_clone+0xeb/0x810 [ 3533.660082] ? ksys_write+0x122/0x250 [ 3533.660574] ? __pfx_kernel_clone+0x10/0x10 [ 3533.661153] ? lock_is_held_type+0x9f/0x120 [ 3533.661732] __do_sys_clone3+0x1d5/0x250 [ 3533.662290] ? __pfx___do_sys_clone3+0x10/0x10 [ 3533.662911] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.663662] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3533.664393] ? fput+0x2f/0x1a0 [ 3533.664834] ? __pfx_ksys_write+0x10/0x10 [ 3533.665367] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3533.666048] ? syscall_enter_from_user_mode+0x21/0x50 [ 3533.666733] do_syscall_64+0x3f/0x90 [ 3533.667237] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3533.667886] RIP: 0033:0x7f418241bb19 [ 3533.668360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3533.670487] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3533.671405] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3533.672255] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3533.673109] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3533.673982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3533.674855] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3533.675769] 00:41:37 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 35) 00:41:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) (fail_nth: 1) 00:41:37 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 22) 00:41:37 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 14) 00:41:37 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37) 00:41:37 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36) 00:41:37 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000180)=ANY=[@ANYBLOB="ff105c1e52fc5c41a0a7303fc504e73d27c7a3e979544524f9a88cccc47e0a80fbbfe2cfcf5b00783187213bfd1e90e046eb0b182dff9904391f847fd7440e12cae877f9afb75a03c860fa88230e66bddcd97a9e07ce110fd93afe403452f9fdd795e9a2e9a50b5859cd6e2e3a84462cfd776fb3a9248afc23a222694c370176a89cd03f15cea49bbff076ef2084d219d8796d78227beccdf455a778f2b342127ea46e0114e2f6a11065c33d2cf5bcf0aa53b582d9791778b6c6f9f971f91365"], 0x1a) 00:41:37 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1) [ 3546.126718] FAULT_INJECTION: forcing a failure. [ 3546.126718] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.127824] CPU: 1 PID: 19885 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.128412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.128992] Call Trace: [ 3546.129183] [ 3546.129353] dump_stack_lvl+0xc1/0xf0 [ 3546.129653] should_fail_ex+0x4b4/0x5b0 [ 3546.129959] ? __proc_create+0x2b3/0x8b0 [ 3546.130262] should_failslab+0x9/0x20 [ 3546.130553] kmem_cache_alloc+0x61/0x390 [ 3546.130858] __proc_create+0x2b3/0x8b0 [ 3546.131158] ? __pfx___proc_create+0x10/0x10 [ 3546.131486] ? mark_held_locks+0x9e/0xe0 [ 3546.131786] _proc_mkdir+0xb2/0x200 [ 3546.132057] ? __pfx__proc_mkdir+0x10/0x10 [ 3546.132345] ? kmem_cache_alloc+0x328/0x390 [ 3546.132676] ? __pfx_netfilter_net_init+0x10/0x10 [ 3546.133042] netfilter_net_init+0x215/0x300 [ 3546.133348] ops_init+0xbb/0x6b0 [ 3546.133612] setup_net+0x3d9/0x990 [ 3546.133882] ? down_read_killable+0x1d7/0x4e0 [ 3546.134227] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3546.134582] ? __pfx_setup_net+0x10/0x10 [ 3546.134888] copy_net_ns+0x321/0x770 [ 3546.135173] create_new_namespaces+0x3f6/0xb30 [ 3546.135501] copy_namespaces+0x414/0x500 [ 3546.135804] copy_process+0x2b78/0x7320 [ 3546.136107] ? lock_acquire+0x19a/0x4c0 [ 3546.136408] ? __pfx_copy_process+0x10/0x10 [ 3546.136740] ? _copy_from_user+0x5c/0xf0 [ 3546.137046] kernel_clone+0xeb/0x810 [ 3546.137332] ? ksys_write+0x122/0x250 [ 3546.137611] ? __pfx_kernel_clone+0x10/0x10 [ 3546.137925] ? lock_is_held_type+0x9f/0x120 [ 3546.138270] __do_sys_clone3+0x1d5/0x250 [ 3546.138570] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.138926] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.139348] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.139769] ? fput+0x2f/0x1a0 [ 3546.140022] ? __pfx_ksys_write+0x10/0x10 [ 3546.140330] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.140705] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.141086] do_syscall_64+0x3f/0x90 [ 3546.141359] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.141743] RIP: 0033:0x7fefd8f24b19 [ 3546.141978] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3546.142000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.144261] FAULT_INJECTION: forcing a failure. [ 3546.144261] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.144427] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.144444] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3546.144456] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.144467] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.147891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3546.148349] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3546.148875] [ 3546.149054] CPU: 0 PID: 19890 Comm: syz-executor.0 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.149191] cannot create netfilter proc entry [ 3546.150168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.150187] Call Trace: [ 3546.150196] [ 3546.150207] dump_stack_lvl+0xc1/0xf0 [ 3546.151618] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3546.151944] should_fail_ex+0x4b4/0x5b0 [ 3546.154320] ? __do_sys_memfd_create+0x17d/0xa20 [ 3546.154985] should_failslab+0x9/0x20 [ 3546.155506] __kmem_cache_alloc_node+0x66/0x310 [ 3546.156170] ? __do_sys_memfd_create+0x17d/0xa20 [ 3546.156836] ? __pfx___schedule+0x10/0x10 [ 3546.157406] ? __do_sys_memfd_create+0x17d/0xa20 [ 3546.158074] __kmalloc+0x4d/0x160 [ 3546.158572] __do_sys_memfd_create+0x17d/0xa20 [ 3546.159192] ? fput+0x2f/0x1a0 [ 3546.159661] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 3546.160329] ? ksys_write+0x19e/0x250 [ 3546.160871] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.161581] do_syscall_64+0x3f/0x90 [ 3546.162126] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.162863] RIP: 0033:0x7f913ca5db19 [ 3546.163361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.165858] RSP: 002b:00007f9139fd2f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 3546.166883] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f913ca5db19 [ 3546.167881] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f913cab70fb [ 3546.168869] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 3546.169870] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 3546.170872] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012800 [ 3546.171878] [ 3546.215730] FAULT_INJECTION: forcing a failure. [ 3546.215730] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3546.216625] CPU: 1 PID: 19886 Comm: syz-executor.6 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.217159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.217691] Call Trace: [ 3546.217865] [ 3546.218042] dump_stack_lvl+0xc1/0xf0 [ 3546.218325] should_fail_ex+0x4b4/0x5b0 [ 3546.218601] _copy_from_user+0x30/0xf0 [ 3546.218878] copy_clone_args_from_user+0x147/0x780 [ 3546.219220] ? ksys_write+0x122/0x250 [ 3546.219484] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 3546.219855] ? ksys_write+0x20f/0x250 [ 3546.220116] ? lock_release+0x1e3/0x680 [ 3546.220391] ? __pfx_lock_release+0x10/0x10 [ 3546.220688] ? lock_is_held_type+0x9f/0x120 [ 3546.220997] __do_sys_clone3+0x8f/0x250 [ 3546.221280] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.221604] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3546.221950] ? perf_trace_run_bpf_submit+0xf3/0x190 [ 3546.222307] ? perf_trace_preemptirq_template+0x252/0x420 [ 3546.222686] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.223097] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.223500] ? fput+0x2f/0x1a0 [ 3546.223750] ? __pfx_ksys_write+0x10/0x10 [ 3546.224039] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.224397] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.224763] do_syscall_64+0x3f/0x90 [ 3546.225044] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.225390] RIP: 0033:0x7fb5d476db19 [ 3546.225647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.226821] RSP: 002b:00007fb5d1ce3188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.227321] RAX: ffffffffffffffda RBX: 00007fb5d4880f60 RCX: 00007fb5d476db19 [ 3546.227789] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.228273] RBP: 00007fb5d1ce31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.228765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3546.229250] R13: 00007ffe0bc23a6f R14: 00007fb5d1ce3300 R15: 0000000000022000 [ 3546.229755] [ 3546.240570] FAULT_INJECTION: forcing a failure. [ 3546.240570] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.242207] CPU: 0 PID: 19889 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.243266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.244319] Call Trace: [ 3546.244667] [ 3546.244982] dump_stack_lvl+0xc1/0xf0 [ 3546.245523] should_fail_ex+0x4b4/0x5b0 [ 3546.246079] ? __proc_create+0x2b3/0x8b0 [ 3546.246626] should_failslab+0x9/0x20 [ 3546.247144] kmem_cache_alloc+0x61/0x390 [ 3546.247706] __proc_create+0x2b3/0x8b0 [ 3546.248230] ? __pfx___proc_create+0x10/0x10 [ 3546.248841] proc_create_reg+0xb6/0x180 [ 3546.249384] proc_create_net_data+0x90/0x1c0 [ 3546.250013] ? __pfx_proc_create_net_data+0x10/0x10 [ 3546.250745] ? __pfx__proc_mkdir+0x10/0x10 [ 3546.251360] ? __pfx_nf_log_net_init+0x10/0x10 [ 3546.252040] nf_log_net_init+0x6a/0x370 [ 3546.252647] ? __pfx_nf_log_net_init+0x10/0x10 [ 3546.253331] ops_init+0xbb/0x6b0 [ 3546.253863] setup_net+0x3d9/0x990 [ 3546.254414] ? down_read_killable+0x1d7/0x4e0 [ 3546.255095] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3546.255825] ? __pfx_setup_net+0x10/0x10 [ 3546.256454] copy_net_ns+0x321/0x770 [ 3546.257030] create_new_namespaces+0x3f6/0xb30 [ 3546.257725] copy_namespaces+0x414/0x500 [ 3546.258372] copy_process+0x2b78/0x7320 [ 3546.258973] ? lock_acquire+0x19a/0x4c0 [ 3546.259585] ? __pfx_copy_process+0x10/0x10 [ 3546.260246] ? _copy_from_user+0x5c/0xf0 [ 3546.260859] kernel_clone+0xeb/0x810 [ 3546.261423] ? ksys_write+0x122/0x250 [ 3546.261989] ? __pfx_kernel_clone+0x10/0x10 [ 3546.262650] ? lock_is_held_type+0x9f/0x120 [ 3546.263302] __do_sys_clone3+0x1d5/0x250 [ 3546.263912] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.264614] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.265473] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.266281] ? fput+0x2f/0x1a0 [ 3546.266736] ? __pfx_ksys_write+0x10/0x10 [ 3546.267301] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.267997] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.268689] do_syscall_64+0x3f/0x90 [ 3546.269212] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.269898] RIP: 0033:0x7f729f431b19 [ 3546.270412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.272721] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.273706] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3546.274633] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.275549] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.276465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3546.277378] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3546.278325] 00:41:37 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 23) 00:41:37 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 36) 00:41:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) (fail_nth: 2) [ 3546.310252] loop0: detected capacity change from 0 to 512 00:41:37 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37) [ 3546.318809] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3546.319475] EXT4-fs (loop0): group descriptors corrupted! 00:41:37 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 2) 00:41:37 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) (fail_nth: 3) 00:41:37 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38) [ 3546.380525] FAULT_INJECTION: forcing a failure. [ 3546.380525] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.381568] CPU: 1 PID: 19898 Comm: syz-executor.6 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.382124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.382661] Call Trace: [ 3546.382839] [ 3546.382997] dump_stack_lvl+0xc1/0xf0 [ 3546.383285] should_fail_ex+0x4b4/0x5b0 [ 3546.383559] ? copy_process+0x3c2/0x7320 [ 3546.383839] should_failslab+0x9/0x20 [ 3546.384101] kmem_cache_alloc_node+0x65/0x3b0 [ 3546.384418] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.384789] copy_process+0x3c2/0x7320 [ 3546.385059] ? lock_acquire+0x19a/0x4c0 [ 3546.385329] ? find_held_lock+0x2c/0x110 [ 3546.385609] ? __might_fault+0xe2/0x190 [ 3546.385897] ? lock_release+0x1e3/0x680 [ 3546.386196] ? __pfx_copy_process+0x10/0x10 [ 3546.386509] ? _copy_from_user+0x5c/0xf0 [ 3546.386788] kernel_clone+0xeb/0x810 [ 3546.387053] ? ksys_write+0x122/0x250 [ 3546.387321] ? __pfx_kernel_clone+0x10/0x10 [ 3546.387624] ? lock_is_held_type+0x9f/0x120 [ 3546.387925] __do_sys_clone3+0x1d5/0x250 [ 3546.388219] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.388546] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.388948] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.389342] ? fput+0x2f/0x1a0 [ 3546.389573] ? __pfx_ksys_write+0x10/0x10 [ 3546.389855] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.390233] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.390611] do_syscall_64+0x3f/0x90 [ 3546.390896] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.391266] RIP: 0033:0x7fb5d476db19 [ 3546.391528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.392786] RSP: 002b:00007fb5d1ce3188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.393317] RAX: ffffffffffffffda RBX: 00007fb5d4880f60 RCX: 00007fb5d476db19 [ 3546.393816] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.394331] RBP: 00007fb5d1ce31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.394828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3546.395327] R13: 00007ffe0bc23a6f R14: 00007fb5d1ce3300 R15: 0000000000022000 [ 3546.395841] [ 3546.414039] FAULT_INJECTION: forcing a failure. [ 3546.414039] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3546.415607] CPU: 0 PID: 19908 Comm: syz-executor.0 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.416656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.417700] Call Trace: [ 3546.418055] [ 3546.418367] dump_stack_lvl+0xc1/0xf0 [ 3546.418905] should_fail_ex+0x4b4/0x5b0 [ 3546.419448] _copy_from_user+0x30/0xf0 [ 3546.419981] __do_sys_memfd_create+0x2ca/0xa20 [ 3546.420582] ? fput+0x2f/0x1a0 [ 3546.421042] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 3546.421701] ? ksys_write+0x19e/0x250 [ 3546.422235] ? __pfx_ksys_write+0x10/0x10 [ 3546.422789] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.423499] do_syscall_64+0x3f/0x90 [ 3546.424031] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.424715] RIP: 0033:0x7f913ca5db19 [ 3546.425209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.427569] RSP: 002b:00007f9139fd2f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 3546.428583] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f913ca5db19 [ 3546.429523] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f913cab70fb [ 3546.430479] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 3546.431407] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 3546.432350] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012800 [ 3546.433310] [ 3546.444072] FAULT_INJECTION: forcing a failure. [ 3546.444072] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.445824] CPU: 0 PID: 19903 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.446898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.447940] Call Trace: [ 3546.448291] [ 3546.448600] dump_stack_lvl+0xc1/0xf0 [ 3546.449133] should_fail_ex+0x4b4/0x5b0 [ 3546.449667] ? __proc_create+0x2b3/0x8b0 [ 3546.450229] should_failslab+0x9/0x20 [ 3546.450743] kmem_cache_alloc+0x61/0x390 [ 3546.451302] __proc_create+0x2b3/0x8b0 [ 3546.451836] ? __pfx___proc_create+0x10/0x10 [ 3546.452443] proc_create_reg+0xb6/0x180 [ 3546.452986] proc_create_net_data+0x90/0x1c0 [ 3546.453596] ? __pfx_proc_create_net_data+0x10/0x10 [ 3546.454277] ? __pfx__proc_mkdir+0x10/0x10 [ 3546.454870] ? __pfx_nf_log_net_init+0x10/0x10 [ 3546.455514] nf_log_net_init+0x6a/0x370 [ 3546.456078] ? __pfx_nf_log_net_init+0x10/0x10 [ 3546.456719] ops_init+0xbb/0x6b0 [ 3546.457230] setup_net+0x3d9/0x990 [ 3546.457728] ? down_read_killable+0x1d7/0x4e0 [ 3546.458388] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3546.459051] ? __pfx_setup_net+0x10/0x10 [ 3546.459651] copy_net_ns+0x321/0x770 [ 3546.460178] create_new_namespaces+0x3f6/0xb30 [ 3546.460840] copy_namespaces+0x414/0x500 [ 3546.461399] copy_process+0x2b78/0x7320 [ 3546.461967] ? lock_acquire+0x19a/0x4c0 [ 3546.462553] ? __pfx_copy_process+0x10/0x10 [ 3546.463178] ? _copy_from_user+0x5c/0xf0 [ 3546.463755] kernel_clone+0xeb/0x810 [ 3546.464292] ? ksys_write+0x122/0x250 [ 3546.464826] ? __pfx_kernel_clone+0x10/0x10 00:41:38 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39) [ 3546.465451] ? lock_is_held_type+0x9f/0x120 [ 3546.466196] __do_sys_clone3+0x1d5/0x250 [ 3546.466780] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.467454] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 00:41:38 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 3) [ 3546.468255] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.469076] ? fput+0x2f/0x1a0 [ 3546.469548] ? __pfx_ksys_write+0x10/0x10 [ 3546.470136] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.470853] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.471574] do_syscall_64+0x3f/0x90 [ 3546.472114] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.472812] RIP: 0033:0x7f89ec184b19 [ 3546.473302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.475652] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.476628] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3546.477533] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.478459] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.479368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3546.480267] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3546.481195] [ 3546.484922] FAULT_INJECTION: forcing a failure. [ 3546.484922] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.486667] CPU: 0 PID: 19904 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.487737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.488808] Call Trace: [ 3546.489161] [ 3546.489477] dump_stack_lvl+0xc1/0xf0 [ 3546.490038] should_fail_ex+0x4b4/0x5b0 [ 3546.490597] ? create_new_namespaces+0x30/0xb30 [ 3546.491250] should_failslab+0x9/0x20 [ 3546.491777] kmem_cache_alloc+0x61/0x390 [ 3546.492358] create_new_namespaces+0x30/0xb30 [ 3546.492996] ? security_capable+0x99/0xc0 [ 3546.493588] copy_namespaces+0x414/0x500 [ 3546.494178] copy_process+0x2b78/0x7320 [ 3546.494745] ? lock_acquire+0x19a/0x4c0 [ 3546.495320] ? __pfx_copy_process+0x10/0x10 00:41:38 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 15) [ 3546.495944] ? _copy_from_user+0x5c/0xf0 [ 3546.496567] kernel_clone+0xeb/0x810 [ 3546.497091] ? ksys_write+0x122/0x250 [ 3546.497626] ? __pfx_kernel_clone+0x10/0x10 [ 3546.498234] ? lock_is_held_type+0x9f/0x120 [ 3546.498852] __do_sys_clone3+0x1d5/0x250 [ 3546.499413] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.500078] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.500861] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.501682] ? fput+0x2f/0x1a0 [ 3546.502148] ? __pfx_ksys_write+0x10/0x10 [ 3546.502721] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.503417] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.504140] do_syscall_64+0x3f/0x90 [ 3546.504668] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.505374] RIP: 0033:0x7f418241bb19 [ 3546.505869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.508211] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.509221] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3546.510146] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.511054] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.512000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3546.512907] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3546.513867] [ 3546.537111] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:41:38 executing program 1: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) [ 3546.576808] FAULT_INJECTION: forcing a failure. [ 3546.576808] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3546.577896] CPU: 1 PID: 19916 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.578445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.578978] Call Trace: [ 3546.579155] [ 3546.579320] dump_stack_lvl+0xc1/0xf0 [ 3546.579606] should_fail_ex+0x4b4/0x5b0 [ 3546.579888] __should_fail_alloc_page+0xe0/0x110 [ 3546.580220] prepare_alloc_pages+0x178/0x500 [ 3546.580537] ? __pfx_lock_acquire+0x10/0x10 [ 3546.580837] __alloc_pages+0x149/0x480 [ 3546.581111] ? __pfx___alloc_pages+0x10/0x10 [ 3546.581421] ? lock_acquire+0x19a/0x4c0 [ 3546.581697] ? find_held_lock+0x2c/0x110 [ 3546.581994] ? __pfx_lock_release+0x10/0x10 [ 3546.582287] ? pte_offset_map_nolock+0x129/0x1e0 [ 3546.582627] vma_alloc_folio+0xe2/0x480 [ 3546.582903] __handle_mm_fault+0xe84/0x2cb0 [ 3546.583201] ? __pfx___handle_mm_fault+0x10/0x10 [ 3546.583525] ? mas_walk+0x5c7/0x7c0 [ 3546.583782] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 3546.584103] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.584513] handle_mm_fault+0x2c1/0xbc0 [ 3546.584796] ? access_error+0x15e/0x320 [ 3546.585070] do_user_addr_fault+0x382/0x1490 [ 3546.585379] exc_page_fault+0x9c/0x1a0 [ 3546.585650] asm_exc_page_fault+0x26/0x30 [ 3546.585934] RIP: 0033:0x7fcba4f84879 [ 3546.586202] Code: b8 2c 00 00 00 0f 05 48 3d 00 f0 ff ff 77 72 c3 90 55 48 83 ec 30 44 89 4c 24 2c 4c 89 44 24 20 48 89 54 24 18 48 89 74 24 10 <89> 7c 24 08 89 4c 24 28 e8 fa fa ff ff 44 8b 4c 24 2c 4c 8b 44 24 [ 3546.587442] RSP: 002b:00007fcba2545ff0 EFLAGS: 00010206 [ 3546.587818] RAX: 0000000000000001 RBX: 00007fcba25460f0 RCX: 0000000000000000 [ 3546.588315] RDX: 0000000000000028 RSI: 00007fcba2546140 RDI: 0000000000000004 [ 3546.588821] RBP: 0000000000000001 R08: 00007fcba2546044 R09: 000000000000000c [ 3546.589323] R10: 0000000000000000 R11: 00007fcba502b72b R12: 00007fcba2546098 [ 3546.589823] R13: 00007fcba2546140 R14: 0000000000000004 R15: 0000000000000000 [ 3546.590344] [ 3546.590684] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 3546.608632] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3546.616011] FAULT_INJECTION: forcing a failure. [ 3546.616011] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.617604] CPU: 0 PID: 19915 Comm: syz-executor.3 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.618694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.619737] Call Trace: [ 3546.620087] [ 3546.620396] dump_stack_lvl+0xc1/0xf0 [ 3546.620940] should_fail_ex+0x4b4/0x5b0 [ 3546.621484] should_failslab+0x9/0x20 [ 3546.622047] __kmem_cache_alloc_node+0x66/0x310 [ 3546.622700] ? nf_log_net_init+0xa0/0x370 [ 3546.623287] ? proc_create_net_data+0x151/0x1c0 [ 3546.623931] ? nf_log_net_init+0xa0/0x370 [ 3546.624516] __kmalloc_node_track_caller+0x4e/0x160 [ 3546.625205] ? __pfx_nf_log_net_init+0x10/0x10 [ 3546.625842] kmemdup+0x2c/0x60 [ 3546.626342] nf_log_net_init+0xa0/0x370 [ 3546.626913] ? __pfx_nf_log_net_init+0x10/0x10 [ 3546.627556] ops_init+0xbb/0x6b0 [ 3546.628069] setup_net+0x3d9/0x990 [ 3546.628587] ? down_read_killable+0x1d7/0x4e0 [ 3546.629228] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3546.629920] ? __pfx_setup_net+0x10/0x10 [ 3546.630544] copy_net_ns+0x321/0x770 [ 3546.631103] create_new_namespaces+0x3f6/0xb30 [ 3546.631767] copy_namespaces+0x414/0x500 [ 3546.632363] copy_process+0x2b78/0x7320 [ 3546.632936] ? lock_acquire+0x19a/0x4c0 [ 3546.633531] ? __pfx_copy_process+0x10/0x10 [ 3546.634182] ? _copy_from_user+0x5c/0xf0 [ 3546.634762] kernel_clone+0xeb/0x810 [ 3546.635296] ? ksys_write+0x122/0x250 [ 3546.635834] ? __pfx_kernel_clone+0x10/0x10 [ 3546.636464] ? lock_is_held_type+0x9f/0x120 [ 3546.637093] __do_sys_clone3+0x1d5/0x250 [ 3546.637670] ? __pfx___do_sys_clone3+0x10/0x10 [ 3546.638372] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.639181] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3546.639983] ? fput+0x2f/0x1a0 [ 3546.640463] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.641182] ? syscall_enter_from_user_mode+0x21/0x50 [ 3546.641902] do_syscall_64+0x3f/0x90 [ 3546.642480] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.643201] RIP: 0033:0x7f729f431b19 [ 3546.643719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.646070] RSP: 002b:00007f729c9a7188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3546.647055] RAX: ffffffffffffffda RBX: 00007f729f544f60 RCX: 00007f729f431b19 [ 3546.647990] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3546.648916] RBP: 00007f729c9a71d0 R08: 0000000000000000 R09: 0000000000000000 [ 3546.649842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3546.650790] R13: 00007ffe00c6649f R14: 00007f729c9a7300 R15: 0000000000022000 [ 3546.651734] 00:41:38 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) (fail_nth: 4) 00:41:38 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 24) [ 3546.762775] FAULT_INJECTION: forcing a failure. [ 3546.762775] name failslab, interval 1, probability 0, space 0, times 0 [ 3546.764302] CPU: 0 PID: 19923 Comm: syz-executor.0 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3546.765368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3546.766430] Call Trace: [ 3546.766773] [ 3546.767083] dump_stack_lvl+0xc1/0xf0 [ 3546.767617] should_fail_ex+0x4b4/0x5b0 [ 3546.768159] should_failslab+0x9/0x20 [ 3546.768679] kmem_cache_alloc_lru+0x7a/0x680 [ 3546.769275] ? find_held_lock+0x2c/0x110 [ 3546.769840] ? shmem_alloc_inode+0x27/0x50 [ 3546.770410] ? alloc_fd+0x2eb/0x760 [ 3546.770929] ? shmem_alloc_inode+0x27/0x50 [ 3546.771491] shmem_alloc_inode+0x27/0x50 [ 3546.772029] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 3546.772657] alloc_inode+0x63/0x240 [ 3546.773167] new_inode+0x25/0x1f0 [ 3546.773662] shmem_get_inode+0x183/0xe00 [ 3546.774243] ? do_raw_spin_unlock+0x53/0x220 [ 3546.774868] __shmem_file_setup+0x171/0x300 [ 3546.775465] __do_sys_memfd_create+0x385/0xa20 [ 3546.776099] ? fput+0x2f/0x1a0 [ 3546.776568] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 3546.777257] ? ksys_write+0x19e/0x250 [ 3546.777785] ? __pfx_ksys_write+0x10/0x10 [ 3546.778362] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3546.779084] do_syscall_64+0x3f/0x90 [ 3546.779623] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3546.780326] RIP: 0033:0x7f913ca5db19 [ 3546.780832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3546.783203] RSP: 002b:00007f9139fd2f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 3546.784223] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f913ca5db19 [ 3546.785180] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f913cab70fb [ 3546.786124] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 3546.787056] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 3546.787995] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012800 [ 3546.788956] [ 3559.624102] FAULT_INJECTION: forcing a failure. [ 3559.624102] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3559.624977] CPU: 1 PID: 19936 Comm: syz-executor.7 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.625540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.626092] Call Trace: [ 3559.626280] [ 3559.626453] dump_stack_lvl+0xc1/0xf0 [ 3559.626737] should_fail_ex+0x4b4/0x5b0 [ 3559.627018] _copy_from_user+0x30/0xf0 [ 3559.627294] move_addr_to_kernel.part.0+0x31/0x110 [ 3559.627634] __sys_sendto+0x18f/0x360 [ 3559.627905] ? __pfx___sys_sendto+0x10/0x10 [ 3559.628210] ? reacquire_held_locks+0x22f/0x4e0 [ 3559.628532] ? do_user_addr_fault+0x83b/0x1490 [ 3559.628853] ? find_held_lock+0x2c/0x110 [ 3559.629142] ? do_user_addr_fault+0x8de/0x1490 [ 3559.629457] ? lock_release+0x1e3/0x680 [ 3559.629735] ? __pfx_lock_release+0x10/0x10 [ 3559.630037] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.630475] __x64_sys_sendto+0xe1/0x1c0 [ 3559.630760] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.631119] do_syscall_64+0x3f/0x90 [ 3559.631394] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.631748] RIP: 0033:0x7fcba4f848ac [ 3559.632002] Code: fa fa ff ff 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 20 fb ff ff 48 8b [ 3559.633167] RSP: 002b:00007fcba2545ff0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 3559.633659] RAX: ffffffffffffffda RBX: 00007fcba25460f0 RCX: 00007fcba4f848ac [ 3559.634126] RDX: 0000000000000028 RSI: 00007fcba2546140 RDI: 0000000000000004 [ 3559.634594] RBP: 0000000000000000 R08: 00007fcba2546044 R09: 000000000000000c [ 3559.635055] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fcba2546098 [ 3559.635526] R13: 00007fcba2546140 R14: 0000000000000004 R15: 0000000000000000 [ 3559.636176] 00:41:51 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38) 00:41:51 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) (fail_nth: 16) 00:41:51 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 25) 00:41:51 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 4) 00:41:51 executing program 1: ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f0000000000)) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="a0c7"], 0x1a) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) 00:41:51 executing program 3: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 40) 00:41:51 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 37) [ 3559.653224] FAULT_INJECTION: forcing a failure. [ 3559.653224] name failslab, interval 1, probability 0, space 0, times 0 [ 3559.654104] CPU: 1 PID: 19940 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.654669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.655220] Call Trace: [ 3559.655422] [ 3559.655586] dump_stack_lvl+0xc1/0xf0 [ 3559.655864] should_fail_ex+0x4b4/0x5b0 [ 3559.656147] ? __proc_create+0x2b3/0x8b0 [ 3559.656431] should_failslab+0x9/0x20 [ 3559.656708] kmem_cache_alloc+0x61/0x390 [ 3559.657000] __proc_create+0x2b3/0x8b0 [ 3559.657273] ? __pfx___proc_create+0x10/0x10 [ 3559.657594] proc_create_reg+0xb6/0x180 [ 3559.657876] proc_create_net_data+0x90/0x1c0 [ 3559.658193] ? __pfx_proc_create_net_data+0x10/0x10 [ 3559.658538] ? __pfx__proc_mkdir+0x10/0x10 [ 3559.658839] ? __pfx_nf_log_net_init+0x10/0x10 [ 3559.659171] nf_log_net_init+0x6a/0x370 [ 3559.659467] ? __pfx_nf_log_net_init+0x10/0x10 [ 3559.659806] ops_init+0xbb/0x6b0 [ 3559.660068] setup_net+0x3d9/0x990 [ 3559.660331] ? down_read_killable+0x1d7/0x4e0 [ 3559.660666] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3559.661019] ? __pfx_setup_net+0x10/0x10 [ 3559.661315] copy_net_ns+0x321/0x770 [ 3559.661597] create_new_namespaces+0x3f6/0xb30 [ 3559.661942] copy_namespaces+0x414/0x500 [ 3559.662256] copy_process+0x2b78/0x7320 [ 3559.662558] ? lock_acquire+0x19a/0x4c0 [ 3559.662856] ? __pfx_copy_process+0x10/0x10 [ 3559.663187] ? _copy_from_user+0x5c/0xf0 [ 3559.663498] kernel_clone+0xeb/0x810 [ 3559.663785] ? ksys_write+0x122/0x250 [ 3559.664074] ? __pfx_kernel_clone+0x10/0x10 [ 3559.664407] ? lock_is_held_type+0x9f/0x120 [ 3559.664736] __do_sys_clone3+0x1d5/0x250 [ 3559.665050] ? __pfx___do_sys_clone3+0x10/0x10 [ 3559.665410] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.665819] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.666246] ? fput+0x2f/0x1a0 [ 3559.666495] ? __pfx_ksys_write+0x10/0x10 [ 3559.666796] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.667182] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.667571] do_syscall_64+0x3f/0x90 [ 3559.667851] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.668235] RIP: 0033:0x7fefd8f24b19 [ 3559.668507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.669758] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3559.670311] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3559.670810] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3559.671305] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3559.671804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3559.672298] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3559.672799] [ 3559.684598] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:41:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) (fail_nth: 5) [ 3559.693911] FAULT_INJECTION: forcing a failure. [ 3559.693911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3559.694829] CPU: 1 PID: 19938 Comm: syz-executor.6 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.695375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.695919] Call Trace: [ 3559.696098] [ 3559.696108] loop0: detected capacity change from 0 to 512 [ 3559.696254] dump_stack_lvl+0xc1/0xf0 [ 3559.696288] should_fail_ex+0x4b4/0x5b0 [ 3559.697483] __should_fail_alloc_page+0xe0/0x110 [ 3559.697818] prepare_alloc_pages+0x178/0x500 [ 3559.698144] __alloc_pages+0x149/0x480 [ 3559.698422] ? __pfx_lock_release+0x10/0x10 [ 3559.698724] ? __pfx___alloc_pages+0x10/0x10 [ 3559.699052] ? kmem_cache_alloc_node+0x345/0x3b0 [ 3559.699393] copy_process+0x456/0x7320 [ 3559.699687] ? lock_acquire+0x19a/0x4c0 [ 3559.699971] ? find_held_lock+0x2c/0x110 [ 3559.700269] ? __might_fault+0xe2/0x190 [ 3559.700568] ? lock_release+0x1e3/0x680 [ 3559.700851] ? __pfx_copy_process+0x10/0x10 [ 3559.700898] FAULT_INJECTION: forcing a failure. [ 3559.700898] name failslab, interval 1, probability 0, space 0, times 0 [ 3559.701160] ? _copy_from_user+0x5c/0xf0 [ 3559.701184] kernel_clone+0xeb/0x810 [ 3559.701210] ? ksys_write+0x122/0x250 [ 3559.701229] ? __pfx_kernel_clone+0x10/0x10 [ 3559.701262] ? lock_is_held_type+0x9f/0x120 [ 3559.701293] __do_sys_clone3+0x1d5/0x250 [ 3559.701320] ? __pfx___do_sys_clone3+0x10/0x10 [ 3559.701360] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.701386] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.701413] ? fput+0x2f/0x1a0 [ 3559.705703] ? __pfx_ksys_write+0x10/0x10 [ 3559.706006] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.706405] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.706778] do_syscall_64+0x3f/0x90 [ 3559.707059] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.707460] RIP: 0033:0x7fb5d476db19 [ 3559.707721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.708978] RSP: 002b:00007fb5d1ce3188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3559.709525] RAX: ffffffffffffffda RBX: 00007fb5d4880f60 RCX: 00007fb5d476db19 [ 3559.710014] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3559.710528] RBP: 00007fb5d1ce31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3559.711022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3559.711529] R13: 00007ffe0bc23a6f R14: 00007fb5d1ce3300 R15: 0000000000022000 [ 3559.712037] [ 3559.712386] CPU: 0 PID: 19946 Comm: syz-executor.2 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.713371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.714361] Call Trace: [ 3559.714683] [ 3559.714968] dump_stack_lvl+0xc1/0xf0 [ 3559.715469] should_fail_ex+0x4b4/0x5b0 [ 3559.715967] ? copy_net_ns+0xe2/0x770 [ 3559.716459] should_failslab+0x9/0x20 [ 3559.716934] __kmem_cache_alloc_node+0x66/0x310 [ 3559.717520] ? copy_net_ns+0xe2/0x770 [ 3559.718010] ? copy_pid_ns+0x107/0xa90 [ 3559.718558] ? copy_net_ns+0xe2/0x770 [ 3559.719046] __kmalloc+0x4d/0x160 [ 3559.719487] copy_net_ns+0xe2/0x770 [ 3559.719962] ? copy_cgroup_ns+0xa7/0x710 [ 3559.720477] create_new_namespaces+0x3f6/0xb30 [ 3559.721070] copy_namespaces+0x414/0x500 [ 3559.721601] copy_process+0x2b78/0x7320 [ 3559.722107] ? lock_acquire+0x19a/0x4c0 [ 3559.722653] ? __pfx_copy_process+0x10/0x10 [ 3559.723209] ? _copy_from_user+0x5c/0xf0 [ 3559.723728] kernel_clone+0xeb/0x810 [ 3559.724207] ? ksys_write+0x122/0x250 [ 3559.724686] ? __pfx_kernel_clone+0x10/0x10 [ 3559.725237] ? lock_is_held_type+0x9f/0x120 [ 3559.725792] __do_sys_clone3+0x1d5/0x250 [ 3559.726334] ? __pfx___do_sys_clone3+0x10/0x10 [ 3559.726938] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.727663] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.728392] ? fput+0x2f/0x1a0 [ 3559.728811] ? __pfx_ksys_write+0x10/0x10 [ 3559.729324] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.729963] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.730656] do_syscall_64+0x3f/0x90 [ 3559.731149] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.731790] RIP: 0033:0x7f418241bb19 [ 3559.732252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.734376] RSP: 002b:00007f417f991188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3559.735295] RAX: ffffffffffffffda RBX: 00007f418252ef60 RCX: 00007f418241bb19 [ 3559.736154] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3559.737007] RBP: 00007f417f9911d0 R08: 0000000000000000 R09: 0000000000000000 [ 3559.737847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3559.738729] R13: 00007ffc082160df R14: 00007f417f991300 R15: 0000000000022000 [ 3559.739610] [ 3559.747723] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)! [ 3559.748911] EXT4-fs (loop0): group descriptors corrupted! 00:41:51 executing program 7: syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, 0x0, 0x0) [ 3559.756572] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 00:41:51 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 38) 00:41:51 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 5) 00:41:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="03", 0x1, 0x800}], 0x0, &(0x7f0000012800)=ANY=[]) (fail_nth: 6) [ 3559.829951] FAULT_INJECTION: forcing a failure. [ 3559.829951] name failslab, interval 1, probability 0, space 0, times 0 [ 3559.830950] CPU: 1 PID: 19952 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.831535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.832124] Call Trace: [ 3559.832316] [ 3559.832484] dump_stack_lvl+0xc1/0xf0 [ 3559.832775] should_fail_ex+0x4b4/0x5b0 [ 3559.833083] ? __proc_create+0x2b3/0x8b0 [ 3559.833382] should_failslab+0x9/0x20 [ 3559.833673] kmem_cache_alloc+0x61/0x390 [ 3559.833983] __proc_create+0x2b3/0x8b0 [ 3559.834280] ? __pfx___proc_create+0x10/0x10 [ 3559.834620] ? mark_held_locks+0x9e/0xe0 [ 3559.834928] _proc_mkdir+0xb2/0x200 [ 3559.835201] ? __pfx__proc_mkdir+0x10/0x10 [ 3559.835515] ? kmem_cache_alloc+0x328/0x390 [ 3559.835840] ? __pfx_netfilter_net_init+0x10/0x10 [ 3559.836175] netfilter_net_init+0x215/0x300 [ 3559.836507] ops_init+0xbb/0x6b0 [ 3559.836780] setup_net+0x3d9/0x990 [ 3559.837060] ? down_read_killable+0x1d7/0x4e0 [ 3559.837404] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3559.837742] ? __pfx_setup_net+0x10/0x10 [ 3559.838059] copy_net_ns+0x321/0x770 [ 3559.838341] create_new_namespaces+0x3f6/0xb30 [ 3559.838687] copy_namespaces+0x414/0x500 [ 3559.838990] copy_process+0x2b78/0x7320 [ 3559.839294] ? lock_acquire+0x19a/0x4c0 [ 3559.839601] ? __pfx_copy_process+0x10/0x10 [ 3559.839933] ? _copy_from_user+0x5c/0xf0 [ 3559.840234] kernel_clone+0xeb/0x810 [ 3559.840519] ? ksys_write+0x122/0x250 [ 3559.840806] ? __pfx_kernel_clone+0x10/0x10 [ 3559.841140] ? lock_is_held_type+0x9f/0x120 [ 3559.841469] __do_sys_clone3+0x1d5/0x250 [ 3559.841776] ? __pfx___do_sys_clone3+0x10/0x10 [ 3559.842135] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.842589] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.843017] ? fput+0x2f/0x1a0 [ 3559.843270] ? __pfx_ksys_write+0x10/0x10 [ 3559.843573] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.843962] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.844348] do_syscall_64+0x3f/0x90 [ 3559.844637] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.845018] RIP: 0033:0x7fefd8f24b19 [ 3559.845289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.846566] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3559.847113] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3559.847627] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3559.848137] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3559.848643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3559.849161] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3559.849692] [ 3559.850701] cannot create netfilter proc entry [ 3559.866688] FAULT_INJECTION: forcing a failure. [ 3559.866688] name failslab, interval 1, probability 0, space 0, times 0 [ 3559.867856] CPU: 1 PID: 19954 Comm: syz-executor.6 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.868429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.868969] Call Trace: [ 3559.869161] [ 3559.869334] dump_stack_lvl+0xc1/0xf0 [ 3559.869641] should_fail_ex+0x4b4/0x5b0 [ 3559.869954] ? prepare_creds+0x2f/0x6f0 [ 3559.870264] should_failslab+0x9/0x20 [ 3559.870546] kmem_cache_alloc+0x61/0x390 [ 3559.870867] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.871259] ? get_random_u64+0x394/0x660 [ 3559.871577] prepare_creds+0x2f/0x6f0 [ 3559.871852] copy_creds+0x7a/0xbd0 [ 3559.872133] copy_process+0xe2a/0x7320 [ 3559.872423] ? lock_acquire+0x19a/0x4c0 [ 3559.872736] ? find_held_lock+0x2c/0x110 [ 3559.873052] ? __pfx_copy_process+0x10/0x10 [ 3559.873390] ? _copy_from_user+0x5c/0xf0 [ 3559.873696] kernel_clone+0xeb/0x810 [ 3559.873989] ? ksys_write+0x122/0x250 [ 3559.874289] ? __pfx_kernel_clone+0x10/0x10 [ 3559.874646] ? lock_is_held_type+0x9f/0x120 [ 3559.875000] __do_sys_clone3+0x1d5/0x250 [ 3559.875321] ? __pfx___do_sys_clone3+0x10/0x10 [ 3559.875705] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.876135] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.876589] ? fput+0x2f/0x1a0 [ 3559.876859] ? __pfx_ksys_write+0x10/0x10 [ 3559.877179] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.877566] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.877972] do_syscall_64+0x3f/0x90 [ 3559.878284] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.878664] RIP: 0033:0x7fb5d476db19 [ 3559.878943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.880243] RSP: 002b:00007fb5d1ce3188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3559.880814] RAX: ffffffffffffffda RBX: 00007fb5d4880f60 RCX: 00007fb5d476db19 [ 3559.881318] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3559.881822] RBP: 00007fb5d1ce31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3559.882346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3559.882854] R13: 00007ffe0bc23a6f R14: 00007fb5d1ce3300 R15: 0000000000022000 [ 3559.883396] 00:41:51 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39) [ 3559.925601] FAULT_INJECTION: forcing a failure. [ 3559.925601] name failslab, interval 1, probability 0, space 0, times 0 [ 3559.926500] CPU: 1 PID: 19959 Comm: syz-executor.5 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.927051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.927593] Call Trace: [ 3559.927774] [ 3559.927937] dump_stack_lvl+0xc1/0xf0 [ 3559.928218] should_fail_ex+0x4b4/0x5b0 [ 3559.928500] should_failslab+0x9/0x20 [ 3559.928773] __kmem_cache_alloc_node+0x66/0x310 [ 3559.929093] ? nf_log_net_init+0xa0/0x370 [ 3559.929093] FAULT_INJECTION: forcing a failure. [ 3559.929093] name failslab, interval 1, probability 0, space 0, times 0 [ 3559.929380] ? proc_create_net_data+0x151/0x1c0 [ 3559.929401] ? nf_log_net_init+0xa0/0x370 [ 3559.929425] __kmalloc_node_track_caller+0x4e/0x160 [ 3559.931657] ? __pfx_nf_log_net_init+0x10/0x10 [ 3559.931974] kmemdup+0x2c/0x60 [ 3559.932207] nf_log_net_init+0xa0/0x370 [ 3559.932493] ? __pfx_nf_log_net_init+0x10/0x10 [ 3559.932812] ops_init+0xbb/0x6b0 [ 3559.933072] setup_net+0x3d9/0x990 [ 3559.933329] ? down_read_killable+0x1d7/0x4e0 [ 3559.933646] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3559.933980] ? __pfx_setup_net+0x10/0x10 [ 3559.934278] copy_net_ns+0x321/0x770 [ 3559.934553] create_new_namespaces+0x3f6/0xb30 [ 3559.934881] copy_namespaces+0x414/0x500 [ 3559.935170] copy_process+0x2b78/0x7320 [ 3559.935464] ? lock_acquire+0x19a/0x4c0 [ 3559.935752] ? __pfx_copy_process+0x10/0x10 [ 3559.936065] ? _copy_from_user+0x5c/0xf0 [ 3559.936359] kernel_clone+0xeb/0x810 [ 3559.936630] ? ksys_write+0x122/0x250 [ 3559.936901] ? __pfx_kernel_clone+0x10/0x10 [ 3559.937217] ? lock_is_held_type+0x9f/0x120 [ 3559.937529] __do_sys_clone3+0x1d5/0x250 [ 3559.937831] ? __pfx___do_sys_clone3+0x10/0x10 [ 3559.938173] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.938575] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3559.938975] ? fput+0x2f/0x1a0 [ 3559.939217] ? __pfx_ksys_write+0x10/0x10 [ 3559.939506] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.939873] ? syscall_enter_from_user_mode+0x21/0x50 [ 3559.940240] do_syscall_64+0x3f/0x90 [ 3559.940516] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.940872] RIP: 0033:0x7f89ec184b19 [ 3559.941128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.942328] RSP: 002b:00007f89e96fa188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3559.942837] RAX: ffffffffffffffda RBX: 00007f89ec297f60 RCX: 00007f89ec184b19 [ 3559.943309] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3559.943797] RBP: 00007f89e96fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3559.944290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3559.944782] R13: 00007ffe081f81af R14: 00007f89e96fa300 R15: 0000000000022000 [ 3559.945287] [ 3559.945459] CPU: 0 PID: 19960 Comm: syz-executor.0 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3559.946459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3559.947434] Call Trace: [ 3559.947758] [ 3559.948042] dump_stack_lvl+0xc1/0xf0 [ 3559.948544] should_fail_ex+0x4b4/0x5b0 [ 3559.949055] ? security_inode_alloc+0x38/0x160 [ 3559.949630] should_failslab+0x9/0x20 [ 3559.950112] kmem_cache_alloc+0x61/0x390 [ 3559.950655] security_inode_alloc+0x38/0x160 [ 3559.951217] inode_init_always+0xbb2/0xea0 [ 3559.951760] alloc_inode+0x84/0x240 [ 3559.952219] new_inode+0x25/0x1f0 [ 3559.952661] shmem_get_inode+0x183/0xe00 [ 3559.953168] ? do_raw_spin_unlock+0x53/0x220 [ 3559.953735] __shmem_file_setup+0x171/0x300 [ 3559.954284] __do_sys_memfd_create+0x385/0xa20 [ 3559.954853] ? fput+0x2f/0x1a0 [ 3559.955277] ? __pfx___do_sys_memfd_create+0x10/0x10 [ 3559.955895] ? ksys_write+0x19e/0x250 [ 3559.956374] ? __pfx_ksys_write+0x10/0x10 [ 3559.956895] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3559.957548] do_syscall_64+0x3f/0x90 [ 3559.958032] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3559.958679] RIP: 0033:0x7f913ca5db19 [ 3559.959136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3559.961238] RSP: 002b:00007f9139fd2f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 3559.962163] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f913ca5db19 [ 3559.963018] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007f913cab70fb [ 3559.963868] RBP: 0000000000000002 R08: 0000000000000800 R09: ffffffffffffffff [ 3559.964720] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 3559.965567] R13: 0000000020000100 R14: 0000000000040000 R15: 0000000020012800 [ 3559.966446] 00:41:51 executing program 2: pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 26) 00:41:51 executing program 6: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000100000000000000000000000000000040000000000000000000000000000000000000000000000000523288b38851b39500000000000000ff070000ff01000006000000000000000700000000000000cc90000000000000080000000000000000000000000000000000000000000c000000000000002e09fb000000ff0700000100000000000a000000000000000000c656786500000000070000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061133fa6006ee93fe2662ed4e800b2536f726b5aa23d4ff96a8d28c30cfc608084f90880ba4669563ec10bbb2672c50ac2fa93413095a593f471f7baf54741c64099495f53fc00350a6a2ee9aabfd1ba8af8403c5e30a935393101c6c019adcb685f9ce49fe3496ac33e4b707d1ccef10a65b6fffd513f82bac98e389cfd397500d50cad3209eaa83aebd987f874147b8abf82cf4acedfdcb95a1d0f4461cb6db07ad4cfa57ea1f4f8c5644c61c8dbbbe7a03ae5fceb8b1613ea8feab6e1ffc7df72028f68cfbef8fb1276c45e73c4d135d4ada381b5ffb6400bf5446ba759da25519fe01fbb83d351a87609"]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) r1 = openat$incfs(r0, 0x0, 0x31b200, 0x44) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x4) pwrite64(r0, &(0x7f0000000080)="ee7b", 0x2, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) r2 = dup(r0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r0, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 6) 00:41:51 executing program 5: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x4) r1 = dup(0xffffffffffffffff) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup(r0) bind$bt_hci(r2, &(0x7f0000000240)={0x1f, 0x2}, 0x6) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 40) 00:41:51 executing program 4: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB]) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000004c0)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x301042, 0x0) openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x31b200, 0x44) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) pwrite64(r1, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffc) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x8001) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000a, 0x1010, r1, 0x29287000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x50550, 0x0, 0x0, 0x1, 0xbb63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 39) [ 3560.118830] FAULT_INJECTION: forcing a failure. [ 3560.118830] name failslab, interval 1, probability 0, space 0, times 0 [ 3560.120480] CPU: 0 PID: 19967 Comm: syz-executor.4 Not tainted 6.5.0-rc1-next-20230717 #1 [ 3560.121467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3560.122449] Call Trace: [ 3560.122770] [ 3560.123056] dump_stack_lvl+0xc1/0xf0 [ 3560.123561] should_fail_ex+0x4b4/0x5b0 [ 3560.124071] should_failslab+0x9/0x20 [ 3560.124557] __kmem_cache_alloc_node+0x66/0x310 [ 3560.125147] ? nf_log_net_init+0xa0/0x370 [ 3560.125675] ? proc_create_net_data+0x151/0x1c0 [ 3560.126276] ? nf_log_net_init+0xa0/0x370 [ 3560.126804] __kmalloc_node_track_caller+0x4e/0x160 [ 3560.127422] ? __pfx_nf_log_net_init+0x10/0x10 [ 3560.127996] kmemdup+0x2c/0x60 [ 3560.128432] nf_log_net_init+0xa0/0x370 [ 3560.128945] ? __pfx_nf_log_net_init+0x10/0x10 [ 3560.129530] ops_init+0xbb/0x6b0 [ 3560.129983] setup_net+0x3d9/0x990 [ 3560.130466] ? down_read_killable+0x1d7/0x4e0 [ 3560.131041] ? __kmem_cache_alloc_node+0x1cd/0x310 [ 3560.131663] ? __pfx_setup_net+0x10/0x10 [ 3560.132196] copy_net_ns+0x321/0x770 [ 3560.132701] create_new_namespaces+0x3f6/0xb30 [ 3560.133304] copy_namespaces+0x414/0x500 [ 3560.133846] copy_process+0x2b78/0x7320 [ 3560.134421] ? lock_acquire+0x19a/0x4c0 [ 3560.134959] ? __pfx_copy_process+0x10/0x10 [ 3560.135543] ? _copy_from_user+0x5c/0xf0 [ 3560.136073] kernel_clone+0xeb/0x810 [ 3560.136572] ? ksys_write+0x122/0x250 [ 3560.137053] ? __pfx_kernel_clone+0x10/0x10 [ 3560.137617] ? lock_is_held_type+0x9f/0x120 [ 3560.138193] __do_sys_clone3+0x1d5/0x250 [ 3560.138724] ? __pfx___do_sys_clone3+0x10/0x10 [ 3560.139334] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3560.140056] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 3560.140772] ? fput+0x2f/0x1a0 [ 3560.141200] ? __pfx_ksys_write+0x10/0x10 [ 3560.141716] ? lockdep_hardirqs_on_prepare+0x27b/0x3f0 [ 3560.142368] ? syscall_enter_from_user_mode+0x21/0x50 [ 3560.143015] do_syscall_64+0x3f/0x90 [ 3560.143516] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3560.144155] RIP: 0033:0x7fefd8f24b19 [ 3560.144617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3560.146752] RSP: 002b:00007fefd649a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 3560.147687] RAX: ffffffffffffffda RBX: 00007fefd9037f60 RCX: 00007fefd8f24b19 [ 3560.148558] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00 [ 3560.149441] RBP: 00007fefd649a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3560.150325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3560.151196] R13: 00007ffe217f65cf R14: 00007fefd649a300 R15: 0000000000022000 [ 3560.152084] [ 3564.677247] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3569.093320] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3573.509267] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3577.925322] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3582.277273] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3586.693612] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3591.109249] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3595.525304] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3599.941347] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3604.357222] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 3608.709292] Bluetooth: hci0: Opcode 0x c03 failed: -110 2023/07/18 00:42:40 executor 1 failed 11 times: executor 1: exit status 67 SYZFAIL: wrong response packet (errno 2: No such file or directory) loop exited with status 67 VM DIAGNOSIS: 00:42:40 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffffea0001110640 RCX=ffffffff817d0f78 RDX=1ffffd40002220c8 RSI=0000000000000000 RDI=0000000000000000 RBP=ffffea0001110640 RSP=ffff888044eff688 R8 =0000000000000000 R9 =fffff940002220c8 R10=ffffea0001110647 R11=0000000000000001 R12=0000000000000000 R13=ffff88800dfc7d98 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff814c9198 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe89071c870 CR3=0000000043abc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000080000001 RBX=ffffea0000f0f440 RCX=0000000000000000 RDX=ffff8880164151c0 RSI=ffffffff81717c94 RDI=0000000000000005 RBP=0000000000000000 RSP=ffff88803154f6d0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffea0000f0f440 R13=00007fb5d368f000 R14=ffff88803c227470 R15=dffffc0000000000 RIP=ffffffff814c9670 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe8907ecfb8 CR3=000000000f186000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=c96bac0000000000 401d FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=636578650a3a73656d69742031312064 XMM02=6174732074697865203a3120726f7475 XMM03=203a4c4941465a59530a373620737574 XMM04=702065736e6f7073657220676e6f7277 XMM05=3a32206f6e72726528200a74656b6361 XMM06=726f20656c69662068637573206f4e20 XMM07=706f6f6c0a2979726f74636572696420 XMM08=3a3120726f7475636578650a3a73656d XMM09=0a373620737574617473207469786520 XMM10=7220676e6f7277203a4c4941465a5953 XMM11=200a74656b6361702065736e6f707365 XMM12=637573206f4e203a32206f6e72726528 XMM13=74636572696420726f20656c69662068 XMM14=64657469786520706f6f6c0a2979726f XMM15=0a373620737574617473206874697720