city change from 0 to 264192 [ 798.072729] FAT-fs (loop4): invalid media value (0x00) [ 798.074278] FAT-fs (loop4): Can't find a valid FAT filesystem 18:19:35 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:19:35 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) [ 798.130898] FAT-fs (loop5): bogus number of reserved sectors [ 798.132333] FAT-fs (loop5): Can't find a valid FAT filesystem 18:19:35 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:19:35 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:19:35 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:19:35 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) unshare(0x2000000) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) unshare(0x40000000) semtimedop(r0, &(0x7f0000000000)=[{0x3, 0x4}, {0x3, 0x8, 0x1400}, {0x4, 0x7ff, 0x800}, {0x1, 0x4, 0x3000}, {0x0, 0x4, 0x1800}, {0x4, 0x81, 0x1000}, {0x1, 0x9, 0x1000}, {0x1, 0x2, 0x1800}, {0x0, 0x400, 0x800}, {0x2, 0x9, 0x1800}], 0xa, &(0x7f0000000040)={0x0, 0x3938700}) 18:19:35 executing program 6: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r0, &(0x7f0000000440)=""/43, 0x2b) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000000), &(0x7f0000000040)=""/172, 0xac}) ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:19:35 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0xfffffffffffffffd, 0x101800) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:19:51 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:19:51 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:19:51 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000", 0x15}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:19:51 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:19:51 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0x10000004}) mmap$usbmon(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4010, r0, 0x963f98d) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$BTRFS_IOC_ADD_DEV(r0, 0x5000940a, &(0x7f0000000140)={{r2}, "ea5416a3ac5249315595b07e276127ee63e8eb62c9b7f99f684e6f084816d6a255ff80c5587aeeaadac6c0302ea91bb06f92a9d192e406aa0525c996adc5b03a814e682ec07681ad0d03120d0209391132a8e46f7a9e8e0a7a80271accec9a61cdeeb88ac23fc61eab073378335af8125a8560795e58c0c8cf6dbc93a9265e4bf03ca067bfd6aa0b4effdc8ab959da0c075dcca01b5ddec5bdad9434682d45c298a2291201704d56bb0f3637604f3be0711cec4ec68e52e26d2a38e3e4ccabf50794a3c679052b88840ee2c69361326ac604ef2635a108c64205e6735f804fd1817e5e4db91161c2f4f65ef1579a24483bf3af4b6660093914ec2844a93fbddc0e12b23fa93a8599d99e48d38c9dbd7074edc7cd1cd06276e24453566de165046ff65c5537ded8d98b84ab433eedcddf6a5670d500801e373eaac45cf30a5dbdae322674438354312eb15d7bf91d5db6d5b650a0e311fcc9ef90b20b9504d0db60605c62344d50ee7f1f7fcb8ceada17cbe52cf71009aff70584805ab3643106b4cb5c34dccd38e54b4d801f4a5551298f3b16c47f5505b4de5932dfda052c06ff1e3e210ba148089a0d67c625e1d130c6093d3edf9d3959f8bca1ceabc53e743d8f05922228dc7d4174d7d5f753b29433717ac04808fff0bfddb55b04b2d4821c795cb81bf49e68dc446e6c0a1b83b7cc2e68010a05771c4b9edc3a2e5bb636372f9ce4422952b977684861cd5e24682bb33a9fe0772f31d63dd57ef43196f019ce4032019e9d910a74ea54981d29814dbf465c835eee73af9158487026c2dcc0eb2925591e1101aa2fdd0f68ed1933703478c6abbe8f175bf53ff965186c470bec59fdf32d42525ea00fda6dbdf334c34cc3261a2eedb93cef28c7e2628d30164cab8571ffb389bdc5b4af04ce15a1995e9cef18e3783d0b14e32ee4fa90d277f769d63b010312b8f16735e814175eaee48eb9bf99abc289c12834b2bf439f1e7e93007da5bce4612b34d429a4d799fa9e0964ebe3f0acebfe0780fb559ea2d0d4d93996f2144ef09c686eb4debfdce0e91a7715f9b95c167079d69a4fdd1b5af6406971585c332b81d63d896a3c2852247e6373940cbfe3af4b2d2d78542bfccf7ab4a40b00b440b80368e0269c5df509f575d40965e096f0e849d5e8efab00ac0c006ee420e26a0d82b0e2946efecf70368f85625825edd274864f26c9284623742200315869b5a3c8cc962389e135d2b976cd55a32597b2f77cbcd2c2622b1fa1fa04f307783de83267b5b042f7878722ab069036f1338222a7b9618cc3d3c0d2e0726d14a7ee6990dd4b41b16688c8984de837caf3a26bfcfc39b9f078bf0a46c2060f872be2098db41f8dd70e844b76a4092d9dc168e286e8395aaa8c6456d3e63224c83bf96b1d51d64c7f2edde799588f9ba7f3a7227b4374e1e4befa1e0a25195e02536a7e369eb86c7fa32498342007aab254efcc4f8103c8df79b858b7a08c4f114e33bb844380df0d889d778fc2bda3fcbf92f514081bb4a9b8d651c1106973724124055df265589fbcd969ad1705e5016c814747b10c99cba62d6c5578b9d81ccf8d363341e5738ef5db81c2549a30622ea68b22bcfd2c13a3af7505ba156ae6ad9a81078f9ae5540f21727c2558f366b6099630a28d788c03e2b0ac7bca1891e02111928a94d295fdf74c867e9e01846f9c2e62f6f5b889bc52e2c58b7a2a892993b24569ba2ceeb3c4823061f0f4c9c41a0ad06f17acbded5b30d1e7a3bcb65a871d918bb64efc44ea0045ebc9ab61d350dc99024c671ef72547bed45992ae5fe40f5764588b4093a388d7cabec5208c1592b2e85efb0b9e22b898b2c6c38f138024a17825db61d918c1bda3837cfbfc4c3b3c80991f81dd5d76b026b5d1f1ec5cfb64c9e7da9089a2f0c9d70923cf89b29ddbf8424274f9b31ad21f6f62192cee5885d01b48c11dcbabd0c80cc598ff7fd96460ba3a9f8bc45635675f9ae4a3e7aaf302e3998a09aca4ebdac47b4a7d9e82cbdc788a9155bb2d72ea0979d6d1c38c471337fc765c73194031de233d7fb39697e2b15efadc216b6f86b0f66b3a1365faf81a7f99be8f0c5892e01d5020dc8a2e013c7d8f19d3667c3554f76c06ac4d71861f5aa444747edcd777daaeeadda9c44bec4311d004bde0b859de52503de1b9e544fdcea7bfbd94a60c248550cae10c911d4803ff9de94adeda46f00295a247d176350a90e9985ca2e06385f8f6070cdbd3d067c52feba8f0c74cb8f5686a8d13cd194d5fc5f6cf40c15cc5990fd73ed8aacc998aa7ad16e2350c773907e83c9464c1e69992e83ad9ca21b708f93ed98898fac27a76824c5c181e13ccbb041de440c7c23d025318f20a5b5a7798fbb30eb68c52615b6eb4544d36bc6f82fc75303517466bbe694578d00be557190b3d53ac02a2a4c9c891f90afaf3cbb6e7d77d553f53d65de3c009b7122511c53521f8252d22483495c76efcc7cbeaa1e31ac9e7908cb08b508bd428bbae769cddf0fffeab5d86f520f9a7ef09bbcffb6f34591e8241091c8a3c7fbadd4def7f9fd8af9dceb9208984490fd1964e19030f4bc6bd0cfcc781ce4b3bd2a30a0a0d66115f7e332265c0bb80005e96be0c168892c329d01452c675d7719b292009d1026dd97aeb1073a683cb28d270bcaaa8673b9763ea5f3c137f78d4a756998cccbad19a8f6f5f09512a9b009d5a35382d9bb7ff64fad3da3b3426cfd9141a6007f784b603c1a51fb3b37acec4fc48b672fcc59be94716f5512446be781cbf6f0d5ef4b773aa11fa859088b4dae937d4af9edb589b6e206e5099909ebea2fa73a51a4892b7f5cb172c924a1fa39bb60dbcb9370592af37ceed1f6f8be947456a6d6cbf925478e648defd3a954efe8d7203e4f027fb7408d0a03552d8cb2d886e659351e5b8195e62758b11ec76251860547a97f22f378c492de2162a2d21b72aa3321187434c25d02dfe039f333faab7577fec31b9227797e49d93f7da0d819bb5dad37f063ba01910a62e304fee7a5deb8be7b1d64893d0303b29d84d58c1868bb4f859df66eafd265d5d521a97592f2e138c47d09aff49a2aecc7b6322522b3f39768ad0ccbf03c6e324ed1b920983cb950a51cf51206b1682f33b2b8996578eb0d56f6782d2bda268077ccbef56c75849f258795943a3e2bf6a53d591f23112892774535de897f19cf6a8bdd26eb578c2fe885a7a33cd6b4585557bfe124e096fc8ee92e510923da173bdc2a6b7c866e29df5a99ae3a4b223750ba03456a67d40379c2a9e18d198312e5dd3bff93e563d11a7250befbb453595c9ff9c37dd967672bc20517fc0dff45113f2f80c590dbdfbf818d0fdb120b8d32c5be1b64794487feadd16a96cb7de45830195dc7d0ae934f1014845bda44c26e80e9dddf9fcc33b857f90691d547a4afb6e9b71c496d67bb665dc2e6bcb719830f625a2669540720b7bf200c00422ae2b11222e68b4d1fca05be51e86799e55bf163b9bda85386f853de0c4c7eee1abc6ace7333ebfc948385ac7bfe53d1a3caed2647b22812ae482c8d86395ce7dc007ad0bc91fccc9898c6f263824cb176cd0bcd83376adfd79024a009ae681e5134a52c4b5854bce0ab136a8da62b78360ecda8115c4265b9a109fbb9469353bd850f5d80806455999d30b4b0d686b29d0edffcd329f599ed0c89df0231c4e90553964b5a9f397ce7b056c58206de04f7f3a5b37637ac6cd4f4f71fe19dcaf5b4e212ae854b92b846f7a5fe5e749a10ab610b0890442115ccfec0a5faaba49b6399c0e26fe317393b66abc0cda96006ba4771c25c614f6a85ebf028bac5c69ce11cc70a0dcfae682722c2df389e45d971a893893bde343885103dcfcfe2e2ca7cea5ad909886666cea45ced1b0f50218b9f91e6d6dbff3b723289f44c4e5439b6d57462b93aa350e71b41cc82205449af8242900370859425459582e2aff08ef058762c55bfe0bb74f49536a6bb06974213ed4e81c4336203e723408667dcabeff2bdb30486d0d19b3136ae35f7729a08eade1e7091a8f6cceec31f3e2fe0562d28dc06d83ab6157272a43d0be8f61d4e6d0377704b2635fbd0eea7dea5e0e540c41e012ffca5d63c3f9ea55a3cbff2567ee55818ed1fa62219a1978b67f7bd0678acfaac85a802204f4f8fa1bf0f0de7f3838450494a7e650d6bc3ccdb98a517f9670297fd3d2f1a0768f003dcd153cfb6cad26e77042656d4f42d75f41c2a31a1b1f1511c8cd7879524b21b9a37b5290dc428b8a954aa2f26ad637ef056f4c132895903104966f6d8904ceb09056dccc637de99229eba819eda61d882727f3c60a465768ebda56e3af3f77b4a39d5eaf1cc3fea0e0377a3d8c2917315a92153bcd250827db0d7e599839f3eea397076dd2905752ca97f19c7ceccd782df4e9a73cb9ab07d6e319f93d136918ad1571328f66f3e430a8db5a712bddb73f75741f3894edfc50806e11f3b6c5dfa1e16f40e6c3f6d72625f77362b57fbed907d8755cc65e87d32b93352ce526e021a94cbd6658024921f950eba1e41c166a804518e4eee1399b6323ecbc2edda9ad080a8bdbced3a345a122411275a9dced29635e255401e013f5b2e0cc342921014c79b3cba4235822249c6584b2f6dc0359b4ef9e0341bcfe28000cae77b0ceef7113c4304e5ba427acf42e7015b12a1a5f68a83c0459e479ac5dd446e03001e6bf417cff9e033bac732b59bfab3ea5e14b6b035cad5c84074d22c00b5eda0c34724c0e593b93c71b9230a6f8dcfed9313f045fb4fd240187d809a6b9440ed2bdc8ed0ed13cf0b461193773516c3e68209d1af99554c1f2efe8f724aedc978e21b497b3f320b0303370bee046fb1d42aa60e09a1b160c63e540d90add4515f6e87995855744d0781640fa806620c725e6837bda7dd4dbadab79207a2e72a3ac773e67154f5bf2949cfb2031d63a193bb801144c6cedce9d00a8641c2c671875dc129051b4a7e3d3da75164dfa44eba99dd1b30383766d7ed84529905e7fcee6cce2d8ed27e407d664e479d7c9ea44695940f0a93459cd2f77194d6bbe70527f3f565ad45663ecca26de19ac171e4072c489d95d9b14afcc0824ed7ea5e065e12134db4846e737f1cfa93f8c96434ddf7c808674a4e96c985d8a00b9aac78d8f300d0b68dc9d904dec30f1f64cd6cd36fab08ff75429a4db8eb7fce7b2c821e1057e4c37bd93f5a22a6a25844dc60ef12036ef65d9fb488b3db1ca571a39e9c1dab1cdb22b7269d6fbd6dc55f7abbe42ebd121d23f024ca65c30393793d038753a57b60a4071b80c5586d492a60c29e221ec5d9faa3d5842140a0c13e89c19bb1c2742fb0f62c5f4c3f71cc7d1ab26f17cb488ec18122eb6ff6eab423221250c52e98f1a5b86bf8f782831ca757a95386712fabcdb091da33988d13606a694f27163cccb7808fd12d0995a5fe0674d3fa8a3b580295843ffbfd9bfe6e1404041be3d3da502bf6dd2f1a58a72319bbd683ad624794c87a4351acfb6ee0347113c508f45b6c3ff8e934452b871cf5cf1a7ee98b6476c36810af94a0438d77dd7b3f53c2d8e955864514fba11bb92f06e032c7182a9e41918fdef4c2a31e227d342646d4549a06dc3631e6e57c33419131b00df1181b04f74f0ae057c9599067d7b0bd8e0f20e2fb6adbf93a38aa4d239591255504b5f0163a8f54caa826e3d9a4b97b9a051c05b6d8bb3d3eb520f06dec31bfdc25d121bc6aa359c02fa0ce6a20e6b123adf31e88a45f7"}) r3 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000001480)={0x0, r0, 0xf1, 0x0, 0x2f, 0x9}) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) bind$unix(r1, &(0x7f00000014c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e) ioctl$INCFS_IOC_CREATE_FILE(r3, 0xc058671e, &(0x7f0000001400)={{'\x00', 0x1}, {0x2}, 0x1, 0x0, 0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000001140)="8b22bf0ec364fb82ccfd1c77e8d0696ce498bae77be69f754a37d9f6f8b07ef40abd3bba51b750926985adaaf2c27b2ce4e2997e35b732d3a54ab31d08b6e6542c804ad7cab311474f3367c931f2a4506f3954df458a663929bc4f3bfd68356244c70c2a75d71a185d78e341778ee73b863b9a3f214afd45fa9fd2047dd0f5cfad7cfde6ac0b7261d69db6b8293bef7bcc251b455fdd3da2aa0458b31d593bdaa443834d2b78caf4bb9a7aa7e01cc7617d3475fe2a3276cdee3df41ce6086ad3b0bab97e12104674145cc510884381b8e342ad249bf4c70b3d3c104597f181c4372cd5a868aebf41fb38d0adfd08bd6857476ec09007e23bb877beacbf22a1827e03bb3d28e9bb53868d141a55eacc7a6cd4b6ddd20953", 0x117, 0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="020000002f010000000000000ccc000000ce516cd715558add0b400efb325af73f78f068f504e5a9858ce90a1131061fe5dbdf7811671ded545b7e97af2a052e82d7e5cf4675f8629834e17203d99a80c0b31765f60007301e32a5c2d0899a9dfd2a1ac6a120e05ad0c4ccc6d843a0e47cb72938c75483b1406397ecb339482d0be70f8223c699c3275b927e4623960dcfbc3a52bbe628a50a99403e54b6c518f0677f2b58df047348502d026d5f8e4e9567bf9eab1ddfdffa860977c65517f280e14d8540d90e56000000a5f52cfdd40e101b2f1716c610321c22119309fbd1c2ed215986184e0076a610e501dd7ce1027857198a6fc37e706bc59d023266636fe26f16bb8cd482d791658d705402a84acdc76381c615e6eb4c59364a350c9e7e14000000a67ca1ada8eb11dd5e67d1552c020c9a9d6ec54c00"/324], 0x14f}) 18:19:51 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r1, 0xee00) fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r3, 0xee00) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x2, &(0x7f0000000800)=[r5, 0x0]) r6 = getgid() statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x2, &(0x7f0000000800)=[r7, 0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)={{}, {0x1, 0x2}, [{0x2, 0x2, r1}, {0x2, 0x4, 0xee01}, {0x2, 0x0, r2}, {0x2, 0x1, 0xee01}, {0x2, 0x3, r3}, {0x2, 0x4, r4}, {0x2, 0x4}], {0x4, 0x2}, [{0x8, 0x4}, {0x8, 0x0, r5}, {0x8, 0x0, 0xee00}, {0x8, 0x0, r6}, {0x8, 0x5, r7}, {0x8, 0x1, 0xee00}, {0x8, 0x6, r8}], {0x10, 0x4}, {0x20, 0x6}}, 0x94, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:19:51 executing program 3: unshare(0x8000000) unshare(0x42040000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:19:51 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) [ 813.378614] loop4: detected capacity change from 0 to 264192 [ 813.385544] loop5: detected capacity change from 0 to 264192 [ 813.386340] Zero length message leads to an empty skb [ 813.400778] FAT-fs (loop4): invalid media value (0x00) [ 813.402049] FAT-fs (loop4): Can't find a valid FAT filesystem [ 813.408903] FAT-fs (loop5): bogus number of reserved sectors [ 813.410173] FAT-fs (loop5): Can't find a valid FAT filesystem 18:19:51 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:19:51 executing program 0: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) getpeername$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local}, &(0x7f0000000180)=0x1c) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000200), 0x5, 0x2000) recvmsg(r2, &(0x7f0000000580)={&(0x7f0000000240)=@xdp, 0x80, &(0x7f0000000540)=[{&(0x7f00000002c0)=""/242, 0xf2}, {&(0x7f00000003c0)=""/140, 0x8c}, {&(0x7f0000000480)=""/170, 0xaa}], 0x3}, 0x100) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x1bd}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x7) 18:19:51 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:19:51 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:19:51 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:19:51 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x20, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) [ 827.527391] loop4: detected capacity change from 0 to 264192 18:20:05 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:20:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000140)={0x32, 0x2, 0x69682641d1b283bf, 0xe9, 0x0, [@dev={0xfe, 0x80, '\x00', 0x36}]}, 0x18) unshare(0x8000000) r1 = semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) semctl$IPC_RMID(r1, 0x0, 0x0) unshare(0x200) r2 = semget(0x3, 0x1, 0x8) semctl$GETPID(r2, 0x3, 0xb, &(0x7f0000000080)=""/94) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x3, 0x800}, {0x2, 0x600, 0x800}, {0x0, 0x6, 0x1000}, {0x2, 0x1, 0x800}, {0x4, 0x3}, {0x1, 0xff, 0x1800}, {0x0, 0x5, 0x800}, {0x0, 0x7, 0x1800}, {0x3, 0xfff, 0x800}], 0x9, &(0x7f0000000040)={0x77359400}) 18:20:05 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:20:05 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:20:05 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:05 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x206201) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:20:05 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x100000000, 0x2) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r2 = memfd_secret(0x80000) ioctl$MON_IOCQ_RING_SIZE(r2, 0x9205) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x2000, 0x0, 0xfffffffe}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x400, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x2, &(0x7f0000000800)=[r5, 0x0]) fchown(r4, 0xffffffffffffffff, r5) name_to_handle_at(r3, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r6 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) mmap$perf(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1, 0x8010, r6, 0x5) r7 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x200}, 0xffffffffffffffff, 0x0, r2, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$FIDEDUPERANGE(r6, 0xc0189436, &(0x7f0000000140)=ANY=[@ANYBLOB="ad00000000000000f8ffffffffffffff0200000000000000", @ANYRES32=r7, @ANYBLOB="000000001f5139a3c9096501c208d27dee9a49fa2ed904000000051900"/38, @ANYRES32=r0, @ANYBLOB="00000000ff00000000000000000010000000000068a91253a4000000000000000000"]) ioctl$MON_IOCQ_RING_SIZE(r3, 0x9205) [ 827.538266] FAT-fs (loop4): bogus number of FAT sectors [ 827.539086] FAT-fs (loop4): Can't find a valid FAT filesystem [ 827.568757] loop5: detected capacity change from 0 to 264192 [ 827.575133] FAT-fs (loop5): bogus number of reserved sectors [ 827.576188] FAT-fs (loop5): Can't find a valid FAT filesystem 18:20:05 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x9, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000000)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x1f]}, 0x8, 0x800) 18:20:05 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:20:05 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:05 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:05 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:20:05 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x8) 18:20:05 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x800802) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:20:05 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:20:06 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:20:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:20:06 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000140)=""/4096, 0x1000}) 18:20:06 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:06 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:06 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)=ANY=[@ANYBLOB="f8515caedfc6724e9463b96ebea1ef95fba8cd", @ANYRESDEC=r0, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB='./file0/file0\x00']) ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000140)={0x0, 0x0, 0x1}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x1000) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000000000)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) preadv(r4, &(0x7f0000000580)=[{&(0x7f0000000200)=""/110, 0x6e}, {&(0x7f0000000280)=""/54, 0x36}, {&(0x7f00000002c0)=""/115, 0x73}, {&(0x7f0000000340)=""/130, 0x82}, {&(0x7f0000000480)=""/254, 0xfe}], 0x5, 0x1f, 0x2) getdents(r3, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCG_STATS(r3, 0x80089203, &(0x7f0000000040)) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r5, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r5, 0x9205) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x4}}, './file0/file0\x00'}) 18:20:06 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 828.492558] loop4: detected capacity change from 0 to 264192 [ 828.497760] FAT-fs (loop4): bogus number of FAT sectors [ 828.498969] FAT-fs (loop4): Can't find a valid FAT filesystem 18:20:06 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:06 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) [ 828.569255] loop5: detected capacity change from 0 to 264192 18:20:06 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) renameat(r1, &(0x7f0000000180)='./file0\x00', r2, &(0x7f0000000200)='./file0\x00') ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r3 = accept$packet(r2, 0x0, &(0x7f00000001c0)) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000240)={0x4, 0x4}, 0x4) preadv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000000)=""/242, 0xf2}], 0x1, 0x1, 0x9) 18:20:06 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0xb8, 0xc80) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) [ 828.625321] FAT-fs (loop5): bogus number of reserved sectors 18:20:06 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) [ 828.627070] FAT-fs (loop5): Can't find a valid FAT filesystem [ 842.145445] loop4: detected capacity change from 0 to 264192 18:20:19 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:20:19 executing program 3: semget$private(0x0, 0x4000, 0x0) 18:20:19 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7, 0x8042) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:20:19 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:19 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:20:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:19 executing program 0: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000040)={0x0, 0x0}) 18:20:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 842.162408] loop5: detected capacity change from 0 to 264192 [ 842.164824] FAT-fs (loop4): bogus number of FAT sectors [ 842.165412] FAT-fs (loop4): Can't find a valid FAT filesystem [ 842.167352] FAT-fs (loop5): bogus number of reserved sectors [ 842.167984] FAT-fs (loop5): Can't find a valid FAT filesystem 18:20:19 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:20 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semctl$IPC_INFO(r0, 0x0, 0x3, &(0x7f0000000000)=""/116) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x0, 0x44, 0xfff, 0x1000, 0xffff, 0xffff, 0x4, 0x120]) semtimedop(0x0, &(0x7f0000000100)=[{0x3, 0x0, 0x1000}, {0x0, 0x9}], 0x2, 0x0) 18:20:20 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:20:20 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:20 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x1c) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000000c0)=ANY=[@ANYBLOB="01002b8fdeb0d4d881370000", @ANYRES32=r2, @ANYBLOB="01000080000000002e2f66696c653000"]) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:20:20 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000140)={0x0, 0x6}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x9, 0x200000) syz_open_dev$tty20(0xc, 0x4, 0x1) getdents(r2, &(0x7f0000000000)=""/78, 0x4e) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) r3 = gettid() process_vm_readv(r3, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r5 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) kcmp(r3, 0x0, 0x5, r4, r5) 18:20:20 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:20 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:20:34 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x1, 0x0) semtimedop(r0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r1 = semget(0x3, 0x1, 0x81) semop(r1, &(0x7f0000000000)=[{0x4, 0xc8e0, 0x1800}], 0x1) 18:20:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:34 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:34 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f0000000000)) r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000500)=0x6e, 0x1000) recvmsg$unix(r1, &(0x7f00000003c0)={&(0x7f0000000040), 0x6e, &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="00000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000070000000000000000000100000002940000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00']}, 0x40) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000400)={'IDLETIMER\x00'}, &(0x7f0000000440)=0x1e) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) recvmsg$unix(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/190, 0xbe}, {&(0x7f00000002c0)=""/157, 0x9d}, {&(0x7f0000000540)=""/4096, 0x1000}], 0x3, &(0x7f0000001540)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x70}, 0x0) 18:20:34 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x1, 0x3) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:20:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 856.586435] loop4: detected capacity change from 0 to 264192 18:20:34 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0xc) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000140)=""/4096, 0x1000}) [ 856.621107] loop5: detected capacity change from 0 to 264192 18:20:34 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) dup2(r1, r0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:20:34 executing program 3: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) r5 = gettid() process_vm_readv(r5, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048810}, 0xc0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) [ 856.656723] FAT-fs (loop5): bogus number of reserved sectors [ 856.658047] FAT-fs (loop5): Can't find a valid FAT filesystem 18:20:34 executing program 0: unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffc3f}) r1 = syz_open_dev$vcsu(&(0x7f0000000080), 0x6, 0x2000) ioctl$BTRFS_IOC_RM_DEV(r1, 0x5000940b, &(0x7f00000000c0)={{r0}, "b26f263ab04ae1b91eda89a1ca866df71c5986def82dd15ffcb7db3144b7363695b16426bd02cd4fcbb9a3e1d23af8acf36dd7beefe7614bb72046a6ae97e301012a0ef39747a396861e67cc9cff64ea17540e683094641f1f922f7494b72a1abc8f2a4095565efd78c3a60ea53c57cac54ad7e101708a1239b873ec406e7f6399af187e7bc2363a3ce9cdc1e4f00729ab22ed7ae03989ba7e5e32bc2d4b00c2c997879ed0efa3290d1ed37038938fa661760cc81ffa86e298e0e0a2174f7a49f79b1231b4491a1a4f06d09a285161e941ec44b4b7c36d84a14ac214dfc5ae6124a9fb59ece3d72306e5f2116218036bd887ce0d2dfe477d51701cb13497f378138346a9631d63582da8803bd927cc05f3106ea0df572d14baa1b68980dc6548b0d338638c39cec9dfda8fb3b86ab2cb23f17db13d2cf0debc1f4055d2c17c8675a40d3cf751988d063fb76383730f1231a6e90fcb9fe47debc4a3293a75a52316e986043c1ebfe9eac62a01f8e578db8fa817023107de32669fdeacd1f8849347d18e2dbc61564e98629e1c14a330030e7cbac5a7416774a9668da696f86470dcde70b54789746ba2678b16cee9e644f56fbe700fe05837385e202e03b5b370ce9f86779bc9068135dad8edfeec1ec196d0c53e03637253f1e68fe58c289f6d8791f92080138155d13f9b7789c6c693455f840cceece5aa66a2e725802ebb4d8a1a76aedbe43b7682ccd852fc2f2faaf5cca4376ade3b73c6c0c4d90e10538e9eaf663f2054ceed05df11e8226f6da9f77fce1271fd062de45622147a93b515eec34536ebefee86ac45bd197e326ff12c0429be506723fa97681fad8da758c18257e0995aad58025774656eb0a86cc27d9cc77e320d7ebca1c5f76eb92e1c0d8df3cfd405fe57a9eb0981b0e6c9a477011f8f7d141dac0e6fde094cb4f7a5322e1c6f520c4ad8ee9310322aa6fbe37bc5ea47a14aaca893fed2db1fcef803a3d31faf54c66dded0fadf6dc66b5b7f79baa68087e826db403aa8c7185c7e50b771ae4f4000399eaf3cbea874d594524b8f750cd95a09cd00b303fcc9c28a89902bccfe54fc7115f3c93a131fb90fd51cc497e295a961c7d456636ff0a27679274507fd588084f98a79975bec2b6ff9957be3641d028ed97038c7f4f0aed1d09252f3d8baf648210c13d767842d7dfe8d9cbcd07234336c3ff7c8f6f1b071ab827573ad8ddcb3c050a217a3f8d559ad4bd2f0f8c0f188c112a40dfee64a15f01d96b6ff53b801d75e963179b0d86cfa3fff0aa50c01f6dd13c92b5e54726350191b0f5c86cfacaab24e26428cbfc30ad6d9172c3bf1f1c7c3b2373a6da04c1ff9654cef83c00996935928d3d40546d3934bea22e05ca4a04470d98b3ebeefefc74a49d33de83f7473a3d8c5dbbb8d815e332c73f68168ae4815ca653e6c3a052e29002a5463ce756f673e19cab2a9ce7effea3c0e3454a84e52e96816d46c80a4bb4a0f7e5eafe3fcae2f506dddc0380ff80b4601bcf3d7eb71097ce715cadd81277503e43084e4aaafd33e7eb7746415f1d7ffa7a6dbf388aefafce7b3e8ca88a8136bac5770a9ee0cd01af221e01ba14f19aa176c1727861067f1b20928e84bfb382f1815bf76c7f2b6f62155b8bee79d64c97051be2fbbb4b945f3438d81e803444190fbef7d89588745dd87e2557c1e45cdaceef3a7421b6dd4cf3417858c2dbab187e849f31e3817a5ea150c0e9c952ccb21913ec6375951978d02215460861abe28deb34e8b4df28972086367f1e7d9c6e75a954de352ac2579d260bfaf7ba37e7f405956415847f50b3a50b6ca1870a274000c627341435ee7c3b64ca19eae3e027b1224a32dc0b0d37254e53b4a3cd2f7a439f01da57547aceb2d77aabd474b473a5aa314aa197d517c67156cf6334f5deefe8497adab9d0108410590e2f02cfb18bccfbcc2c21ab6f788048e208ba8140e1e4400517bc1bd699a0761a94c712b9c66a2a11e6b541c2203be642e605532a7ee2fae8fe6a6a4f2264a11da761ebfb973cb42921b3e7271411b1ea5d4b776c4672e75524f78f64e3364caefcbd3a960ae434a5abf66a929e163577c257aa20faa5c982c37fef0000529a45395808323689c5c68d2016ff9fd61536b2c27bf1ebbc718b7ab47fbd6587d83004360969405489b0a9538e43ddd3798c7a8de7070071d097892b49557594a1b1607f4627e979fbb9b1517642e9749988cc08e9ba71c57947cb9ff6ec3611c2f841e79bb3619ad93f56a5003396d8cabd6303dcdafe8a2b8df0f58ea8c82953f6d2187b22c646eecd6c77650aad6bf047a1efe614fc00a21a62bd8ef22772cbfd92f0907c4f11bf22fa2e89e7da2aaff6def4e2d1f745113aa9a5369e7ff84e5d9324486b68b99de82ce645e19573c3ce9d91dc59aadfb7a3d8f03f15b3bcac43111800ee66d563b466c4299d66ad4b4e499e33fc1873554b14b716fd2122d5f8fac3e906185714f4e235853a8beedc7091c06d14152245016aec645fd7be56497acbd23af9c44209ffd89cede2cd49bc8cef04f893c486308de656dfcc2696452782fc6ba642656211e7dcaa166f6e048e12985a144cef80d33a21a8682f8d0b34be86c4ef6a8a486062c07d12a5304094b06d45084fd003f1ae42364f91d084e55b07d27062afb00d41b923b424caeb00f9588be8ed7af3035af3906f7785eb2b9217a73736437e256fe4b4407b377fcab27ae41b40ec068774fd4ccf54c6746b8368888c288fb2d28ecd0d1fd6b7b18289033853b23468a1fcf6d9f1ee71e2d15d535816a69be3c5745fb7a5fcaeb4fda258e2d2a6da8b6072aac34ddcc7d0155c57fa6632853c00667937390765cbfe5dee67f90330135f5c84b7af3d0c83d27dbc0450d94b66c5421378719998b384f22818bde12966f18f3d70242f7c4669c7750fdcd86a2226e888e4f601ae68acd1a3e7017fc538e1f0f7dcfcb0b4975c8654cee3ea136cb0fa29c17e7d563fddb0b0728150e5f50cd02035f4fae53476ae19bda991f079578ff21009b91e4b02cc52185450fa38eb46973eb855d63b5a472141f5e4a73c5479addd05090041e4154c896cb08e0f0e1c5c2ad6137379575675dc8ef47042bb87b894259a123988486e6712b7b670b85127852663cd99ca0dbbc97f327fa0e006f7a435f22623d2b7624f68b8c0fe915476772a71fa41a59e1e97f481d9d4b9fa6a84ededd396d4f83e4f3f877d3ee146f4f92f875508e046c9572186fb6cf9a53e1a2b730b9a25aed766d4087d24570467c7352deca9cb95e09eee1195803b1b2c942d6f7db5e4adc39d8332238ed93de5aa17dbfaa92c95d7bc4e2664b76e772b83cbd9314657c9aa79f128fb7e49154a017fd4c6d10bafebaa46d35ae5cd99ce02f34ea772137b96bd722fc28e6fae6fce46a00e35cdff28085ac9b30c10b7f0bd9e265a645df2a1458ee5757a66862205fc821435007aea3bf3e6f8ee71ce897ed006541829c49b8e1c5ef871f0fdce0825f61ef784902aded9b277b3b26184dba9f14ece932299a4b6fa3572fbd397671bcbdd51c5ea6ea985ac26e66e8608c6f251e1b504108239e8e0986149b74739d9b4624f2a4d70ca77cf3a4fbdae5404cfe738e791e37f1d0955ff9d59f07f3008ad55ece77906ee0d7ffc3298b6bc1dc3d3d2da5c2488b335c8acf602e5de6a60e54f83123c9829c0087e23e552751ea17d97f9071b0dc0cf8e39c413e32edab0c85d03c413cdfb434c9fb0c06c9dcbab18985bc323b8998b604a5c650b19e2327f951139988b6395dc41e966e89355cfe518bb1761e639782ff294fd0894ed7e52bdb6eaa2c1952f924236749047a08342b1e1e5b0fd6b9cd9ebf5ce92048e69b53adab6337235101cd85001e31dd7c1443111c3e6a87f2fc3eb530a49a04d31803ca915b4649f995e3689fc99b09c701c1dc1670273cb5a03bb34f2baa0eeda75db491b79fd012e692353f9024b6cc3ebedfa8788a493822e3ff2a0d5338a788d7102f54dbcfe4f78f6dfa451a4b5223ed1289459c86f96ce6e8d971f3dd68fbe2588787acc8d451fad66f06d6acc58348c147b508bd7a14d475f6aea4b9495f686783fc0622f47baeb3369520d5a4dcc6282b29b7aa203c060f6c52823c2e987c263f1a3b296bb20f08567819f3751a03579befd260ea5b95b2b275c92ab21ca9e4550ef2e245fdce7611c288c50c6af991580952cb2be1b109b4bcea1c7854a13cd81d15b343ee7bfb99f9c94f7dd01275e464cf0e454d29b480e61a15477df8a0f10fbef0348e2dffc0afb073e639bf49aabc709f3750ed8ad001eafad2e94511e3c413e67b242f22d037c2980e53e8df51da6f8196026eb1441b70a7162d2e3629aa2677e45f9d1f26435b0ed7bc75c14358ee263f874ebf2b33bc8b0810f80971302f34e0bcdb4dd039fd6303871732998faa4a56ddd80e71e37973470ca83a661fc1af396eb9cf50dceef0b8bdeee186bbeed7b7537583523e8820607a3a949fbb9798811fff309ad7145e7a6bc621e887a66f86f5826f36b45fc002ca12347b65726f61713dd407d9c7b3428b9b395505ebfeda28990fb543af34d2923a35d394e90600f5ddbd107d98a5cd01da5e6f14a6ae6a4794424b4a97ed777621250e6d1b086c0a6cc023091b77139808a9161072557233b87cd04afe875912152ef4d6d5c2985c7354d4d57cf22ffe08646cf29bccb319e48b0bf080a9336200934388fec18363886ed075f8ecbb593f4a75933218742214cdc3c0472e27db86061d89a2e7bc22f0ee89c63d838dc9ec0f79986ce5d41b6f2a787b47eb0a613ca8e9395fbd30e913179f959a46b206ec50b2f068f9d11d6ee3dda414967990ce1d35628bd3ce47c16fc96c8adb434d8dc4da3b4191056808d9a18db57c5a5cc34da8944f7ac180cbf1750c6125444a8c5ae98322ed8335e73482ac931113aaf31f365c27e07989dbd0a4d618541198ba665f8b3f09420604491092bac63d49281979ab3d1261794febbb643e0d077acebd15e1ce056302bc1e35ec34ce93bc7c5eb809f3b75340aac93f59100af152a46d3746a201a44a662810bef1f447d13ae08182a6debb2f157d84d540fd7946d8e5f81297430eac180855eb8b4069b3f93159338366a7a122d57c73332e68e62430c38d29da38a9adc0f074c10f6dd3dad0d38d7ee809033e40623b13563ef3408d8359bbf5c09f9b58320f3cb073e13d15fbd8684d586e3c942738b2ec52ee5111762488ca5a1d07eca285f892ec3c56fef4096f224de0b5d8129ff1b804718e5ddc53dfa658998f3dd4ef80a931ec85f27aaa335c5b3c053710719c4cce018b7ada2433df34ef0c2e0f2df679ce4b2d5921f624c02942379e2024f03432036a10a1201bc407e3e886a01a2440d81aae492288502f76a1d6c4f8fd9f775a2ff6d264a307cee0ed50600def8de29c2c887702204da2f6820776a6a964bff62130a9f528311026507260c71cc3b7739b6ce752131b034e7b6d3b1271629ed9725c1041cc89f69a601ef31f7afb8c417d1418079950c236acfe81966c66f10e753747c36e5a3202ee8f4a30e2e547b83e868316811a3e59480d6bcd2bfcf809b32bb2a82df1dd6f6c3c00546e67d9c7d9f56f9b190c44ec4a0b91b3e009865bd84bd09761ee443ebd0b2e545a8afb1a411a78973b10108f6cb12ed26e3533af1e3c38e3e2a40479ca20e2db240715dc9d1fc1dc65f70227f55ed69b99083ac65c10079563872928311bd9"}) 18:20:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:34 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:20:34 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x4}, {0x0, 0x9}], 0x2, 0x0) [ 857.482409] I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 18:20:47 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:47 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r3, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:20:47 executing program 6: newfstatat(0xffffffffffffff9c, &(0x7f0000001200)='./file0\x00', &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfff, 0x3, &(0x7f0000001180)=[{&(0x7f0000000080)="ab98b1b4e5896a53c98c54cd803fecffd74193bad7d5384c7e791a0d11a90821f26c7ababcc0fb61f3d9f2cf3198b9cee702d9c3011338e7da4b7e2d4142ef23bdbbabc90721a57d4f0c7d64a9dffd0b3cf67aaeb11302d9c01734e72a2f8b26d86f4cbcc86d8a55686fa1d393adf4f246799fc3eec509dfed268ace", 0x7c, 0x2}, {&(0x7f0000000140)="4d10aadfbf224557a5555d3fbf784e4af42c8975bf8b199ef899b2d3e7cc7dea628615e89eac09355eb601cbb11bc0636f4c7ba2a16fabf61a", 0x39, 0x5}, {&(0x7f0000000180)="1c19f45768b8cb7e6637e53c7b6f140d655000338a7fa49fc9c2011164189afd792c9a1dbba619219232a50df7398d65252816964dd06737ae0825befba51e5e4ed4afd50cce4b75d849593c4311aefe356d141f0b4149843beb551289bb3ff244310ef0aece75acc00cd633683a4883f7cf0a297546baf3f933e6a07171fc363bdc4ec63e8771b79dcf147c04f63ab037c8102516027b6860ff80187f52a8e6291c1b807529e74a7ec7c94683e73fac6f9aeb49ec6f0e620e64a07ca6849e046ea2c5738af29fba5ecf0ded535367666a9d78fb274b60c21a55371024ca0d135eb33680412063b31c3d46a8a0f63a414d1f5f5ed9d735703a3a04cc4324c9a81359fec964ca63ebd6eaf1e242ee025228971ffe9a1ef79a019ffbde18e8459316536ea2c031771ffa21ad56a889c295883dbb28bd314f48986348525f51863614c9abdf5037c95122e0e42f546da85225e6d1d71b49748456641cd2912aaf82671b687a3307decfd3f15af4efa62a36adb5c66c35715dfb89295d9af9e57cc9e27d709c6c476cc2864ca667a3e5732bc33041f7cca5a32bb90aa590279ca8ef96c13364efa35648e99feb7fefc0e563bdff5467feef44f55b28cfeb38f062f96830964d3cc661dd94a61e6f64a85d620582dbac4ed671cdfba1bf30aa0eff306d8c42f54b34c8c56cf953434c1a45bcc471b5104059544bdd4bc96c811042f609bba9b5c649790903e82ef713bdc48d96d962ddb68a543119d15088dad3274f63d377df20e0769cf05edfbb5666323abf9fc82e2dd9cf6fb8adf594222674241b9e255ad5c767aeff9a2efa6d20b4f6838f6b4d4efc2ee3d501bc8948dfc7c46b193e398fe6c7dabb3ba19741a63815d3674ff2f9d8a7a891d503be0d89a4a46248d382134f92f02d2f3655d3864aa2f2f914bd6cd37e1acaac0ba10cc244c20073064dc5181b7c741346e9a2d69bdd5daae13fa6382792333eb1753b2eb22a95ccef0236739b0501325b382681735ac973590b94f6b95b107a468fe160de983f54481933bf8e0f9d0f1dc326e5bf36f97eb159f8c79d29c4ed11d295f4006fd8dff12b3928a3d312a6914d54c0bcb291f5049624d4ac876da464d47bb1c2332f5b4cedd05644b30026bea4dc423992eddbce9e2a81a390f2276e0386647991edf61f0a4e918cebadfe55968b5d67c1437afcff310a38a1e80467721f37c8c8508258cf17b1e704cec7e4fe774a31ef5b8b17d8588681c87ab71ab97f873a4e69410a0f2470f7a1c93e2bab48cf1e2ce21e7190b363982b53768196a65abd5f6b9ed864f53525a1fbafdb600fb4146aa9d14a22973a9d71e090e6d814525803f9c52415468507fb838d33a01b666560df5c382574946f252e5fcc541ea24b56d7390fc55200b940a8b6e2ea75548ca2c9804b15bed6ea471943a04460ced455f82ce3a0fd4e0f86c9b06d00937b58bd6e2d47f01a7e1efffbe292ca3db7ba25e22742415d85b1402d8b13c87dd914c7b50a089ac341233f54c05769b2db73a71e30d11ad3f3460f89466bbb1dcb203e02a2066063a3dc6937776bd6a6ce53717ded30c249aa133b8917fb7a2fe3c45fa1b25f0e596ce301d51e50bfd19e9a94c2d36a38b9ce2372275a727120b2c1f9ee327037e9f3e0af4ebfd34ed2bcf439cb077846581a1197c68271efb65b5041eed7ec27602319fba3b838243fd6798084e70ada085f1558ac8127287e4c682b6a48b81eedee2d99d1874c402abf0bc8a9b2de4b7506849d5465b49fdb69453d50ebf77c99d11b84edb458eeacba178c15d0ce102ed9525f5b5f2c421bfcac3100d96c8ad924e043c57a25a92f46a6ed895e307d64b6831f31571bb84bb11184983c33d63816e1c1ba741bf4295c72531cfe233b595150c14f72837e4e72126c26cf8ac9e1701c0bfd9b1900b01e3bf91df4cd40890676ef10c9c4c0976280e56682845496f53280e0eeec772cf116f4bbeea030649e1fe42894c22c010b318870917194ba5c5e1699965df8d59a43aff00e3cbfc875df8daea4565fab397e38b4c707aa5090bcfa9c2ef490277f24a0c346a604d84827e7c288b6b06f71c5d50b9bc063618a289010c73ba7b0b99ad16d7458dc8fe48ff7d8fd32951048ecede61a4392ae0d32d813d6fb5afa98c8b1dc2850ecb1bf731733c81467a3c024c05d60f2654bcb4b33ef4237419573ffa5f724eeb20fe02064d1f81b410f95a78549c284a411d3dbb27ffdab395b9608e8bda70286d7f25789779d5e9049b5fe3bd46714e21244996904efb7e44d23c70a990a708717f1f6e5bc6a9cad7c08dcaa2664e4e8bea70672d1a29301775288630da9c3e1da47355f0cf4b7695041b9ccfec389647188de74a480fd750774b34fb841ab4588016ce85d05527bc4f6d84651f66fa062a5df16051a7bfc2dffabfb25e489505563cc461297a82473ecdec55322540071bc49fc051247884f0a0688a875d4793185fc4fea83385c5972b28903ddac41d06f94deb6ab4b05510482b7f55f609badc0a5f85a85c5b2b64ad9b688c94fb010cbbb17cf6ced533e1c40a8a8683afac56024f8b5176bb68dfd9e6aeeaf43dca03c79f1eb1d3946011a5d5038270ef9ab96713017339d87a3a0d458d4b5249c57f276443ecf8b0b4b6141140ba37842bb65a3f5c93132d2e1f954c7e4059449acf834bb60e213ccf322f6660957e2489e42c737caec5bdfb288d6209f4080fcf8bb08f0d427e9e1c5c295d6cb22ffe3b5c2492de628fe4ce719e1da1e430a8db5a40d69837705029a00f0f63a1f37f9a7d994efdfc9da125faee5127ea9381f4587e4ac34fe0fd5168ae099b4f452b99e90a17290c83f4994809276191a0a8fd6909c96e6477b0df69d21a2983f9c75b7affd43820c0bf73ed03c377ffc0ab12b69bb42264f15ed31daeb9cfd2ecd28f837b27d9f861c5cc404f14b4468cb9b85edf034bff0be1b6f28ce0bdf468cd2c0303351ee1eb2498eee07446b7cbabd07dd6e8506138e97206b51b18124a2d65bcb09aa0d52372ecc6f229f74fd09c30d079893380172c845e19e4becd3b7a32acc5d06b47c2423619aa83f288dfbf41c7af547347626b676ba7194c8a1c757ee4f45808d33b83296c4fe693ddf0411274f2c4d1d9d0d4c6faf247ae48fca227eac8ac9d42024820a76aa175a1f08f5a1ad4b669273ca5264e711f2bc428a13677be7f0a0ec675f16d057df5d3d58c4417c0545f28e3e46bd48cf4bb7c55f92904278f99b38c34004cfe3739907e0ff1a96c5025dfe0938f7eacb621b084d6014f7b0cdd9cf7489d910a03fbf522f3ee54234b890e70e6c66cb8c99c119e2fc21823cdab7f74d188d22b1d2e98b885c41550feafd3a23044e11a6fda3cc17677eadd6c90accc644e2fa22d97ad0d5b2a116e2d816faa6754b0c17ca07aef8ce2432ff4daaa3b7ffc5e44b8cfb2faf58e0a4be4924edc2253ebeebe0673786a68a8eaa0c7ad2fdc9564a134649ec3e1e4965948350183e0394d8d80a0db522c076cb44f67e5070ee45c477087f79d8771bb368ebace8ec18a401dcb46e3d68a63868e41553ed537ddb3b07b1333c3e83ce706bbb1889cd2d21aba622015c200e878aa9ec6ef1db26609e22ee8ec25215379eacfc71a13a5d41f4c51e93d00087d8af86a5cb371068e7dcfc4a0c542893e7f9a4e5cce9a58a14baaa5534120bcdcf86b5c581cf30a3ecf941a5b3cba8b88cbd182322330544b5afc54a1286003f0b3f9892f7083262d48b4825f9ae7d43d039effd1820baf71fcd961f0848f9cdea5394825e33576b793d585c32d24a7ebb1466be3e69bf272794f02ad38701708914f6ad68d73751144602575c22f48e84f913b12008691d35a8fc946aecc299ea520fa1d688470a72b6784d0816792fc70e5e7cf7f118b5cfe40f64dc371c034479ba1c68d00c4db34c410541693185202db0198b79a4c9384ccfd053fa932dd214f1f8efd1bc64f22015e402056d485db4d8c78a7b3d4ad68519067e59e5d1c1c167811c962345d4ec0b203d9bc6a23424151919968a7550f8cfb88c9767900ecfea44d13448bb5b6b9907928cd74d49d5cca853bf16eeebbc45f96b135d39fa05b7b45be6740a1399225e51f2851bd5d141f6900141294ca0ee642e460e923b8007c9cc8ca99308c00d56713787df101e0c25696d9fbe3605d71a7514cf6b00f8ef1eb68c824c49d966d9b65be443c598fef3e88bdb8663ba43a6247489723b5ac21d7ee64d4b17588277653f9f64b0cd2b269c7cfd93178a807ffb01e59d62c65c0920aef0dd991b710b938b90fda702c2de0a2bf64a0c9f2da93dc810bb13cb3a2aeb8943fa144b9319bd9119dd92669841112dd4503dcb2a229a24c5e413a1aa5717fa69830e4d8e987f57d0018429ad146908aec847b1a0795da542ff0b193a68066c1465b058aa02f5cb1a3600798b02cd9e616a67018e9a63b39a5fd8f3c13a992fe5778c0dabd3bcbd2894d7a70128559643b5fed9b7b62f52795dca5c770d2ea069280649eafab957daf68bdf65d3b27217be4db21541697d055765c5e38df599108cb877ab8ae51dcc5b29191b1252bbd037fc0e23785fb79af0825e2af6fc1aeeb011abe03c55a1b85aac2a57da3d38de6d19ae778ac05f0d89b7444f8a59f4e777d070e6b352467fa0b2c9849a72dfd518728946459395fb19119db02ab5417d0a900ff68acb315694b5267c5b3355a679a311e0fe067f2b0330a2086eca59384706b518323913548cf2711ea14830af39671eb16ad09c5a157a3e4615e47656611588b6e1e38e2a632cbb32c6e2aa364db28028fdfd88f8ec4bf2727ad38a03548a7ce5909fd1fbf713b0bb4bb5d779bbfda614292da18ee9563f281dbe79dc18a10af9f551f5f5ae81e07591a4b816ba21d502769121e7e8c575243707fa2d7229e6b9a7ce40ca4f2c316d374c0b87fb48fd70179e4357c760e0cd77f8c6c5e4d11e6d756ae5d270c2c455bbf73e443b50ff100e836334f3dbb3f32467e7cce62d2705e9c2473e1ea8c46ab9f8f9b21d7da78a5bc821b28098a1e73a27f42c1ff2d863fca077d8c1b2109198b691c8e0c5d4b51afe54a491ee7744fb4181a0bed12588453ea5e3dbd05cc8a5ebc7ec50d1873414341eb1b6534f7a3e50390d4954d92945f6609902183c1d5041dac062004331f3a9f44a3e2e67e51d4f25a54a984599e68e16668b53e33484a8a8da401fb59f80b465b50e99be07d2461f5a88098b3e9480fea21313045392266d4223c94184579b93f400c7bc497cfdb81dc612cbd7f742ab57e8625078f2d669659473b7811d5b68a0a243ee6b076632831409f4d12cd4c6d82e6e6209230d3c7cc4bd89d59cc8e4429dcc39d2835c61664a843bfac9665e59bfd34087a5967ea51a9843696e67c79fa3e38c515f5308866b9529327079957cdb99b4b43af6f72c282e1650c3b33b675b20dd068eb3a441d98ca5110bbcb7ae50bb4652823320efba6c49af48a44b2e9b2020e62299d23fbdc0b83a875ab3bf637fd7eaed1e26517fd39a1ebcdaf17aab9fc867d291bee55171f7cdfc2500880064abc21973f69f495b79439f65b91a962d5c52fedee1efe0f637e8d99309f2a880b8604f02f559c1a7bbf60e31da131c52591a37087cce57ab7f2367e6c6f621bbf9822b273305cf473bc8d47f3a98a3dad5cb4c7cd9bdef11594821ef5660b353fe3a21dee0ee80ba1d1dffce63b02f6e9780c79dea541dceb77e2691bd92c47e42ca763b721b871f87b28b", 0x1000, 0x6}], 0x4000, &(0x7f0000001480)=ANY=[@ANYBLOB="262c2f6465762f7573626d6f6e23002c5b2c2f6465762f7573626d6f6e23002c2f6465762f7573626d6f6e23002c2f6465762f7573626d6f6e23002c262c2e2c7569643cbf34b3b32cbb31611d63d99eaa252712cc51ca917777a8a6049b14b4706ee4be81444994eaf2f6013dc6cb31c1682b4b1cf745bf45f8fbf7b088103fae9bd100ec6fcadc2b5970a95bcd5c30042589a117d151cc7e9e14e02157ebe6c6ec870e5973f4561adda4b1d9fd86a565fa715ad180403869f70cf9b19dfd7177c333c129a634df0d1d5f520e19ba86bd5981c7bec82e59392e52f77ef4374236a870aeea4e", @ANYRESDEC=r0, @ANYBLOB=',fscontext=unconfined_u,dont_appraise,uid>', @ANYRESDEC=0xee00, @ANYBLOB=',\x00']) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000001440)={&(0x7f0000001380), &(0x7f00000013c0)=""/75, 0x4b}) 18:20:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270", 0x12}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:20:47 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:20:47 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) r1 = semget$private(0x0, 0x2, 0x200) semctl$GETPID(r1, 0x1, 0xb, &(0x7f0000000140)=""/236) semtimedop(r0, &(0x7f0000000000)=[{0x1, 0x3}, {0x4, 0x1000, 0x1000}, {0x4, 0x2}], 0x3, &(0x7f0000000040)) 18:20:47 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:20:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 870.095780] loop5: detected capacity change from 0 to 264192 [ 870.106790] FAT-fs (loop5): invalid media value (0x00) [ 870.107398] FAT-fs (loop5): Can't find a valid FAT filesystem [ 870.109846] loop4: detected capacity change from 0 to 264192 [ 870.148207] loop6: detected capacity change from 0 to 8 [ 870.175897] nfs4: Unknown parameter '&' 18:20:47 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) [ 870.210805] loop6: detected capacity change from 0 to 8 [ 870.230576] nfs4: Unknown parameter '&' 18:21:03 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000280)={&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000300)=""/109, 0x6d}) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r3, 0x0, 0x0) keyctl$join(0x1, 0x0) keyctl$join(0x12, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) lseek(r2, 0xdafa, 0x3) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in=@multicast1}, {@in6=@empty, 0x0, 0x3c}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x4c, 0x12, {{'morus640\x00'}}}]}, 0x13c}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, @in_args={0x1}}, './file0\x00'}) ioctl$SG_GET_TIMEOUT(r5, 0x2202, 0x0) setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000180)='wg2\x00', 0x4) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000140), 0x7, 0x0) ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000000), &(0x7f0000000040)=""/117, 0x75}) 18:21:03 executing program 3: ptrace$getsig(0x4202, 0x0, 0x80000000, &(0x7f0000000140)) r0 = gettid() process_vm_readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) ptrace$setsig(0x4203, r0, 0x1, &(0x7f00000001c0)={0x10, 0x6, 0x2}) unshare(0x8000000) r1 = semget$private(0x0, 0x4000, 0x0) semtimedop(r1, &(0x7f0000000040), 0x0, &(0x7f0000000080)={0x77359400}) semget(0x0, 0x0, 0xc4) r2 = semget$private(0x0, 0x3, 0x40) semtimedop(r2, &(0x7f0000001280)=[{0x3, 0x5, 0x1800}, {0x3, 0xab, 0x6664dc207bef0fe8}, {0x0, 0x2, 0x1000}, {0x4, 0x6, 0x800}], 0x4, 0x0) r3 = gettid() process_vm_readv(r3, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000001380)='./file0\x00', 0xd0000, 0x80) perf_event_open(&(0x7f0000001300)={0x5, 0x80, 0x58, 0x8, 0x20, 0x6, 0x0, 0xfb, 0x102, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_bp={&(0x7f00000012c0), 0x8}, 0x20, 0x0, 0xf279, 0x8, 0x81, 0x60, 0x5, 0x0, 0x4, 0x0, 0xffff}, r3, 0x1, r4, 0x2) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000000)=[0x7f, 0x4b84, 0x2]) r5 = semget$private(0x0, 0x3, 0x10) semtimedop(r5, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r5, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETNCNT(r5, 0x3, 0xe, &(0x7f00000013c0)=""/255) 18:21:03 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:03 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:21:03 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x4a6a01) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000000)=[0x0], 0x1, 0x100}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270", 0x12}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:03 executing program 1: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) r5 = gettid() process_vm_readv(r5, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048810}, 0xc0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) [ 885.578239] loop5: detected capacity change from 0 to 264192 [ 885.578379] loop4: detected capacity change from 0 to 264192 [ 885.595882] FAT-fs (loop5): invalid media value (0x00) [ 885.597122] FAT-fs (loop5): Can't find a valid FAT filesystem 18:21:03 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:21:15 executing program 6: ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:21:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:21:15 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0xb, 0x193080) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r3, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:15 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:21:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270", 0x12}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:15 executing program 3: sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x5c, 0x14, 0x400, 0x70bd27, 0x25dfdbfd, {0x1f, 0x8}, [@INET_DIAG_REQ_BYTECODE={0xb, 0x1, "773924dd0045c2"}, @INET_DIAG_REQ_BYTECODE={0x3c, 0x1, "3dae4ad0b07b520ef8ab0b6f4c0ec4a92facfe7c40ecde2a1477d3e289fcc3e3c0ba40ef221c4a456ffc77a8df73bfc3d899ac6f489be2c3"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000084}, 0x8000) sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0xf, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000d0}, 0x4800) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10400}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xffffffff}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xceff}]}, 0x24}, 0x1, 0x0, 0x0, 0x8800}, 0x4000880) sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, 0x1, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x8000001) [ 898.068465] loop5: detected capacity change from 0 to 264192 18:21:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 898.088715] FAT-fs (loop5): invalid media value (0x00) [ 898.089968] FAT-fs (loop5): Can't find a valid FAT filesystem 18:21:15 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) [ 898.100851] loop4: detected capacity change from 0 to 264192 18:21:15 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000000140)={{0x0, 0x4, 0x5, 0xffffffffffffffe0, 0x8, 0x0, 0xd4, 0x0, 0x9, 0x7fffffff, 0x7ff, 0x9c40, 0x1, 0x1, 0xffff}}) r2 = signalfd(r0, &(0x7f0000000000)={[0x800]}, 0x8) ioctl$FIBMAP(r2, 0x1, &(0x7f0000000040)=0x9) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:15 executing program 3: ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0x5, 0xfffffff7, 0x8, 0x0, 0x2d, "5e081a33464d54862581c55dc5b29910ea4364", 0x2, 0x4}) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r3, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:15 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffab}) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) 18:21:16 executing program 7: ptrace$getsig(0x4202, 0x0, 0x80000000, &(0x7f0000000140)) r0 = gettid() process_vm_readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) ptrace$setsig(0x4203, r0, 0x1, &(0x7f00000001c0)={0x10, 0x6, 0x2}) unshare(0x8000000) r1 = semget$private(0x0, 0x4000, 0x0) semtimedop(r1, &(0x7f0000000040), 0x0, &(0x7f0000000080)={0x77359400}) semget(0x0, 0x0, 0xc4) r2 = semget$private(0x0, 0x3, 0x40) semtimedop(r2, &(0x7f0000001280)=[{0x3, 0x5, 0x1800}, {0x3, 0xab, 0x6664dc207bef0fe8}, {0x0, 0x2, 0x1000}, {0x4, 0x6, 0x800}], 0x4, 0x0) r3 = gettid() process_vm_readv(r3, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000001380)='./file0\x00', 0xd0000, 0x80) perf_event_open(&(0x7f0000001300)={0x5, 0x80, 0x58, 0x8, 0x20, 0x6, 0x0, 0xfb, 0x102, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_bp={&(0x7f00000012c0), 0x8}, 0x20, 0x0, 0xf279, 0x8, 0x81, 0x60, 0x5, 0x0, 0x4, 0x0, 0xffff}, r3, 0x1, r4, 0x2) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000000)=[0x7f, 0x4b84, 0x2]) r5 = semget$private(0x0, 0x3, 0x10) semtimedop(r5, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r5, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETNCNT(r5, 0x3, 0xe, &(0x7f00000013c0)=""/255) 18:21:16 executing program 1: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) r5 = gettid() process_vm_readv(r5, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048810}, 0xc0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:16 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}, [@XFRMA_IF_ID={0x8}]}, 0xc0}}, 0x0) 18:21:16 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:21:16 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget(0x2, 0x3, 0x108) semtimedop(r0, &(0x7f0000000000)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:16 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) 18:21:16 executing program 6: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) futimesat(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)={{0x77359400}}) waitid$P_PIDFD(0x3, r0, &(0x7f0000000000), 0x40000000, &(0x7f0000000140)) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:21:16 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000140)={0x0, 0x6}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x9, 0x200000) syz_open_dev$tty20(0xc, 0x4, 0x1) getdents(r2, &(0x7f0000000000)=""/78, 0x4e) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) r3 = gettid() process_vm_readv(r3, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r5 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) kcmp(r3, 0x0, 0x5, r4, r5) 18:21:29 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) mmap$usbmon(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000008, 0x810, r0, 0x7fffffff) 18:21:29 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:29 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270", 0x12}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:29 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:29 executing program 6: arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xffffffffffff3597) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:21:29 executing program 3: unshare(0x8000000) unshare(0x10000100) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:29 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget(0x2, 0x3, 0x108) semtimedop(r0, &(0x7f0000000000)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000", 0x15}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 912.108189] loop5: detected capacity change from 0 to 264192 [ 912.109078] loop7: detected capacity change from 0 to 264192 [ 912.114340] loop4: detected capacity change from 0 to 264192 [ 912.126121] FAT-fs (loop5): invalid media value (0x00) [ 912.127283] FAT-fs (loop5): Can't find a valid FAT filesystem [ 912.130705] FAT-fs (loop7): invalid media value (0x00) [ 912.131891] FAT-fs (loop7): Can't find a valid FAT filesystem 18:21:29 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) mmap$usbmon(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000001, 0x110, r0, 0x5) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:21:29 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000000)={0x0, 0xc8}) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x81) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0, 0xe5d, 0x1, 0x3}) ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f00000000c0)) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r2, 0x9205) 18:21:30 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:30 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) 18:21:43 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x8, 0x0) syz_open_dev$usbmon(&(0x7f0000000000), 0x3, 0x2200) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) mmap$usbmon(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000006, 0x100010, r0, 0x76) 18:21:43 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) preadv(r0, &(0x7f0000000540)=[{&(0x7f00000000c0)=""/16, 0x10}, {&(0x7f0000000140)=""/225, 0xe1}, {&(0x7f0000000240)=""/197, 0xc5}, {&(0x7f0000000340)=""/233, 0xe9}, {&(0x7f0000000440)=""/230, 0xe6}, {&(0x7f0000000040)=""/80, 0x50}], 0x6, 0x49, 0xf1) 18:21:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:43 executing program 7: unshare(0x8000000) unshare(0x10000100) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:43 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000", 0x15}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:43 executing program 3: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYBLOB="01000600000000000004b118fde7a89b2ee4fc7c5be9710a927188a473774dd316eb582ea9d2aa104dda547661c75228613e", @ANYRES32=0xffffffffffffffff, @ANYBLOB="04000000000000002e2f66696c653000"]) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x3, 0x1, 0x203, 0x0, 0x0, {0x3, 0x0, 0x3}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}]}, 0x1c}}, 0x433a4dcc2bf7c5c2) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) [ 926.004983] loop5: detected capacity change from 0 to 264192 [ 926.024245] loop4: detected capacity change from 0 to 264192 [ 926.033739] FAT-fs (loop5): invalid media value (0x00) [ 926.035077] FAT-fs (loop5): Can't find a valid FAT filesystem 18:21:43 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) unshare(0x40000) 18:21:43 executing program 6: fgetxattr(0xffffffffffffffff, &(0x7f0000000000)=@known='system.posix_acl_default\x00', &(0x7f0000000140)=""/4096, 0x1000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) fcntl$notify(r2, 0x402, 0x80000019) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f00000000c0)={0x0, 0x0}) 18:21:44 executing program 7: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYBLOB="01000600000000000004b118fde7a89b2ee4fc7c5be9710a927188a473774dd316eb582ea9d2aa104dda547661c75228613e", @ANYRES32=0xffffffffffffffff, @ANYBLOB="04000000000000002e2f66696c653000"]) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x3, 0x1, 0x203, 0x0, 0x0, {0x3, 0x0, 0x3}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}]}, 0x1c}}, 0x433a4dcc2bf7c5c2) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:44 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x82a42a860a2ea81e) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x6, 0x1) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r2, 0x9205) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r3, &(0x7f0000000440)=""/57, 0x39) r4 = syz_mount_image$ext4(&(0x7f0000000180)='ext3\x00', &(0x7f0000000240)='./file0\x00', 0x7fffffff, 0x2, &(0x7f0000000280)=[{&(0x7f0000000200)="3657db", 0x3, 0x3}, {&(0x7f00000001c0)="443926ad6c06a7aa805fedb5d58667d89b5dc7078c69ec98747a6d5154b2e63571b27ccd0ae1bf29e082ea2771308ddfa2db031b2ebce0253883156f551769", 0x3f, 0x9}], 0x810000, &(0x7f0000000480)={[{@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@i_version}, {@nobarrier}], [{@pcr={'pcr', 0x3d, 0x3b}}, {@euid_gt={'euid>', 0xee00}}, {@appraise_type}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'i_version'}}, {@euid_lt}]}) mount(&(0x7f00000002c0)=@md0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='proc\x00', 0x2200000, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f0000000380)={{0x1, 0x1, 0x18, r4, @out_args}, './file0\x00'}) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x4}) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r5, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$EVIOCSREP(r5, 0x40084503, &(0x7f0000000400)=[0x8, 0x9f]) pipe(&(0x7f00000003c0)) 18:21:44 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semctl$IPC_RMID(r0, 0x0, 0x0) unshare(0x20000) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:44 executing program 7: unshare(0x8000000) unshare(0x42040000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:44 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x80, 0xde, 0x81, 0x4, 0x1, 0x0, 0x4, 0x36140, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000000), 0xd}, 0x0, 0xb2aa, 0xfffffff8, 0x0, 0x4, 0x80, 0x401, 0x0, 0x1, 0x0, 0x1}, r1, 0x2, r1, 0x8) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x20010, r0, 0x8) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) dup2(r1, r2) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:44 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0xec, 0x420400) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000000)) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) 18:21:44 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) 18:21:44 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x9, 0x5}}, './file0\x00'}) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000002, 0x2010, r1, 0x2) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:56 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:21:56 executing program 2: fgetxattr(0xffffffffffffffff, &(0x7f0000000000)=@known='system.posix_acl_default\x00', &(0x7f0000000140)=""/4096, 0x1000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) fcntl$notify(r2, 0x402, 0x80000019) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f00000000c0)={0x0, 0x0}) 18:21:56 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000", 0x15}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:56 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x80, 0xde, 0x81, 0x4, 0x1, 0x0, 0x4, 0x36140, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000000), 0xd}, 0x0, 0xb2aa, 0xfffffff8, 0x0, 0x4, 0x80, 0x401, 0x0, 0x1, 0x0, 0x1}, r1, 0x2, r1, 0x8) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x20010, r0, 0x8) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) dup2(r1, r2) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:56 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) mmap$usbmon(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x10, r1, 0x1) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:21:56 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) unshare(0x68001200) unshare(0x200) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x3, 0x9}], 0x2, 0x0) 18:21:56 executing program 6: sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="b0000000", @ANYRES16=0x0, @ANYBLOB="000127bd7000fddbdf25080000001400060064756d6d793000000000000000000000050001000100000008000400ffffffff05000100010000002900070073797374656d5f753a6f626a6563745f723a7573626d6f6e5f6465766963655f743a733000000000050001000100000014000200fe8800000000000000000000000001010500010001000000"], 0x90}, 0x1, 0x0, 0x0, 0x4000}, 0x800) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc40) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x240, 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000300)={&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000280)=""/86, 0x56}) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000000)={0x0, 0x1, 0x11}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:21:56 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:56 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) io_uring_setup(0x6224, &(0x7f0000000040)={0x0, 0xaaad, 0x10, 0x4, 0x816b}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x204000, 0x0) [ 939.225295] loop4: detected capacity change from 0 to 264192 [ 939.235456] loop5: detected capacity change from 0 to 264192 [ 939.246927] FAT-fs (loop5): invalid media value (0x00) [ 939.248052] FAT-fs (loop5): Can't find a valid FAT filesystem 18:21:57 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3, 0x0, 0x1000}, {0x0, 0x9}], 0x2, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) semtimedop(r0, &(0x7f0000000000)=[{0x2, 0x9, 0x400}], 0x1, &(0x7f0000000080)={r1, r2+60000000}) 18:21:57 executing program 2: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = semget(0x0, 0x1, 0x411) semctl$IPC_RMID(r1, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) chroot(0x0) clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='exofs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='./file0\x00') semctl$GETVAL(r0, 0x1, 0xc, &(0x7f0000000000)=""/49) r2 = semget(0x2, 0x3, 0x2a) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000040)=[0x5, 0x20, 0x5, 0x7ff, 0x6]) r3 = semget(0x3, 0x0, 0x200) semtimedop(r3, &(0x7f0000000080)=[{0x2, 0x4, 0x800}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}) semget(0x3, 0x0, 0x0) 18:21:57 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x210001) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:21:57 executing program 7: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000200)={'wpan1\x00', 0x0}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r4) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x4a6547f258f0e423, 0x0, 0x0, {0x22}}, 0x14}}, 0x0) sendmsg$IEEE802154_LLSEC_LIST_KEY(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x200, 0x70bd29, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x4000) r6 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r6, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:21:57 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = socket$packet(0x11, 0x3, 0x300) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f0000001180)={{}, r3, 0x0, @inherit={0x98, &(0x7f0000000000)={0x1, 0xa, 0xfff, 0x4, {0x18, 0x1, 0x3, 0x7, 0x441}, [0x3, 0x8, 0x10000, 0x4b4, 0x6d9, 0x6, 0x0, 0x3e56, 0x1000, 0xe99]}}, @devid}) ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000000140)={{r0}, r3, 0x18, @unused=[0x2f72, 0x9, 0x5, 0x7], @devid}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000002180)) 18:21:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:21:57 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 939.449414] loop4: detected capacity change from 0 to 264192 [ 939.579741] loop7: detected capacity change from 0 to 264192 18:22:14 executing program 0: arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x8000) r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x3, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:22:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:14 executing program 3: ioctl$SCSI_IOCTL_PROBE_HOST(0xffffffffffffffff, 0x5385, &(0x7f0000000140)={0x1000, ""/4096}) unshare(0x50050880) unshare(0x20000) semget$private(0x0, 0x3, 0x102) unshare(0x42000180) r0 = semget$private(0x0, 0x4, 0x100) semtimedop(r0, &(0x7f0000001180)=[{0xdf6daa3c33d7aba7, 0x0, 0x1000}], 0x1, &(0x7f00000011c0)={0x0, 0x989680}) unshare(0x800) semtimedop(0x0, &(0x7f0000000100)=[{0x1}, {0x4, 0x2, 0x800}], 0x2, 0x0) unshare(0x20000) r1 = semget$private(0x0, 0x4, 0x28) semctl$GETNCNT(r1, 0x1, 0xe, &(0x7f0000000000)=""/215) unshare(0x10000000) 18:22:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:14 executing program 7: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r4}]}, 0xc0}}, 0x0) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r1, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}]}, 0x64}, 0x1, 0x0, 0x0, 0x28008881}, 0x48c1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) 18:22:14 executing program 6: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000200)={'wpan1\x00'}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="b4000000", @ANYRES16=0x0, @ANYBLOB="08002dbd7000ffdbdf251700000008000300", @ANYRES32=r1, @ANYBLOB="0c000600020000000100000008000300", @ANYRES32=0x0, @ANYBLOB="0c00060000000000000000000c00060003000000030000005400258005000200000000004800018024000380060001000000000006000100000000000800020002000000080002000000000005000200000000000b0003800c0004000203aaaaaaaaaaaa0800010001000000180025801400040019ffccdf2b51a0208d34ccf0541f36aa56b7837d3a073ce6"], 0xb4}, 0x1, 0x0, 0x0, 0x4000004}, 0x40001) r2 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:22:14 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:22:14 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) r1 = syz_open_dev$mouse(&(0x7f00000002c0), 0xecf, 0x4000) accept$inet(r1, &(0x7f0000000300)={0x2, 0x0, @empty}, &(0x7f0000000340)=0x10) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) [ 956.829458] loop5: detected capacity change from 0 to 264192 [ 956.863731] FAT-fs (loop5): bogus number of FAT sectors [ 956.865019] FAT-fs (loop5): Can't find a valid FAT filesystem [ 956.866635] loop4: detected capacity change from 0 to 264192 18:22:14 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0xfffffffffffffffc, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="7f454c463f200d0408000000000000000200060080000000b4010000000000004000000000000000d30200000000000009000000060038000100f9ff0500fdff00000070810000000700000000000000346c00000000000007000000000000000000000000000000050000000000000007000000000000009b749efe00898c21be769f2fd481024cfc4e7af72396318a522c276461b41ffe971e70f66e4fd1bf340d42fa5689c208038e40b868942e77d75fa495af13010146d4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000cd490000000000000000000000000000000000000900000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002833000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000004b1200"/956], 0x3ba) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) fstatfs(r1, &(0x7f00000008c0)=""/4096) openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r3, &(0x7f0000000440)=""/57, 0x39) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'ipvlan1\x00'}) ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$SNAPSHOT_SET_SWAP_AREA(r3, 0x400c330d, &(0x7f0000000200)={0xbf2e, 0x7fffffff}) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000140)={0x1, 0x80, 0x3, 0x0, 0x2, 0x95, 0x0, 0x3ff, 0x40000, 0xf, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0xde6, 0x1, @perf_config_ext={0x3f}, 0x7400, 0x7b, 0x0, 0x2, 0x6, 0x7ff, 0x3, 0x0, 0x9, 0x0, 0x1ff}) 18:22:14 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) r1 = syz_open_dev$mouse(&(0x7f00000002c0), 0xecf, 0x4000) accept$inet(r1, &(0x7f0000000300)={0x2, 0x0, @empty}, &(0x7f0000000340)=0x10) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:22:14 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="1800000000000000290000003700000000000000000000001000000000000000290000000b"], 0x30}}], 0x2, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:22:14 executing program 3: unshare(0x8000000) unshare(0x400) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x7}], 0x2, 0x0) 18:22:14 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x4, 0x10f003) pipe2(&(0x7f00000000c0), 0x84800) getsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000000040), &(0x7f0000000080)=0x4) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000008, 0x12, r1, 0x2) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:22:14 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) r1 = syz_open_dev$mouse(&(0x7f00000002c0), 0xecf, 0x4000) accept$inet(r1, &(0x7f0000000300)={0x2, 0x0, @empty}, &(0x7f0000000340)=0x10) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:22:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:14 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 1) [ 957.291652] loop4: detected capacity change from 0 to 264192 [ 957.334756] FAULT_INJECTION: forcing a failure. [ 957.334756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 957.337616] CPU: 1 PID: 6672 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 957.339392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 957.341844] Call Trace: [ 957.342397] [ 957.342878] dump_stack_lvl+0x8b/0xb3 [ 957.343734] should_fail.cold+0x5/0xa [ 957.344574] _copy_from_user+0x2a/0x170 [ 957.345460] __copy_msghdr_from_user+0x91/0x4b0 [ 957.346493] ? __ia32_sys_shutdown+0x70/0x70 [ 957.347461] ? __lock_acquire+0xbac/0x6120 [ 957.348402] sendmsg_copy_msghdr+0xa1/0x160 [ 957.349349] ? __ia32_sys_recvmmsg+0x260/0x260 [ 957.350356] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 957.351499] ? lock_release+0x3b2/0x750 [ 957.352378] ___sys_sendmsg+0xc6/0x170 [ 957.353228] ? sendmsg_copy_msghdr+0x160/0x160 [ 957.354231] ? lock_release+0x3b2/0x750 [ 957.355119] ? __fget_files+0x265/0x470 [ 957.356021] ? lock_downgrade+0x6d0/0x6d0 [ 957.356938] ? lock_release+0x3b2/0x750 [ 957.357841] ? ksys_write+0x20c/0x250 [ 957.358686] ? lock_downgrade+0x6d0/0x6d0 [ 957.359613] ? __fget_files+0x287/0x470 [ 957.360514] ? __fget_light+0xea/0x270 [ 957.361381] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 957.362636] __sys_sendmsg+0xe5/0x1b0 [ 957.363509] ? __sys_sendmsg_sock+0x30/0x30 [ 957.364468] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 957.365704] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 957.366950] ? fput+0x2a/0x50 [ 957.367670] ? syscall_enter_from_user_mode+0x1d/0x50 [ 957.368809] do_syscall_64+0x3b/0x90 [ 957.369639] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 957.370799] RIP: 0033:0x7f8aa55cdb19 [ 957.371620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 957.375630] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 957.377292] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 957.378848] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 957.380383] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 957.381930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 957.383464] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 957.385026] 18:22:27 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) [ 970.209525] loop4: detected capacity change from 0 to 264192 18:22:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:27 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x10000001000001, 0x4000) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:22:27 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) syz_open_dev$usbmon(&(0x7f0000000000), 0x2, 0x40902) 18:22:27 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) r1 = syz_open_dev$mouse(&(0x7f00000002c0), 0xecf, 0x4000) accept$inet(r1, &(0x7f0000000300)={0x2, 0x0, @empty}, &(0x7f0000000340)=0x10) 18:22:27 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:27 executing program 3: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) r4 = semget$private(0x0, 0x4, 0x14) semctl$IPC_RMID(r4, 0x0, 0x0) [ 970.231271] loop5: detected capacity change from 0 to 264192 18:22:27 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 2) 18:22:28 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) syz_open_dev$mouse(&(0x7f00000002c0), 0xecf, 0x4000) [ 970.270640] FAT-fs (loop5): bogus number of FAT sectors [ 970.271888] FAT-fs (loop5): Can't find a valid FAT filesystem 18:22:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 970.283871] FAULT_INJECTION: forcing a failure. [ 970.283871] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 970.286499] CPU: 0 PID: 6694 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 970.288310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 970.290835] Call Trace: [ 970.291398] [ 970.291864] dump_stack_lvl+0x8b/0xb3 [ 970.292734] should_fail.cold+0x5/0xa [ 970.293570] _copy_from_user+0x2a/0x170 [ 970.294472] iovec_from_user+0x236/0x3c0 [ 970.295372] ? _copy_from_user+0xf2/0x170 [ 970.296300] __import_iovec+0x64/0x5c0 [ 970.297158] import_iovec+0x83/0xb0 [ 970.297977] sendmsg_copy_msghdr+0x12d/0x160 [ 970.298937] ? __ia32_sys_recvmmsg+0x260/0x260 [ 970.299938] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 970.301077] ? lock_release+0x3b2/0x750 [ 970.301969] ___sys_sendmsg+0xc6/0x170 [ 970.302836] ? sendmsg_copy_msghdr+0x160/0x160 [ 970.303850] ? lock_release+0x3b2/0x750 [ 970.304731] ? __fget_files+0x265/0x470 [ 970.305607] ? lock_downgrade+0x6d0/0x6d0 [ 970.306536] ? lock_release+0x3b2/0x750 [ 970.307364] ? ksys_write+0x20c/0x250 [ 970.308154] ? lock_downgrade+0x6d0/0x6d0 [ 970.309058] ? __fget_files+0x287/0x470 [ 970.309929] ? __fget_light+0xea/0x270 [ 970.310766] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 970.311935] __sys_sendmsg+0xe5/0x1b0 [ 970.312851] ? __sys_sendmsg_sock+0x30/0x30 [ 970.314060] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 970.315572] ? fput+0x2a/0x50 [ 970.316444] ? syscall_enter_from_user_mode+0x1d/0x50 [ 970.317828] do_syscall_64+0x3b/0x90 [ 970.318695] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 970.319787] RIP: 0033:0x7f8aa55cdb19 18:22:28 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r3, &(0x7f0000000440)=""/57, 0x39) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x100) syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x18, 0x0, 0x4a, 0x0, r4}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r7}, 0x0) syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r10}, 0x0) syz_io_uring_submit(0x0, r9, &(0x7f0000000180)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x4007, @fd_index=0x2, 0x1f9, 0x0, 0x0, 0x10, 0x1}, 0x5) r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r11, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r9, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x5, 0x0, r11, 0x0, r0, 0x2, 0x0, 0x0, {0x0, r12}}, 0xfffffffc) futimesat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)={{0x0, 0x2710}, {r1, r2/1000+60000}}) fchownat(r11, &(0x7f0000000200)='./file0\x00', 0xee01, 0xee00, 0x0) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) [ 970.320568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 970.324129] loop4: detected capacity change from 0 to 264192 [ 970.324486] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 970.326747] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 970.328211] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 970.329686] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 970.331147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 970.332614] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 970.334113] 18:22:28 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 970.459342] loop4: detected capacity change from 0 to 264192 18:22:45 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:45 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) unshare(0x20000000) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:22:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:45 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x2bda2) 18:22:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:45 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:22:45 executing program 0: setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000140)={0x88, 0x202, '\x00', [@ra={0x5, 0x2, 0x4}, @pad1, @calipso={0x7, 0x8, {0x2, 0x0, 0x3f, 0xacd5}}, @generic={0xf8, 0x1000, "ebaa569b37d05055037c94b7ed084f0b8dcf9a9f67d7a28cc2095993f55a25e7c9b92d5ae6cb627ea0f5b9b89e3a5d71958ebc5d586359d224921b1bdf1e078625f60884e72497f79675b2baa8fd5f22a85e4115778d12972141da4612db45da0f3189c28b111eb709d67b6ebdcac9695ca943834f2900e47f00e595e9b2f380450fc9be5dd8351805bba070aebd87e34a37d0ff5f72683c60185c4e3208e6739017449a4970f2fc12d7d123f3f93914e50a50faf2270d50f5ffb54a0946fb4faa2b92fc404ef6a7bf42e816b4f835ddf84bea9b46edf8108146b14411bf07d90f6ec89494c062f6d0afc1c82100fd2ef65e741cec654e0e4a32ec8fd06e90113e775d9af7e0349aac5bbdf0763bad54ecad54fb8885453f40cfb1bd5cecdf824c13107161ead7b8a8b89fadc5c0bc9086fe0b101ca859c8c13c8835eda72fc255008063e57291dd3fc8eee4867ded3386e63ff04d84d833448b853aa961f14f9bd991056c80e0c8c0c6ea76710709acfbed1e0b87326b796eb4f5880decd756aebc94dd5c8e1915425884a5b6c0e50dd6158df441776b330a9046e9c6b64691a7712be691b1120c60f25edbaf028d3cea72369154a747d552215abb1cbe7da19c8a98637bea8b87efdb6d7aa490bb8fe139cc2d09fa827ed032b50d4f6947728a8cf49bd4a7323a29af5dc9c9f02d59fd3c71f178959e2c426e0cda28ab79207a482dbf1456739e2f118937f12d8af09517479d40d7d6b0ebde6f568eb203d490485881088076a69f926fb0bced8a74c39a04a7903cf929bf3b5b4a35339514bc1dc3c93236db2ceee456191bf23d63eb22557cdce4d9198404f0cefcde6bd8dddc8176c09ddadcb0d8427242f86c7f1e3678f9dd0f0ca2d1195ae0d096efd365284804d7e9b00b6f286c93c36b5d6de56b1aed41b5603da75d7364c4bd460b04df9a7418d86e02a9bc4aefe626d8eef0e886a274a449344d3a3971b7f5dc9c6e7434c1a2735e50accd8f1885e628d94bdf0de78c7ccf0b87d570562d9811009fabf82a063f13873a71a364cbd74c92aa5b8b540e3de4935285fe8fd2b064bd7142d7ba626a91b004149100d362c05e2aca4220e722a6699de45c927eec7c351c271488ec377e96f3d4f4244ec390fb207ae49f6e0191f8ed51d68070c3c699e28b2e9968f232c9d981047c4a32618b72303aaf2f8045265eda742688ab037cdb49bd4c5c107f857542f56609aa33588532d80afc06dd1aab62969e5e227bb8932ea8dae3b4c8b55b71c71fa08d2676d1713965ad31b17248f75d593af22db36d65cf005fd293a0069641fae2b1f1cdf243cfe7f9f10cb28d2ef7f450d87574c781edf323546c09fb38b0aa79c0a2d88a8c7fbbf30dedcd05a1569d055d3dd795dfbc6a75a59111630c7a271613a6e7162ca039a171721d18815b691a1168f303d5411d06214a4485b161ae925fec4e30a7d32c62a940e4d25fcfaebf50035ce8c22dbd0b73a995440a5f0123397b5e6ee8551d826fb54fc8a8e2438d96361a881516b946a13bbaa84b1a9f719d1dc4d6537da62e061f7538e55b2c28c452dcd3a0f04e05a21f7438e8126553129c989423e7fe2332c16a63e49983190c7ec3a0deb3e08b73ac7dac1a12528ce9963e5297d63816dcdd87f0b6bbfd5236a2e293953a6b9c885da0569e10794b785619d6c3e2abe438ec18a4f6643ed84d8aceaa74ba9085d4cebd8bd0a13aedbc5794aa407bca0230f73e235518814068940700d39157a5a4195cf671341a0863ca2243b0ccfe1fd6e3386fd6703ee45c1faac7b0a1b91210731cda63704190f20058db8a77b5c14f56987fbe2218a36ffc5bc36569769fc0faecb262775594e7294e3bf6a9b939da7e316ab5618d9934391b0a67135b5c95f7f0c16b0dad1bd929e075136a25f72a358d40a6daed4fd65a8e06ae0ee011c0b72489cae52f8ee8227ca616c1d871ac0bbc59947b9051d047b8c0a9abd435a2c8b43e5709e747a9089f3e857d22e11d6b9ace839b8216528378ca81303e2b49a6b608f433062fb4c11413ce456aece1afbc7bcac599254ff4316293103ebc63bd615a995d6de80ba51000827eb69663ef791f216e005c6875eac3521a5e7fcae552afea74b90f66de657939393f885616615354cb6f0d3616388813b02cd1b276e9cfb1d153f0d52a11ee96989aab1fc3004ad157c0190566c8dac97e9b0a2e5851d130689cd9454787e842205d838c8eff8d08ff7cb2d2bfbf2ef8601e5fcbece13de5dc77a0401c5047aaa1b5cdcfb30f711cd527bf83cd2db6b7307046426fba3ea1546d4c3c258b36dada708951a489835978a47f92450b3fd3d4cd4b1a4250c7b9959ecacd2eb6a116c72e43ebf1915c209b967e7ec490b4543ec4c41cd813e5e9230d1f34165acc48285e454bbedf9c64215bca829095b5041d4b0c0b56e7a48d2f19acc2e789554a9233717dce2146f31d767a67cf46efb4620a2943e09c943274fae9f2a7c782998b303b5c52d6086be7c7efb14972fab4a5d5c8e6f76c0064cd17e7634fecfb6abe9564bdca1bdf33efa9a07aa4d485a8271e6f79dc4ed0ec0b447d71991108559481cb016d7ba7eab2a8046e4d485b799ac5019de98471c22308df7df5036ffbf780f542045bb8ae24c1d4bfebe300e963b3c640eb8d72e15e661abfdca9b82e6cf2bf9ddaef7861baf7dc4998e8f09f507a31843d56ebfbaf0d8ca9e18101e88d0da7c94bad0628462fd204e8381eb57124c43bdbb2fd6aceb66fa75e3aa41e7935eff9aa18b9c0d673e37ac31c08db283a1ffc6f47a98293af44edff36ab77dc8ef718c8b07c1f1e81e9f37ba832001ec7d53a310d794fdb642082070dcb6cd6442794ddaf1f30b48b4d6d6b7249b2d7b679e2135aca3c72177bb1c65d413f1e92b677a27237c6fdf366dc95b2800ba97bf8221f25b53da1d8b5468ba556045ebd815ef3fc6f3fec68acf25b5c6423b4134cb1541c661ca3c10fe3d3c78294b8231c17ff3cd83d31303ef6b57d162027c8336b2cd30c89011497fed0d97a99840ed38941365ec9a2786b8187b77336c9772018eeac1fe1fd943d23d0802b11fcd406bf84cb5feb7861df4c690f7a6207ecd994ab8992e3a0e670ee5430e3bf6b3ff3774a4cced3918d3a3dd415f1d58ec0775fb3e9b90e2d23b00805f9f7e24bb28bc386f2a12227134289f83f0a804428a83969906911bee84f18aa1cbef92f62b3c7cc8e2d15e659e2e513bb620a319b61ffa7c398423dd4bf63c738ba72111c0238c1afbfeb973d9a0b477c615e8a2b9d0d5e470067dfaab54e65ebfd123f1af8c7436519d2b41c40848d7a59b90e870062fa872ee43ad65a54baddf6ef53f0709e875d884ee393725856ce7b276980091484ffa1a65418948ee2b0e7d5b58c85fe870c07fc33a28f3cd25581a1b7f388b0d812226a0e1fe90592900d07b795788d949696d28902028b6b2bf9c5d6fe71f044f68e83f358ded450d80a71e2fc2fddef6338b6a474a65bd2551947733180df04bd2e2d39ac4c16e68d435ec74e5d524e2c4b7406096c48f0f698475c7c37c91a71ed5030b4bd230afa27988decf2f4e66fb8b04191ec3851c8d2301df39d8e79c9f8fccb5501411fb7dadc4020940b1861836fb5214e8280cf13e3ac301971806b32539bdb2a9a42f3f33eec814465bdda671fe8c99d30f697eb1bda15542ad4bcb5f537d49e479159e630fe361cdd1119b8e26f8843c6c60390cda6cdd283f95199fb665e4539b6970d9ab920f8ac87bcc59f9abaf42a4062bc9050aeaea4233c49a9d4e8e91ae12959e05e39517bac48520fd2bb124562f6b3c11b0346cdaafab23a9399e6d652edbfb2e8f316702c1d33bfb3314e935266f8313915685bb0fbed39cb3c7276344cee9d5646bbc2166287d1a5a52dd3ce59c30cd5e8664cff6e0d4909432d3dc81b07951c633cbb95795c65b20f002632845c2f8466809d7d79525897b180406934883d6f116ae7db489d8a890693d656108d699cb87f48f5d26fb1936529547c77b25f9538f49f63218d5966dd6423d94d73376694bbadf527ec260838e1484db5911b7e8ddc20b902d19b4f19b9b103f36318cb5f36c4a1aa5cf6b72feb0bfe8076a2eaa8069433b83d3038006a8cb517f598c6572d56f48823a54950095a153e74fbab4975f20a3d0efdc5156c76953ae268685e9b4c03da2c8de52d0fcc2258e507b18ba2cd2a334995ce06f23ca4cd152933f2089a70cdc387d848c030443a3caebdbf14ef67b8f820dc5b7845ccb6eda690def793d439cd95f08eabbf64db617ba14e75fbe39540974b0bce9969c1e1de938d5380b223fc50bd90e450ff3df63f2bb4446f01b630f7cd3d0d5296827bfb6ff0f06fa50a75d636d51d7963996f55b8fa0acd75404675bb00ad1a4a14bf0fdccc010e115172bd0d24006f1d01e501235889a11caed82eb7f47032111fe6ae0e1b1b55eab2fe9df1505bd869ded0a338606b4e25241a121706b16cdb126322d2031986ff650bd90c639aad80a856e21a0abdea315ca70c6ee780fff101594f1000744aafc03246d2645dfecf7c6be09e843cad66bbbd9c1529f3d5d0b3268bd5840e9b1fc32eaff4133fa8d4b168cf492b9f8f57356d5e42cd73019300cb8d5c6c64382bb162cc09c576596e26964cdfe259a3dc27489f5003d30eb5179c7c7ee81b1ff695d0d43132e120862874cad1a9fe809de5e3b0820c2437b7f86f3055930ff56beff0fb333fb4429e8420d1422ab206d22cdb1a7c63a9ebd327a6453d1f470a3c838a4fb9e83d763652aadb73188897886eb724cd0e4a33f47a306968a3f6071b6e076fdf3735da67995d56bf7903f79e873c87a48527b2e9f7486c5bb7a9612095d6ad78405a2de38e71f95ac7a37da88dbf72b6718774faf3dfbc76d5b7b3111e82af45502fceb5821cd7dcec202d4c815c815f8b1660f232943640d448de58c2b174cb0135f25646551133db1842545cf467af5fa0f5c0ca4a2e26768293177bdab6ae4b27893f08fc76d6d25e6e753aaf27e2763c0b94508efeaa7b2f5c7e08b52ecc5fcff6679b1e4e0721b546523f2b9edb236f85ee9c52a8bcda446e4e616dbbf9423d6971f4a62def698377ad6310cc57ac8480f88c2bb1af39be86409fc1cca827230dc634a24893b21a2a9f7d1bd55b8882a63817303d69c7993bba85be75b5b25f4970eaba5b1dac13f7bd4b66d4aded89cb5ce295cc46b0e8a801135e735dc1fe8a4c594c006766851ea1660a91ad255ba542a29d4dc65cd5b4cf1a4acc96b7e0a475dff50315ff77d361e94c39a4b68240ee9b312bf3f8420be04a1f4ed2bb647f3fc2d6cc97ac226e0372d5c87b7c6d1005ba6828144d6117a7603501ca4a0c209d16ac6438e361b4f0bf87499d2f4b198b99570c764b1c0e2fa880818c3f750b87ff312c83e72995183ca4ca58c035a0a98e27f3d216bcd40981ee20b11bcc4337576b9bd45b699ba4bbc0b0896c43d06a3c81029953a1ae2910301992cd05f2a68fd80a9409dd9aae883e12cf7c36d82563b02130afd210c06f514c083da809cface202e6674737209e354081dae91742df1a0fef2da17fe7ad479914612f28507db4d8f7f8b7bad4dd2ddad607add2b1f39e891faf70c2a12bb6c47aeb9b91f7ec7e11664ef35d22863e18dbe1ead41fa5485da70b07924269592c70da90eada4bf1f1a4f6efe0921cd2c3d3f96d4e76872f3184400d4303d9204d09d6aa519e77b3c3efb8ca0aa567d2ec7252bf06147d"}]}, 0x1020) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0, 0x49}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) 18:22:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 3) [ 987.514868] FAULT_INJECTION: forcing a failure. [ 987.514868] name failslab, interval 1, probability 0, space 0, times 1 [ 987.515345] loop5: detected capacity change from 0 to 264192 [ 987.517151] CPU: 1 PID: 6726 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 987.517179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 987.517197] Call Trace: [ 987.517205] [ 987.519140] loop4: detected capacity change from 0 to 264192 [ 987.519993] dump_stack_lvl+0x8b/0xb3 [ 987.520033] should_fail.cold+0x5/0xa [ 987.520062] ? __alloc_skb+0x211/0x340 [ 987.526609] should_failslab+0x5/0x10 [ 987.527382] kmem_cache_alloc_node+0x55/0x490 [ 987.528295] __alloc_skb+0x211/0x340 [ 987.529046] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 987.530167] netlink_sendmsg+0x98d/0xe00 [ 987.531010] ? netlink_unicast+0x800/0x800 [ 987.531878] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 987.532648] FAT-fs (loop5): bogus number of FAT sectors [ 987.532988] ? netlink_unicast+0x800/0x800 [ 987.534129] FAT-fs (loop5): Can't find a valid FAT filesystem [ 987.534904] sock_sendmsg+0x150/0x190 [ 987.534944] ____sys_sendmsg+0x703/0x870 [ 987.537597] ? kernel_sendmsg+0x50/0x50 [ 987.538405] ? __ia32_sys_recvmmsg+0x260/0x260 [ 987.539336] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 987.540391] ? lock_release+0x3b2/0x750 [ 987.541197] ___sys_sendmsg+0xf3/0x170 [ 987.541978] ? sendmsg_copy_msghdr+0x160/0x160 [ 987.542905] ? lock_release+0x3b2/0x750 [ 987.543704] ? lock_downgrade+0x6d0/0x6d0 [ 987.544538] ? lock_release+0x3b2/0x750 [ 987.545344] ? ksys_write+0x20c/0x250 [ 987.546119] ? lock_downgrade+0x6d0/0x6d0 [ 987.546948] ? __fget_files+0x287/0x470 [ 987.547763] ? __fget_light+0xea/0x270 [ 987.548541] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 987.549647] __sys_sendmsg+0xe5/0x1b0 [ 987.550431] ? __sys_sendmsg_sock+0x30/0x30 [ 987.551297] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 987.552418] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.553464] do_syscall_64+0x3b/0x90 [ 987.554238] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.555281] RIP: 0033:0x7f8aa55cdb19 [ 987.556023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.559681] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 987.561198] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 987.562647] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 987.564070] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.565506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 987.566930] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 987.568371] 18:22:45 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:45 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x4) 18:22:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 4) 18:22:45 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005640)=[{{&(0x7f0000000140)=@abs, 0x6e, &(0x7f00000013c0)=[{&(0x7f00000001c0)=""/169, 0xa9}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001e40)=""/4096, 0x1000}, {&(0x7f0000000000)=""/13, 0xd}, {&(0x7f0000000080)=""/12, 0xc}, {&(0x7f0000001280)=""/55, 0x37}, {&(0x7f00000012c0)=""/118, 0x76}, {&(0x7f0000001340)=""/125, 0x7d}], 0x8, &(0x7f0000001440)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000001500), 0x6e, &(0x7f0000001800)=[{&(0x7f0000001580)=""/163, 0xa3}, {&(0x7f0000001640)=""/9, 0x9}, {&(0x7f0000001680)=""/110, 0x6e}, {&(0x7f0000001700)=""/148, 0x94}, {&(0x7f00000017c0)=""/53, 0x35}], 0x5, &(0x7f0000001880)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}, {{&(0x7f0000001900), 0x6e, &(0x7f0000001bc0)=[{&(0x7f0000001980)=""/227, 0xe3}, {&(0x7f0000001a80)=""/96, 0x60}, {&(0x7f0000002e40)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/98, 0x62}, {&(0x7f0000001b80)}], 0x5, &(0x7f0000001c40)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x138}}, {{&(0x7f0000001d80), 0x6e, &(0x7f0000004f40)=[{&(0x7f0000003e40)=""/249, 0xf9}, {&(0x7f0000003f40)=""/4096, 0x1000}], 0x2, &(0x7f0000004f80)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f0000005040)=""/140, 0x8c}, {&(0x7f0000005100)=""/66, 0x42}, {&(0x7f0000005180)=""/38, 0x26}, {&(0x7f00000051c0)=""/90, 0x5a}, {&(0x7f0000005240)=""/254, 0xfe}, {&(0x7f0000005340)=""/22, 0x16}], 0x6}}, {{&(0x7f0000005400)=@abs, 0x6e, &(0x7f0000005500)=[{&(0x7f0000005480)=""/42, 0x2a}, {&(0x7f00000054c0)=""/49, 0x31}], 0x2, &(0x7f0000005540)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{&(0x7f0000005580), 0x6e, &(0x7f0000005600)}}], 0x7, 0x10061, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000001b80)=0xffffffffeffffffc) dup2(r1, r0) fcntl$addseals(r0, 0x409, 0x1c) 18:22:45 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) unshare(0x44000000) unshare(0x0) semget$private(0x0, 0x4, 0x20f) r0 = semget(0x2, 0x0, 0x600) semctl$GETPID(r0, 0x3, 0xb, &(0x7f0000000000)=""/180) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9, 0x1800}], 0x2, 0x0) semget$private(0x0, 0x3, 0x240) unshare(0x80) unshare(0x40000800) unshare(0x10040080) 18:22:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 987.745945] FAULT_INJECTION: forcing a failure. [ 987.745945] name failslab, interval 1, probability 0, space 0, times 0 [ 987.748319] CPU: 0 PID: 6740 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 987.749940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 987.752162] Call Trace: [ 987.752670] [ 987.753107] dump_stack_lvl+0x8b/0xb3 [ 987.753873] should_fail.cold+0x5/0xa [ 987.754639] ? create_object.isra.0+0x3a/0xa20 [ 987.755543] should_failslab+0x5/0x10 [ 987.756295] kmem_cache_alloc+0x5b/0x480 [ 987.757119] create_object.isra.0+0x3a/0xa20 [ 987.757991] ? kasan_unpoison+0x23/0x50 [ 987.758799] kmem_cache_alloc_node+0x248/0x490 [ 987.759712] __alloc_skb+0x211/0x340 [ 987.760447] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 987.761538] netlink_sendmsg+0x98d/0xe00 [ 987.762370] ? netlink_unicast+0x800/0x800 [ 987.763217] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 987.764299] ? netlink_unicast+0x800/0x800 [ 987.765143] sock_sendmsg+0x150/0x190 [ 987.765902] ____sys_sendmsg+0x703/0x870 [ 987.766720] ? kernel_sendmsg+0x50/0x50 [ 987.767502] ? __ia32_sys_recvmmsg+0x260/0x260 [ 987.768400] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 987.769437] ? lock_release+0x3b2/0x750 [ 987.770262] ___sys_sendmsg+0xf3/0x170 [ 987.771034] ? sendmsg_copy_msghdr+0x160/0x160 [ 987.771945] ? lock_release+0x3b2/0x750 [ 987.772728] ? lock_downgrade+0x6d0/0x6d0 [ 987.773546] ? lock_release+0x3b2/0x750 [ 987.774341] ? ksys_write+0x20c/0x250 [ 987.775089] ? lock_downgrade+0x6d0/0x6d0 [ 987.775910] ? __fget_files+0x287/0x470 [ 987.776717] ? __fget_light+0xea/0x270 [ 987.777484] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 987.778600] __sys_sendmsg+0xe5/0x1b0 [ 987.779351] ? __sys_sendmsg_sock+0x30/0x30 [ 987.780203] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 987.781298] ? syscall_enter_from_user_mode+0x1d/0x50 [ 987.782321] do_syscall_64+0x3b/0x90 [ 987.783059] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.784078] RIP: 0033:0x7f8aa55cdb19 [ 987.784803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.788383] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 987.789933] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 987.791390] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 987.792778] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.794187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 987.795574] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 987.796987] [ 987.869790] loop4: detected capacity change from 0 to 264192 18:22:45 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:45 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) dup2(r0, r1) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) 18:22:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 988.138952] loop4: detected capacity change from 0 to 264192 18:22:57 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 5) 18:22:57 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:57 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:22:57 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000140)=""/198, 0xc6}) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000000)) 18:22:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1000.177070] loop5: detected capacity change from 0 to 264192 18:22:57 executing program 3: unshare(0x8000000) semget$private(0x0, 0x3, 0x404) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$SEM_INFO(r0, 0x0, 0x13, &(0x7f0000000000)=""/72) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) [ 1000.181649] loop4: detected capacity change from 0 to 264192 18:22:57 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x401}}, './file0\x00'}) r2 = gettid() process_vm_readv(r2, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0xfee}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x202, 0x0) r3 = getpgrp(0x0) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r4, 0xee00) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=0x0) statx(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x7ff, &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001040)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee00}}, './file0\x00'}) r8 = memfd_create(&(0x7f0000001100)='\x00', 0x4) sendmsg$netlink(r1, &(0x7f0000001180)={&(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001080)=[{&(0x7f0000000140)={0x764, 0x27, 0x200, 0x70bd2d, 0x25dfdbff, "", [@generic="6d08bec665670e7842552aeb209d", @generic="d6b19024c42fa21d5e31ef7298ddf3b726aa61149054e59e51fbbcf2ea15475ab68f7a1881da47a8a2886abbee0479a2e1a6515b271946bd036af79c53dcfcc0387205f62caf7ec08a5159edaafd4a825ae43e1d3cc98002de973783c3abf16e10f012122f7a42174c77e5f6210bd37411bb98f1b9c1fd65a1331cf0835c8399d9e39e199c16a941494f9b248bba2bb1902a8ea293532dc6122380e554f8a71129f54fe55af2c427a0b954b02c9a5d0024e265347554f22fa3a068baf255996e0a29", @generic="92f53b544a22440626b1695a313e5014d3503944b68cd17aecd16f951e9d9b1cd95f2454fc7d50b18993b528d18745f1c37c5f4c3e9e47c7fd5bcd22dcd199db0334f4993d5de76863961eaecbf65d8748f21792dab19df10861b7ff9f54fcf3901f68cdd27ba1e8bcda90e27adb8e443ff96605095e7fb42c7c70e4d9c61d02", @typed={0x8, 0x90, 0x0, 0x0, @fd=r0}, @nested={0x219, 0x1d, 0x0, 0x1, [@typed={0xd5, 0x22, 0x0, 0x0, @binary="00492125b3f6ce1b33e2b1e8f70b2c7357665656c79e6d9050653b54e31380d4fca7e42b2f9b7604fe4d165287386330a14851a6d0b89c7dc8609df26c4f80664cefd441234006d8a8e29d300e09caf6097d948f142094c1566d34fbe4c622e64cc8816d406a47e0862c072831ef106e75afe2636a8c5c5bfc1e8010ce04d706ac93a721d5c21fff87b0598df582330b5d62b196f97faba7cde5efbc17b28efe715b432b2466d50138ed7ad503771e4b71d1bfff151f14c6c082daf08e702899fa95d7b66cca12dbbdc5ec6786e18cffd1"}, @generic="3253ab5c6450d41405c399842fab3e2e2c7ac3e210010cb2d0aa48f1c8b5c31f42f2d41b270334b0ef573b2272d349595e0f8d319b7cc798a2195b00b19fcc78a962db853953b3fa31ed", @typed={0x14, 0x6f, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @local}}, @generic="573025c82682bed867ac75e3617b24a336e5edf565feca3e3529ef122c58baffc453356f801ac02f1516042bd5c97e8f502806d955bebc0f6717d54a7e6ae5a1650b5a065d8ac77557c4567acb9926400df10d1fb088c330a490b359cfadbdbd9d71ba1c12c4af5012e2a5afcd695e8694fc2df5ff99fd889024d2a5e497df666d5c52e667f77342c5f8477d45fdda2cf03e6533e717f9c7917c5feb146b692af65307e7eb3be21ae9e4d693169287cc20dda4fa0daeb3f79b02979c116191bb6100441931606f5c1f6de9751667c8f6bdbe124b67350a67f5d9a026b9500f"]}, @typed={0x4, 0x37}, @nested={0xd3, 0x17, 0x0, 0x1, [@typed={0x14, 0x50, 0x0, 0x0, @ipv6=@remote}, @generic="1faaec77e6e07eb144757fe279d29a7fbdda665c4396d8feef17e3459e8a14e2b6c1137679e0b3bb2251a262cba826214378823c20d557ee969629bbfa11f37b97a946254e11d001825e04aba119fd9027861c14ebcd11c68d8be71026b59df3111aa5be81fee1dd7792c5f461df5e1cac9bb94bfeed9bb490ef4b6dcdf86d5646b9f1ac194da7d7a3336c93ff9c73b409b6f3f5e03d967c9ac1300697099595536597a8128bffb872066e9b94700f6c18e2f178441dc59f884bc7"]}, @nested={0x1ec, 0xa, 0x0, 0x1, [@generic="46521edb4460968c35e6e727c80cdcd3d80bea0ffbf565013a204e28c5a68cd9abfbae6ae0e1e5a31c81f8cbff9d83d7606562002d3062acd82bbf338d885ff2f1a009f6cd23626df0543469ae9642d0866753fda1d6ce30ac31a17eb66a22584e2771773a06dc7a58da6f762b7f8033ccb47ee805fbd91b74657c841e7d7ab41d6d3624a15d73e2f3790204a542f6c9a9e1c38408c57373880241b721b3ffbbf389b24f5bdf8d063d7260be4652164cf7ad852476f66347816538db4f16a18ee6ad087d350f42a1c523d74d7e5901dd01bd330956", @typed={0x8, 0x49, 0x0, 0x0, @pid=r2}, @typed={0x17, 0x88, 0x0, 0x0, @str='].*^/\\%{-$k*}\\%/(\xfe\x00'}, @generic="11385733b5dddb2fb1eaa49ac9597dd12cc854bf6c92de097e72ef089fa129fe2afb2ebbc8a61e560dc3aeee0d7de293944ce691bcd1fb1df575fd8e5668833a997affddf28cd92bf2695ad7adee00d4885a0f4193e05aec4818737adf887bde99ffed03810c716260a83e8c341d434ca2e3d72f697766b7b2be913242d3003af9340112daf773c0ecdc23efa37d701c4e9c86e8a07f8e550baab32c4d36d8c531daace1f7c5c5c740a107087b149fe766c0611ee949f208a2e99c2ce34ed59657cb2ced7127b35560f9efc9637bd68435de9954f18d57875179bcf2f8586b8b2344c6362b5aef530b5293443c3367ee6b32a7"]}, @typed={0x8, 0x2c, 0x0, 0x0, @pid=r3}, @nested={0x111, 0x20, 0x0, 0x1, [@generic, @generic="4831050159eebc493466d27c9af4516b56cf89", @generic="3a9c49ff45f3f03e4c503d267853eb5015d7796aa76ae264c46cb1a43bf6d18453da9a1adafc5dd260552602b851fa5ee8957ca6af0ea956ccf3d16e14653db65bdbabfce45532bf3530d048e88484d4c0df20366811188ed077203229f0f5badc6ef093264c940214ce0b32ba53f2f6e57fc9779ee8c2b5b96104700452847f493cec60b125d209d50102ba0ffe17b068d4860b6452315ce40c301c13c41319e34606dc91aee9605a273a87fca13ace9359dc93ecfffb731018b85f29fafe9b07469170bc0c37c593c8a1404ddedfa78e2936d6e2d305475b1a94cdd96625568d59aa917565a119577a55d3fa08311d24eccddc271b", @typed={0x4, 0x7a}]}]}, 0x764}, {&(0x7f00000008c0)={0xb8, 0x2b, 0x8, 0x70bd29, 0x25dfdbfe, "", [@typed={0x8, 0x93, 0x0, 0x0, @u32=0x4552}, @nested={0xc, 0x88, 0x0, 0x1, [@typed={0x8, 0x38, 0x0, 0x0, @uid=r4}]}, @typed={0x4, 0x79}, @generic="5fd3ae0a294f747c77af67c6efd0a9d792991df8fce0d9bdea9a52db659e41966d499f12fa66f0951fa12e6c26cb7d3e850f7c239ed97463e569801c092c3735e9c1c6f3cade74dae26be5b7b96a11483a92753ffa1621cc49d4e203841ebf34ddf9899c23578dd1b2032d2c4cdd34b6c279089067db11b580c55b21fe99d97e24a3be0def74a39b8701a7711708"]}, 0xb8}, {&(0x7f0000000980)={0x108, 0x39, 0x100, 0x70bd25, 0x25dfdbfe, "", [@generic="7261a338b0bbe6ada8d02b1d1b57614493c42dc4b152fc4c9923fd7a6a8e63e9f42f9df5a972e60ae4bf1fc4c680e6796b24fbfd3cd23825798e76f9d2fec2dc8bcff53e7b08317efeeb875b401dbe3eff5028b3bb9d4f35f494d1540600dd0d6b4643392062dd581e0d34019d817d8b57479fdf122e0475cc23cb0edc7e7d4ecff9c71eb3e2f77eb85d516b3f88fbabc10644d042868fc60c0b516d92639aa1edb2fce066f59751b89f96bfc815666d55e1f436da310cb45c45f0074d0f31fc6c00b3043c87495e23dc5bf4ceda67327e9a35b07e05d447a9d589a27f7576f2fb8c234863d0337bbb56ab2137defb4186a825e0c0"]}, 0x108}, {&(0x7f0000000ac0)={0x2bc, 0x2b, 0x100, 0x70bd26, 0x25dfdbfb, "", [@typed={0x8, 0x8c, 0x0, 0x0, @ipv4=@multicast1}, @nested={0x2a3, 0x8a, 0x0, 0x1, [@typed={0xc, 0x22, 0x0, 0x0, @u64=0xfffffffffffffffd}, @generic="10d1735297f26f283abaf96f3a61a7c8fec483862c5c5e1b0b3693bddc566e6e35f39ad8f168a2952cd0a6c048081a3caa00e1ffe0a209f75d888ee2b48c188e8ac001c2f8b94dcda7a62a8ccec6af9ad909a1c0693e06fcabb1df7d4d1617e19cdc8abcddd896056ec0acbe7e4f3e42af01b543304c86abeb8f450cce2f4ffe85b8e61044e77b112fd712e67246e042e3b2ad7393d94a521636ee3af3427e8960f4a5e47003aab2d41ddf48ab8f3f09bf88a1ae27e54de93c2eafa7559dc191d9f1490c8ac13a9a20bb10c96f3b399e3aa8e297e1c127cdbd", @generic="0654a16f466349d810149340b63b6537079743b09b0970854b2511601784472c1519241c147cddd8e4dc3e618372146ea920ba76895329ec09d6af425361974006b3f78a548db9f5e7cf940ed7f2e33c8d07748ac696382d9d1f2d54e7291c40e4468385cb0ee9d62f7e98b269449273a2d450df0e713a6ce6f4b6899fe0cca41a45bf82999ce62d905e7d8104dd30dd68d57258ff5a1b890d058c51a2bef5a1534fa345428d0e208a7386a70dc9e863190231ec8003433d57e4c78d40334dde093d55bcc060017d6d", @typed={0x4, 0x7e}, @generic="3864e4ec54fcfcd16d592a8f6124c6b3dfd37f6747ec5c8aa63f5f9eee7ff715cc2d6f6c0e5f4386ae6ca44f9894c6635507efaea561487049ae95c87346c512468a820f0d903ac22511fc6b116f6e75314bff0282c03b5cfb0fbe648009bdfe5b2a1506d36657dd3a62000d1a4df61d768f9639de48cd0ff6f8e80b0f1ff56998fe44fbb9e18180607263399b3f29c12771a2ae6459e8e85aec773b87cbe46e0cb1586f037aad61b082c3d15e551cf14498500605c20ebe461d23138aee7a88b8989a0c34d743a74b99330cf2b09bb921497e3ea96d8b4e45248defc3936ae42f9cac9df03291bcac81c53cf7"]}]}, 0x2bc}, {&(0x7f0000000d80)={0xf8, 0x17, 0x2, 0x70bd2d, 0x25dfdbfb, "", [@generic="23623b923eacd3229d5adce7cfb14324e04e9797ebe2428c50a386699127ecde13e1b3eea226395ce03829e2e7dc994341e3f123eba964ef9205cb1df89a2f25d32d9e4c9af94bc7c024515f58aaa3e0f3559f4451144e441b4925bba4ddba6bf485420c0592861df9e1cf411bb4ad01599c8d7fb714723fd0f91fa260aca4fd364c92fc911d89d0f7ae5eada041456e9db7c78976fd6438c45b18c52d67e1211f0290bdf037b4d96ecca80e977052dbd957bafd4c624cff120ae31ffc517a9cd42814a962093e84c7d02b1f0483e23e8963852cf3565d2efabd6d5b45d328c20f4e714111"]}, 0xf8}, {&(0x7f0000000f80)={0x8c, 0x18, 0x100, 0x70bd2a, 0x25dfdbfb, "", [@nested={0x48, 0x91, 0x0, 0x1, [@typed={0xc, 0x33, 0x0, 0x0, @u64=0x2}, @typed={0x14, 0x69, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @typed={0x14, 0xd, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @typed={0x8, 0x6e, 0x0, 0x0, @uid=0xee00}, @typed={0x8, 0x55, 0x0, 0x0, @pid=r5}]}, @nested={0x10, 0x6a, 0x0, 0x1, [@typed={0xc, 0x52, 0x0, 0x0, @u64=0x7fff}]}, @typed={0x8, 0x15, 0x0, 0x0, @uid=r6}, @typed={0x8, 0x74, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x36}}, @typed={0x11, 0x6a, 0x0, 0x0, @str='/dev/usbmon#\x00'}]}, 0x8c}, {&(0x7f0000001e40)={0x14a8, 0x11, 0x8, 0x70bd2b, 0x25dfdbff, "", [@nested={0x1a5, 0x15, 0x0, 0x1, [@generic="b84d014d9f72e99f08149c7023818feec11ba042c1aef51bec26cc1ad653c1d8c119d61e85f5a580e230e33e2e1da5c7d105ba3846be7927c9772be28530edaac2c14c3abb2c3c1a5662d5f73772c6a9a596c1ebc59031764fa78850ea7b9a1e82970074e4b71721774dba6948f129f0cf320817c9565c5e71e0d22cde1183a45169735944bd501e0b8bf187accc10df6396745d713eb4fc80a223e87f54f1560dd361387fe5cb0955ac8f78c60a7eefaa8d677677c6b2809a0f64c91734b7286cc2000ab37ef4867b69ff6d7a22499396b6ca3553da105984a338569c7e822b2d2bc58a852d92860c2a8b9cb3b393724f", @generic="952699913cb477346b798608318347b6b9aa73a484c2d0b956569c91be605c99bef14ec3f6c211e9d26f81a1f9a43a9d943c4aca4300d02e2414d789a8ec38dba267342fe3675cd7958c4ca0853e60000c6e8088753ab83d82b317db56f36e7b8b0b2e4bf5b8c7106a0320565b6ecfb7484770236b26d690788f30c1440563d3d0e55a9e97292d92ea82d26c189d9497f44482e458c3a95598c4974d4cd9b66b2b9ff70d3b2a939cea3306ea2cf7b855"]}, @generic="4204e6855948d4c8746b6a7ef9dd318047ad801a7fd410f2a57aaef5e9fbbbdb0c33c16be29a3234dfd17bbea8cc8960ef9221794db6240c4b6fa60e77c1588279285860868a6f6d107a31bb549fc9eaf64a53e239d07b6de93382226b09b2b4b75ea7789d234d96580b3f4ca19a97eca96ce5f00a831ad8ff88a7bed9637b964a1e2c2ca38cc3247dc332e4fce1584d95f9f1a0b595ecb741190696ec201da1d67125d861b7220d90", @nested={0x243, 0x3b, 0x0, 0x1, [@generic="a4d02958410ded75aa36609128ea92f9f2e171fbb191653d625c4a3741ade33a67f2db1b24e9c976653cce7b685cb08f4aa371d3d5da556d6b4b5b84a52e86856f5a0e9914729868ba4e701122cb0fb0ddac80ede27ee6abd3dc465dfa2d8081a3dbdfd43c582282a0702aece98f9faa0a4f0719096ed00a545bdc8d08eb4545103303a68e248ecbddb4587ae89b5e3158b04c996abdad5b0af8647b6af97c49b6935ed0a5", @generic="c5a94b5963bd55d1d2e35ee2e460f935a20619167ece925ea009e64ea10c8a33d31d04975a248e2e83a139e40e5362b8175e06b3ece79cae58d1b789ae02f0c46b090be4ea49ac851205b1fd68d63fa02829d595d542ebace1923a69c44ad5c63674746cf7afb19b36633185f1ffff3c38a1f8727bfa5a139aeb85ac9945cdaf07a65c1a6565c2bbc30fde13f7c650fda549a42b53fde8fc30cfe2d2d3e149d6f6e18614c128e29d61c64e7d149f7dc6b4af0638228ccf2f07381a50a52ac557ce3e031ded73bdb143e8e142a80d3e7d20389a577fd411711623ec9bb0feb253efac1e85e3a1b0dd935d0dba11b9c386d918dfec17d2cf641c84a804ee", @generic="fae0a1a780517ed6918a5cd33b100f58daf7299307e3d7d4a6e2d6035d9256e3305ee2264a3f3a75f9d33ec61f1cca33005c7ef3297c9ddbe5a8", @generic="b461da796fe180db45472339c73ec803e0be456434f3022f3d2ce6558e739b30eaf9abaadadd8cf37cba88cf2e29937403967760ce601ed9dca0bc1e503c310d99bdd99fb4374390a727fd9f5e0f036fcb2aca", @typed={0x8, 0x10, 0x0, 0x0, @fd=r7}, @typed={0x6, 0x6, 0x0, 0x0, @str='$\x00'}]}, @generic="c1107934cbe10a6827b3187644cad1ad24a31e04052b7184a3b9efb402b32f635b1588f6c276066c1e9f4b30c4b469261f38a2f7222ca9217ed44a2a02b82783ac119d728b82d48fed16403d9cd400d221b1705f982b5e92afc904e41322a68de224adfbe0712e9dab3e0debea118f854ba9fd79cceaade8a7e759d7668e87adf68c31411842010f6cd2ddeb4c79588efdb79797e45862dd83efaf8d56c0840efecab37057fc291f9bb1c3f15b5b86db5b92b67dca9fff376a946565bb42670b235d58354a847051d438a668242a2d567fcf57e8be05608f96d39d44de3cc0dc187e02ad30f66c9e8466f358bfbc8925b7dcedbba1bdd2eca9aefdfe168f215c03ea9e0f0f8e8b3f4dc8f586bc297cc721ad9626cd11afba6fce1032dca98c8d71348231fbcc7c6e29ed5e1b08009c2c942af85ac9a4c0dc62ff255ff2ed960788e5861f0cc1aa70d52dda824c8f87568be52bed17b6482c5e2b195d2b1091b1150a93b307a669dbb2e8635c63e73418a4051049acde24818c575d92cf8cc16d18a9b7b88b86ae33c2c0c645ee395decca7b353630fd5c3b0a4c74846b9df82e2088136ad3f467bbb77b1943943a9859b5e0a0b7cee9520d50f994e93b9b95fbd52ed07c9ce76a3238c613588e37e043f0cb0bdd88ffe64aca441927446972508f470e1feb9ec3a5f4cac69f731b68a731a6f19ddd1aef18485e44804c3c7712f5e6058030a5544a4d770f1cd7f32fdd7b5426cf1da94c64df0200381763507a6780bc9995983c794ccfc2024633ae05dd21fca25ef928ba8cedd7d8b881d7e5dfe6076c58f017fa65f31e04cfb3ba1d74120416ab0fd6d26dea6f09a4011548670419f7cf221e6fdf76a15d28fdbeb655330e98df782a0d95a29d6610934b902d2cfcd3bfb24b4320d788214738b3e1a5baa0d9e435a82c070ceac8fd16bd0afd67edc0b9058d49514a8a11596b6f1ae091e7ab9631871784bc5f2c663bc77a7d62dc8129fc87fe4b5de57ffbcb20e1a4d3a89d674ad01219919d7ae715e5d7d0220d2420890f521da83065a19df8700727dff2774e7c4794a4581d60f72a6671e5174999073a8bca0c509fdbd218d3a4ab63d0202fdcbedfb2dcca5f3fff523ad38971548efa219c856b246344bad04abe687b9ff628d24ce914a13f070fc783e0ce2c99cb98ad207f46979542a68fc1cda1a9292bdcc0a863f23593f00fbe08132214a4364e249b62712c3221c936f5fe2ae6087edd8e3eefa97d07b58a2febd7650a655ce654fbf3bda567acbfdfbb2687c6777f8fad4345377b0fde403bc72bdaac9a8fa57e5ae28e3757856d48ef295505760131eb756ba8b621ea1d85247345ef52000d3a00e819c3139a536c808eab88604e7e1356a8f0b50bbd39398a5c8b3324157e92d2e0d78cb44502b05205593d217dc5199f922c9b0299cc18f91a91b2e7df0a33c2ade7ed57f850e046129de533ec148b855ef68b3b71ceed02752800b88a611585f20b6a023f83f01e46b112703ad9c566b6adaf8dd694491858de531a629c1c9d138988bda7af416d747dab4789e3e10c64ff92d40d549c76c74ed24e7e752937b77fc929c3cd8a122ee340bdf19b2d269b9b8890839c30b6b298c07f45f8295e00f2f0b1b6ba6850e87ac4038d167241d3cc76263e929fc5c392dfb68f7af5a1614a062ec9fcb44dcb4186bb71611268caeb33396dcdd44d082025289471106217c9d0b3dfa172b9330c24677c0ea2dc9d4f29565f2b81987c616b3aab919eebdeca38eebe9edef42a356f68cc42869ebda9d5a2714fff183fc61342aec716642aa3860772b3adaae0c628e46ef78ef021da4d281f72ce422294c6e2baea5fe96bddf2575c5273c0aa138f4a889c7ba7236df280e81654122b6ad29b808df66d961b4e4c85469c70f74b56a296aa30c0f531e980e80d212785bd17b38114aded5c04db64ece0f948d9986e012b3d54dc1481de092816085e9ca037ceb71238b291bfffcc4a54e7ef1e2d37b7a817441272a231f8c17d3d481f14138f9c3b36f2876a62b8cdce546c676dbc0a934f22599397def73d8805c870dfe6bc0a95fc75d9f61e5502a3c3d378ef28a30522af000c95d0853e0e8c491f3d71814ed109969942b6d6163fe7a72042d9ebca58d4e42259d9172ef9650aced7d0fe0e4a9c682cf5015a0fba3e286d453c14739a3c820ce0c47124f8d821efd01828f1a8f77709e4eee87b8bf35ceeabf41460ce4008da20e9af9095dccf4bde37a4c81a6f5b7fb021378298695a6b698b4f61992d889a311ee7199e3fb602aa3235acca6cdea8e388e1d1c85434c46bf003c70d9a0ce4e8404c33dae26e70da50f96341c247e77f841e8c18344e10ae1072a77c78ee60414cd560936c3fcd72489953c5b4589cfb5fd9a702ebb2c6cb5c9c727d489bf2193f6f0c69441cbb3abb3b80bd87d9d85cc0a1c5c89b33abb09dd75837bb97106186a1f2335a766b396f6d9b2f80b0f3fd468640a65f74c3e341ff97c112dc621068f569b504aa3afff96865bff9362e2988a314e247304b5493416020b36754602e6e28e4074748926ed18684fc544bdc93a41296b10b2d14379536948594c6333b4d13fc246fbe59e6a0a6ffb91fd3120ea74d6f890704bb4704e74eb82c045452938682b0a9207eab3a1677fd572c2038909bc648207c2a8ea12d3bba8eb8f50ca8549f0a77c88a4dabee27f606e9d6409c9fa69a8d82ff24d896dee8e6b4d9ff6c35e02b60b9e24a90ff9ee90e09ae8dd21cfd04638a2415de438486aa89857b47e6c82a706fdd7edeb11f6ba59fce7e2c4f05b21eb42a3ce778d4999b5bb766e8b7cd2637d3e37f54ea90ea4d560f2ed0f6d92279a4a2f01785e041f35225f507037def7f89d772dd3bceb39a47c4c836c3bd226c18f60a8cb887188dcd0c20c52b19abb71032119dd65c958d5d72b53012ebb88037713673f3358509e91c62d2b29fe0d0489f958666402b1fd67c09518cfaa444b29744b0f87be3db79ac2a3ca0b27958ded4ba554f83b7e52205ae624dc5ab1eee5c931fd453fa0a37f0915d8873e738f09553804a24b2c473a6dd873347fbf922bd9fad792f30d026d285d1327b75e66bb9a4edf2053a6896d61082049e3a96c94432ab2a2c2784402796a7705bb3070dbd59c1a9b0622e8e12674c0f3afceedb60e146eb4c2b508de01ab106327422f804239f283b1c811adfd6f201eb1c36e6e45527d1627e4a8ea3e58f646218f0ecec3c43dc3a38ddeeb1fe9d0aef2fb54ae573e45b8369a6b38634d59f08dadda6d3318b493f61f1ea8eade68dc64d5668ad0a69d492f3a6efe314a7636c6223b9a6dfd2a274e678062fa3a2781214a4b3899f2d47791c8d2f3f72730791a5de43ab00a970f2b11205014f3e1fe8e3c5ad72151a7602ea0b465074d747550df4b15c2d1aa3d1a746e6cb94a4f33a7e154c282a8a15cfb979f7aef4f18458b7b952085d45ac324e03e3357ad340bc8379a2b3bd8b3bab323fbce9699705b4475b15757f4823288453a479b8326db97c30329c5f87fd633e1b239ababbec1ab1c579290bcf6de1521526cd7cba57a1c0f6221dddba7e1122d05a1a4c0cd32c4cd518317555c5bb7187f81c75018c69c6a31401cb80c862e5c2636af9e566345f9f92c8c32404c628097432b284db52268e07e3bbaa5fe2dbbca9507665b4b4fd203ae702f4f9bedf4ab61db40a8086e606c5aabe65b2e468389efc37a72067919e7b2567dafbfb136352f775353129febdd44e38b831897f7f1e26c77b57caa0f4f7be0fec770c90487dfb8186c3ffd54465e7d0214f29da9062499d4743d40ac7b4e2af91ca40ee90f6010081ec299c6a5197b856c0900ec8af0d721b86b915614e5d080c0ff39155456b4cb65db0d236b8a994539c1e32bb4436d741a554f16dc5861da9abb027b2c20122ee02e713d48219d784ff9db278e8ac9eaf35cd882cb0c60ad0c0b979b8a66b9d50ab0ec3151a4adc9f82ed3fb2af8fc3e65d3f71d4606ec374302b9173d4cab6081f63233bff730faf703016b6e98fe4b9b750741f932b82e4e67c64f59c80427850d1eae4058f0fd35778086eed9bac196d9976d2f302ed9b9febc256ea9d994196501ddc84ef0ac25e65a2c7ea87cd153d0b06a59106d981f7927b690dcc0c5541a42109a10128e47e6bb2802c92a2e5f325238feb45ba739636a2e1c005ec165a5878be50530ff60ae6ce1ecf687407129107e0165140284972a213caff4c9103697ec2d463787e0ffafed7a5b942930c6aa48393e6c3382543641987d9daca7b24693e96f010327964291f61b6f2a746baa166dce05e83b64ea195ae6280df6bb8472adf6d51467bf3f836a10f03a205f369d98a999300c80641e42c68c1319fd970a370bff5c0d86f46b40d8f85a323d1289d640b437c90c3463d8466493c5a7746963c70e501f5084cbe10e88d15a49da603157be5d58ec800018b639d3983333c8bd4be82b6fe84ad25c1e4820076f5efafa548140f88876f16f99d0ba967649a0e884db13964d34e24ba8431c00a3fc55bf1a3f622a35eb5689de19c236bda2be939aaaa6c57fe6f40ddf7ac0c7eecf6f4e4b72e0af21d4a2016459ea530104fdc2e4e0a71b2c8f1c039917ba35ca45e7681e350ef8ba0427cd327400593e1ae0a6b6307136100d4c66225211e9f86eb1e204582da7268f41f206138ded0e324f3fd94361f14c51650a3207d0698801a9587e77a61390d483da2edc66053d82a21821fed2f1efac1861a03a96785914736298d69a170002209b6307e888a36a5abb63c8f421a423c2eea23157f09e2a3f65c4741a6ba6fc1f32aae39382367b2c14ef11a67c2ce7baf914e49fa78f4079dfa9832b3e18ff782f077eca2639931ef23b4f7853f9f3e59a6dd56c2f9dc842e390b3198b5c8c9eba5fcfc8291f423cbeb00774d9aabcda3044afa0abce2ac1feb27454a5819555ade7739435c9bc87be3ee798d7094e434a8e35bdcb137b6e1e308cf02042d32ff8d46e7bc487eadff77a9c8ce5a3d206f0e760c332bb6719a4f25d69e4903e194cc4f3b7c7718443c72303c8cc14086c48895694a70d7c33a443ebd7f92b6d9e150efb280701742eef900668a5b37e5edf7e481d2caf85cbd07465713738213495ff5ce258cefd0dd263abfe3069a1f83c0a8d7c5432c9d818c15bf4690bbd8ea906a028137500d8264ae8dbc99b3a662032d513f2c8d403d5be2f2e36d04b2a717537fe9d4e898785def580b2328440512761a10738b3696fa6631884885dcc2bfef1ab1394072c09e1f0c27a00287d9d43212a11f38f83846d0d506169aad5807a1837e3df96e81dd6edd44ce063f163e6077af384c4b6ec3f7fd0215dfaaded2b38dc3404b453e2e944234d55252ec84be07f1fc0dd99ea36ecc6b2d10a6be50ab99780d57a0aa44fa922e9cb944bf8c795cba686e0c29f4a13a2eaa0c619d0a263a9a5bc0b4f1884fb06f4884771373cb930f24ce8dc4d249eff12a9eb4b81537ea15b47902c7210f5ab9134749766e81146dab770df122a915324cfbb940e5f886a7a867209a16c235d40ba70c7b0b0e709b0152e6956adf10c7cae1f04850ca8ea41756aec35c491210dd2f8acdaac1ba057b1b1ec206c691c90b4531fa3590ffa5461937edd289a94ccb84b4c6e6d56e2394dd37cf08e0c5c79662f6b1880d6b3608d2fa472a613798d4914a3fa6509cfc72459668191022bfd3c689308e2b02db496a3b6e22ba7d3da2533850bc2976869fc479"]}, 0x14a8}], 0x7, &(0x7f0000001140)=[@rights={{0x18, 0x1, 0x1, [r0, r0]}}, @rights={{0x14, 0x1, 0x1, [r8]}}], 0x30, 0x10}, 0x20008010) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) [ 1000.212462] FAULT_INJECTION: forcing a failure. [ 1000.212462] name failslab, interval 1, probability 0, space 0, times 0 [ 1000.214735] CPU: 0 PID: 6779 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1000.216361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1000.218605] Call Trace: [ 1000.219108] 18:22:57 executing program 6: ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)) syz_open_dev$usbmon(&(0x7f0000000000), 0x40000020000007, 0xc00) syz_open_dev$usbmon(&(0x7f00000000c0), 0xff, 0x800) r0 = open(&(0x7f0000000080)='.\x00', 0x80, 0x1c0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) [ 1000.219543] dump_stack_lvl+0x8b/0xb3 [ 1000.220425] should_fail.cold+0x5/0xa [ 1000.221188] should_failslab+0x5/0x10 [ 1000.221940] __kmalloc_node_track_caller+0x7e/0x440 [ 1000.222956] ? netlink_sendmsg+0x98d/0xe00 [ 1000.223818] __alloc_skb+0xe3/0x340 [ 1000.224557] netlink_sendmsg+0x98d/0xe00 [ 1000.225390] ? netlink_unicast+0x800/0x800 [ 1000.226268] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1000.227391] ? netlink_unicast+0x800/0x800 [ 1000.228254] sock_sendmsg+0x150/0x190 [ 1000.229032] ____sys_sendmsg+0x703/0x870 [ 1000.229854] ? kernel_sendmsg+0x50/0x50 [ 1000.230646] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1000.231569] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1000.232676] ? lock_release+0x3b2/0x750 [ 1000.233622] ___sys_sendmsg+0xf3/0x170 [ 1000.234554] ? sendmsg_copy_msghdr+0x160/0x160 [ 1000.235603] ? lock_release+0x3b2/0x750 [ 1000.236520] ? lock_downgrade+0x6d0/0x6d0 [ 1000.237497] ? lock_release+0x3b2/0x750 [ 1000.238451] ? ksys_write+0x20c/0x250 [ 1000.239346] ? lock_downgrade+0x6d0/0x6d0 [ 1000.240327] ? __fget_files+0x287/0x470 18:22:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1000.241283] ? __fget_light+0xea/0x270 [ 1000.242300] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1000.243597] __sys_sendmsg+0xe5/0x1b0 [ 1000.244506] ? __sys_sendmsg_sock+0x30/0x30 [ 1000.245526] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1000.246851] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1000.248056] do_syscall_64+0x3b/0x90 [ 1000.248941] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1000.250127] RIP: 0033:0x7f8aa55cdb19 [ 1000.251005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1000.255251] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1000.257006] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1000.258672] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1000.260329] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1000.261984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1000.263677] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1000.265361] 18:22:58 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x6, 0x214000) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{}, 0xb657, 0xc30d, 0x101}) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:22:58 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x8001, 0xc00) r0 = fsmount(0xffffffffffffffff, 0x1, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000000)={0x0, 0x0, 0x26}) [ 1000.318838] loop4: detected capacity change from 0 to 264192 18:22:58 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:22:58 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffdbb}) [ 1000.402503] loop5: detected capacity change from 0 to 264192 18:22:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1000.459795] loop4: detected capacity change from 0 to 264192 18:22:58 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 6) 18:22:58 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:58 executing program 6: lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x20000, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=virtio,version=9p2000.L,access=any,dfltuid=', @ANYRESHEX=r0, @ANYBLOB="2c616669643d30783030308db6495e4370c5303030303030303030303030322c6d6d61702c6673636f6e740c97598bae9281ec2c00750c9a127c6428fab85fce5b89c3c541bb6978d03b397b52a1c36c4f5ac4ed55f2ce38995d591b8643c56d4a23eb54c101884bdb95a9"]) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) creat(&(0x7f0000000240)='./file0\x00', 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) [ 1000.539564] FAULT_INJECTION: forcing a failure. [ 1000.539564] name failslab, interval 1, probability 0, space 0, times 0 [ 1000.541247] CPU: 1 PID: 6810 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1000.542098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1000.543292] Call Trace: [ 1000.543565] [ 1000.543806] dump_stack_lvl+0x8b/0xb3 [ 1000.544208] should_fail.cold+0x5/0xa [ 1000.544608] ? create_object.isra.0+0x3a/0xa20 [ 1000.545091] should_failslab+0x5/0x10 [ 1000.545496] kmem_cache_alloc+0x5b/0x480 [ 1000.545939] create_object.isra.0+0x3a/0xa20 [ 1000.546414] ? kasan_unpoison+0x23/0x50 [ 1000.546830] __kmalloc_node_track_caller+0x269/0x440 [ 1000.547357] ? netlink_sendmsg+0x98d/0xe00 [ 1000.547812] __alloc_skb+0xe3/0x340 [ 1000.548206] netlink_sendmsg+0x98d/0xe00 [ 1000.548635] ? netlink_unicast+0x800/0x800 [ 1000.549082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1000.549667] ? netlink_unicast+0x800/0x800 [ 1000.550113] sock_sendmsg+0x150/0x190 [ 1000.550524] ____sys_sendmsg+0x703/0x870 [ 1000.550965] ? kernel_sendmsg+0x50/0x50 [ 1000.551379] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1000.551861] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1000.552426] ? lock_release+0x3b2/0x750 [ 1000.552857] ___sys_sendmsg+0xf3/0x170 [ 1000.553263] ? sendmsg_copy_msghdr+0x160/0x160 [ 1000.553739] ? lock_release+0x3b2/0x750 [ 1000.554154] ? lock_downgrade+0x6d0/0x6d0 [ 1000.554601] ? lock_release+0x3b2/0x750 [ 1000.555028] ? ksys_write+0x20c/0x250 [ 1000.555428] ? lock_downgrade+0x6d0/0x6d0 [ 1000.555877] ? __fget_files+0x287/0x470 [ 1000.556307] ? __fget_light+0xea/0x270 [ 1000.556719] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1000.557303] __sys_sendmsg+0xe5/0x1b0 [ 1000.557703] ? __sys_sendmsg_sock+0x30/0x30 [ 1000.558167] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1000.558772] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1000.559321] do_syscall_64+0x3b/0x90 [ 1000.559715] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1000.560260] RIP: 0033:0x7f8aa55cdb19 [ 1000.560649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1000.562566] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1000.563344] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1000.564081] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1000.564833] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1000.565569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1000.566329] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1000.567081] 18:22:58 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x2, 0xc03) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_URB_LEN(r1, 0x9201) 18:22:58 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:22:58 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:22:58 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETZCNT(r0, 0x2, 0xf, &(0x7f0000000000)=""/77) 18:22:58 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 7) 18:22:58 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x14d440) mmap$usbmon(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x200000c, 0x13, r0, 0x4) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_BALANCE_V2(r2, 0xc4009420, &(0x7f0000000140)={0x8, 0x4, {0x4, @usage=0x4, 0x0, 0x8, 0xfff, 0x3, 0x0, 0x7, 0x3, @usage=0x6, 0xfffffffc, 0x3, [0x1ff, 0x3, 0x5, 0x3, 0xffffffff, 0x6]}, {0xffffffffffffffff, @struct={0x9, 0x401}, 0x0, 0x8, 0x100000001, 0x3, 0x19e6f62d, 0x1, 0x415, @struct={0x4, 0x6}, 0x6, 0x2, [0x8, 0x1, 0x7fff, 0x6e54, 0x2, 0x400]}, {0x200, @struct={0x45, 0x47}, 0x0, 0xa37, 0x7ff, 0x8, 0x493, 0xc00000000000, 0x13c, @usage=0x8, 0x101, 0x8001, [0x3ec, 0x401, 0x7, 0x3ff, 0x4, 0x5]}, {0x5, 0xd4, 0x5}}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000005c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x2, 0x4, 0xac, 0x7f, 0x0, 0x1f, 0x4, 0x6, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, @perf_bp={&(0x7f0000000080), 0x1}, 0x1200, 0xbd, 0x2, 0x2, 0x101, 0x10001, 0x2, 0x0, 0x1, 0x0, 0x4}, 0xffffffffffffffff, 0xd, r3, 0x6) ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000040)) 18:22:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1001.135038] loop4: detected capacity change from 0 to 264192 [ 1001.135525] FAULT_INJECTION: forcing a failure. [ 1001.135525] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1001.137652] CPU: 1 PID: 6823 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1001.138513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1001.139700] Call Trace: [ 1001.139964] [ 1001.140195] dump_stack_lvl+0x8b/0xb3 [ 1001.140602] should_fail.cold+0x5/0xa [ 1001.141012] _copy_from_iter+0x37d/0x14d0 [ 1001.141455] ? _copy_from_iter_nocache+0x14a0/0x14a0 [ 1001.141976] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1001.142496] ? memset+0x20/0x40 [ 1001.142846] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1001.143423] ? __virt_addr_valid+0xe9/0x350 [ 1001.143890] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1001.144411] ? is_vmalloc_addr+0x7b/0xb0 [ 1001.144835] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1001.145414] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1001.145940] ? __check_object_size+0x1b5/0x890 [ 1001.146434] netlink_sendmsg+0x86b/0xe00 [ 1001.146870] ? netlink_unicast+0x800/0x800 [ 1001.147322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1001.147903] ? netlink_unicast+0x800/0x800 [ 1001.148350] sock_sendmsg+0x150/0x190 [ 1001.148760] ____sys_sendmsg+0x703/0x870 [ 1001.149189] ? kernel_sendmsg+0x50/0x50 [ 1001.149606] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1001.150089] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1001.150644] ? lock_release+0x3b2/0x750 [ 1001.151066] ___sys_sendmsg+0xf3/0x170 [ 1001.151476] ? sendmsg_copy_msghdr+0x160/0x160 [ 1001.151973] ? lock_release+0x3b2/0x750 [ 1001.152392] ? lock_downgrade+0x6d0/0x6d0 [ 1001.152837] ? lock_release+0x3b2/0x750 [ 1001.153248] ? ksys_write+0x20c/0x250 [ 1001.153648] ? lock_downgrade+0x6d0/0x6d0 [ 1001.154093] ? __fget_files+0x287/0x470 [ 1001.154594] ? __fget_light+0xea/0x270 [ 1001.155007] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1001.155584] __sys_sendmsg+0xe5/0x1b0 [ 1001.155986] ? __sys_sendmsg_sock+0x30/0x30 [ 1001.156441] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1001.157034] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1001.157570] do_syscall_64+0x3b/0x90 [ 1001.157954] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1001.158516] RIP: 0033:0x7f8aa55cdb19 [ 1001.158903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1001.160792] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1001.161578] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1001.162326] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1001.163063] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1001.163795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1001.164527] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1001.165285] 18:22:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1001.298223] loop4: detected capacity change from 0 to 264192 18:23:15 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, @in_args={0x4}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r3 = fsmount(r1, 0x1, 0x85) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000000)=""/120) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r4 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r5, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r6 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) r7 = signalfd(r1, &(0x7f0000000400)={[0x8]}, 0x8) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000500), 0x121880, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000001880)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) r10 = accept4(r1, &(0x7f0000001900)=@in6={0xa, 0x0, 0x0, @empty}, &(0x7f0000001980)=0x80, 0x80800) r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r11, &(0x7f0000000440)=""/57, 0x39) io_submit(0x0, 0x9, &(0x7f0000001a40)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x9, 0xffffffffffffffff, &(0x7f0000000180)="26ebee993fc7ff9a95c4a0db74826f70980d87db79d3c300fb0ad0f829a867bbb98154b021a464b02e11120ddc32739ac685500bd76957852c3ee5a23aef12fa97ee52362ea7af09dc385fa6a40a4a11ebca55", 0x53, 0x8}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x7, 0xb7c, r4, &(0x7f0000000240)="0c38a0aebaa4a731a1a89e8731a51d8bb765cdcd205c0c159440115a953e35e273d808d6d69a22adf5c29865e2c15545f64d2d0cc9fe6dc0abc4cc6324df2f293e9f2cdc4fa8273cf072a75cce5070bec04d4257db62b6964d8cffd8088f00e25b928a0556b212d992c4c05e5fe5f4a6a31375a2d2984b6b5fda092fdb86a20cb67c29d6d78b18db0275856cbd377ac55f95101235660dfd63b77d493b5e7fcd107196221fbc467e5ba5bd2c8aecb83f6426c841707a", 0xb6, 0x4, 0x0, 0x0, r5}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x2, 0x9, r6, &(0x7f0000000340)="a956dff7fe87ae7027891ee93ecbc18b24294743f3588097e8a56415b28429a6cae6a36266b41b3697412c327d4e332592f86296fa8778a8f048021670ea3c66b222f1d5b2d32248328834838418f7de9df7a9e45ec43623c09313905321607faf49910624180eb46f81d32e6cfb80205eaaa666afb00e099e08b0ea2f2129db4224222b33c6e374f64f3596193117e7bfb7255ae57a7d40aae91347e950a558c107192cc789d3e2da755f3a53b7559ada", 0xb1, 0x20, 0x0, 0x2, r7}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x8, 0x9, r1, &(0x7f0000000480)="ff7449e948f1104c0da35ebb09359a10fc456db4c5d52d1e7cec0089387944080c1f4c4462255e6669bd7867ccc0f520d4b7f6b4ae6240d335a62e3d150b6d6b74d2162333bb70b766a616a00dd678555bb63596214b8634a26b9eebe239c11c31baf970bf3fe1e61a2e1baa96ecb7c266", 0x71, 0x3ff, 0x0, 0x3, r8}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0xfff8, r1, &(0x7f0000000580)="91cb24d4be621e2c28aac5025c33e1502b965ec6f3e577332fb9c1e374328aa06192ebcfbe121095ec83cfca6db9e4a878f22af06231597415347ceb37ac8e5ccf9f6d11af5dff70b08e3116383478ebe9092a7d0ce7d500a1c1af43bc86658637b6f83273d96a3bf0af20ce6898413c465fac8c34d077db0d7e7fd18d6c9844eb17e5da2b7f5bb778b601d7b0f2bbb0c91ca243984411231162147b9c8fa747f27617fcc43ba7a54fc786781394c542b9553c71805082006c31f48c305dffeb302eebc447950ea15eba99aa13d2ae0cb6c3b3b9b7b4281972207178036977c3b21504c935c854d4ab466c03ce247196fdf94a", 0xf3, 0x9, 0x0, 0x3}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0xe, 0x101, r1, &(0x7f00000006c0)="8d6cf01cbdb6fc9b34ddd40bc29592a81453cba5557ca048fa5f5f2dfbc3f2e8d184f96f1425cb9508af56e21d8b33d35acfd5ceeeef2d684a832696fcc5c18a6e4ecd4d2403681027a7015c92cf9d79572c8f77722de78ab344bbe6295fe883a114c43f872fa6061ea3210f3473b69b30234e0a43856dfbab058be89c4ba6ad7f4d96d438ec13038d5ca53110b142428db5b5885da24db0941aeb97c6bc6497faabba686ac5971269fbebe608543af4d9be262229fa2f96532ce8bbcf1dda5323da418b230a094267b78a02c6dd", 0xce, 0x200, 0x0, 0x2, r3}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x6, 0x2, r0, &(0x7f0000000800), 0x0, 0x4, 0x0, 0x2, r2}, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x7, 0x6349, r2, &(0x7f0000000880)="90e7189c3dcf919865e23732492291994eb54d011ea8ee4bbfb6b1375d58ac5a2c60dee3108737db9461e6040bc2c769ba5de9ec88626475ebf14a42f8fe55945172c4b037bed81d56d799fb1d7de0183d0a240be4471c3f678cf16fd4029ee0f2260110289c33d1f6f4e66e5610efcfc2852d646a20cd81218683dcb1d44972252a1520e27b99ea1aeea797d171dd38720238463b5c4311f0bc8f03c293f14fe716e93072d290ba7b4c4f458032715a5cd4f1465df78a35af542b65ff0d7b5c92dff8c3e16454779e476ae4ff510927f927429efea85381f75844496c3e7a4a437d824b97552d26ba847198ac29a3f5fa7c8cc7f6419e181cadf6bcd0ba66bb029b0a2d74733eacd5bee70697a3723170ec42e1adc53e8ebe81a82d13c7da50e0f1e4563b717abee3a46b0e062ce6194a491e95dfacbc14b0a0247b97b3d61b355fb3658cd05dc3d419ec0e35e1d0d98ec087e97bcdc7877338f5252ff0d7afee0bf913384d929f65fe88b7315e70ecae404b057839c4dbd35287b60bd0681c5f3af85b4cf4d4123d08b0e2c434755e3665b245c7e89a3c0b2a231a4e6ca100877c46beb43608499dd958dba970133ee6bb4ed6437660ec60ac5d0088c3bf2610e53193940e8ca420471ae8ca96072716fb49bd5bf4cd5062854fbf1ff42ac74e1c503cce94fb7f69b3286123bf61558ccea18d55dabde5b0bd4b4ecd95052664406d525e9ec09544967dd64c6805b0a5251fb3e842feb468ae06745c05e5e64bf577c9c2b6b92d5c443bd2a394d58f7e57def3175e5cd9bee4529b684ffea2987408a07bad34b55af7832b8421565539b8013ed9a2bba0a36c3a799d4c9e61c0a75cc5b90d652c69ab6b3e47c08a25653b0d18bb269952561635e610deb89d4d8c235c8db015593cb9579279d2392279482680beb069bf03884ba8e119c9c6d0fb15ea039f06f013a52540972e85df0bab882b06d1756fd58e482cde48510665e7cc7772764856e1471bb311779382ac3e499bb36190ae2ba323ccbc13092d522b1b2b39f4dee73e091c2130fc2c9cca86638b9912a5eb3bf9b6eaf5140f486c75ff1460e5943832ff02cb803fef62fa5586cb4ae9d370e970fc7ce3c8c497909ee901183db99dfbd39306c5652dde0d8d9475711537b185a08da8101edf190d01a376494585175d2f7dfec50b44f91e243cfee21ac6516251b353e5ebdc59f144e575b2184f905e8a72d21d107e0f4d0288098af79b24ad12d87f0621116b174991488935e47cf6c1253c12f6f702e76b21030949c4c5f96134ee4650ee6e812daeb3511c743ed9ef96818ab2f3588657e591b7ca27792909ca54316fde73ea05bec0789970db6e5e46798b4e35ff47b1ed44b136511ba868fd26847993f2bca49a95908873ceb6db86e801317240920471e314d330ea1161246b8ed2fcb419104517c2a15b43c594d55f5a0953f504ba4c428bc0d2f5e58f008b8f406500472ce81bd9d68ef4b70358c613ebf0da93da5b44f5e58d1c224b92b2faf02c7bfb5eca62096d95a164ad02b16872736be8af8ef850072b35d4a87d4b93cb32a9398c779b9da2af0be7e02700bbeb9c827e10f8ceb7b1ccb73e65ffcfd802f6c904c4cc4ac04424f769e9e47c14dcb18fc3f63da9a7e60fa261495c8d8b11998f77ef0b9db03efe1fbd7d8cb90f9ca52827836b88550cbc17aa136934cd2813b4ffe31d9e9e1df6902594471215bc9443aff71d7ae712ebc7f2a344565744ec828b6a0d7af4c6908ed400fb77f9bd9b0d3be2255945f948775602846702cbf8423ba7ee74831bc4448f37a2bb9913b1085fa13b4be8371131d10dc1b3a8ab10b8ddd031beb9d317b43c0043120222c2113e90c79c7c6a84b998dbd014da1c184206af069539d4cdcc263f6dc2af278cf6025eea6374af59d09b1b97f8c577bbdfe1e7c3efdee5405d35d674fe8a832d2dffc057c1847112987be45c0bc980832d206712100b714ec88bd26cc43405e1045798393e60f8f5aa98f792f59af3f5bf91666c86ee2cfd6cd2de482299cf0ab8b4b4eeeeb8778f617071d072a5ecf5976c0cf91ea0a49c1ba11de586444b3760b787eda7963941a4a3fd144e342628ac8d4140a6afcb8ee28818df574d4e47d3eead6d17c3b98c89f009ee41c7e72c1d3be9957675b9372166ec830e19f5237e9a2038a63eaa94ed4d5a8cd42a78879c0d1d61b4e459137f8f18874d02ddaa5769ca15e2f50beec01c3a26c78c96147eb6d9255825f0383a951ec3d1464c5cab4777921b686abedf2d4aaafb94acdba6074776ac05d0f21e65717bf202186cbf9a2d2a4eb0b1da25ec3661033ef0837559e8db31971265ca9cd3ab6ff7b95b16077cac07f6998e71141d8466b46080dd6322fb42abf59a5a579ba8fa670d5fdd6e205fbd8e1962d1155029dceecb7943442c508b906782774198718c5d416f73a864dab1cf6d5cdb81a0ecbd893b153c2483d2adebbb31ab8d887a282ae6b6eba3caeae88dbe6eef2be5a56a68e7debec3fa4b1e55c2d94a067dc3fedd6c0f53a1a771eb8232d0e235d02050372ca92262b7bfd7c3343bb982956da191bfbc36942a9749c6d0200523d46edf91ee5f36c177440aa98699c3c018b1208528a44f60db326b516e678e3d1986c59c3e8f985335ec15362dae4e16d006440e46b43b4743935ee41701c42c2724239e12d14a90ccece322c7651626304964250002c2052085589c1bccfda56ce8868c10fc62c50e11e6dcc465b5b081e0348e4157823b4d856ff105c63575ef946e7122ed41c4320f3ea2ce7797a8894eb4601bf879049cedd4fca3fffd5b9da43b0de06e90dbba75e6221d35e7aeed6520c26b406dd55dc232a6e165caa2207d141c20a547510f51d9148a2b41ce74073f3a739f9373b1e80396e4234abbd7ef68ebd2047c609ac511901f4e72001a57659c6f8d60a94f5f561104d9deb796e3a1c8b96c4977d5d1471455b3a81d032bbc2ed8c24ee42f8e08c4360f8accaf597807b146e039f651a7248990ce7bc0289fbabfbd2ab88cdb2abfcb1afca8a3a531bd96e2c258a9f778b8f79791dcb474260049693a14a6afe2ee108782514df7d5fb3a7fb89c2b78aa49d456611b683d2fd3e9bb43d957297a509aa393005b7c75e069e75ec9b2f98b40e4232ca6f0e19687dee2876fee80bfef7df464ce0a8c8da4e4905161dfce84e7616d9cd1070d9bf468f6760d88c16b7fb18e490532541a814348a38fd0a06d27403bbd654a1ae4227cfd1467b1cddff3775c4191f850f50bb4b7e4bfc33c796b185b64e32c644da95b46ace13a4b947eecfbcf13edd8e1a1b2acb1e47bfd4b1242b0676631bf0e887ea40f1462bd5e068344df8dc36e94a30d9785482f4ee3ca9e8016078fad36e51704e787aae2d3daf56cc59f9c1160cc64e21fe278639f5ffb859c91154436f179cc77ecf0f2be48d8fdba654b940615607f2ab158b1586888d4489a026d7cfda08ae093ce96ca19b163937ba12eda6d63810f79c66d60a7ffe8ba64069f8bbb94a42fa15d10dea342a85053cb137fa8582873545bd2a38755931a94176fb28ea6a69672e6386aa0b35e1308ba8d9aacf1cabc841e6e9e30e5663fcbe567e25cd8c584f115409272ee76b0acf9b98b070fbdc24677ef70ae6a0f04cae0acb011042dbb80ad98381c6b16b7028767712e18eb216656216eb2b4d4a9bd780e9a4ce21f810ea6aea32c770d5287e446db2e2dc6f61f653bd2e932c512539503a80742a10a363033e4c8ede83beef7f89909e99364814cbc72f228676de0f702add05ac58b6f42ce74a438da3d3375b70cef5dc3444cbe380713fb811abd9107c3ded7ae645a4060758e7812a1f7f37b742d4380c3d7e576bb54a980df54a441e9992b8d399b55f12d2bc2fb915d09385c229e56fdd999d5c8d53ad38504c7f114c911933c19033ec0b30fd7e4678bec6bec0d5e43c1eb91813ef7147a7c45e960836734a413ad99be38d378669a475a474c43368f36eba18076961a1da08e904069ea972cb1c737dfeda2cedd0f576d5194a2568e9b4e317f9a8a07e7bf10235cda258ef8a928c2a11f41fed9db12928fdd9586ae51ae14d5e46835739da1c968572c412ea7ec452f494673560aa48b0e5dbf2661ce72a99efc2452cb675344a1f44f96749fcce13b5fedf77a5ab8d8a3607c0baa076c8de0b754a0416ef2833f8b936cd7a6091d3f8b58da0fde2b25aad0765cf793a8232b130f8f1a31a52a608c322b086eb9b850b1c16e1f7c65040e4d7c4a70b2fff45028b05e8da6a23f29d6ee1543eecc571da1d2f439d098cd0774483c4595ca5ca649885872e7d508ea0b76edf21158b6ab33a28a8f1caa2057c30477ae6a810e41bd218ddc6d3ad316dcf173d8ec47c944c21ee66de8b40e3899925deb88846abf3481bc63f47e09fbf73b38c875d4b9d232f99e0fa24cabcf4ea4e1121717c6f2868680c9bf43f5ee67a31977c4924187c35a18e26d562dd07714ee88a6975df39a584b3d36b7559c128a7aa70e66abc60912db5553cfc473b9df71fccbc13a93ef3496b5f3685224857ffd1a50b510ba58c4a62725b5cdb16d528a8b3de2dc0671506a2ea4e1d42ded72809327c78cec18fc4a7d11293e344a1f97ac542a2cab78182e4f177e13d4681308b9b38173988902ed92025eaf2e869932610127d46b1923edb2cad85bacde23ad9685f640eb1f5b294f66624a352e8c3ac5d788140a54b381df345e93b982513e12035bae3903b8b3ebe5a696f5b433ef4d71c2109e7e96a4ea35dac8d7492ccf76efc6441ece0b6624eee1e9f608567ffab40755f7c946731a558cad2e378249f5c0b1d6ffc6ffed1b10198a42329e3250626512b71ddd78b971fd9796ba0f41a04fde764b9669365a95a308ea3e681916f540e5455110fa9b66772b9e9847d81b258e625ad5ed0e72c786f730b90b2e4fc9658bf5228e3743c8ee1d24ddaf8131788311264de5a775d22fef31ec13d34f06d16589106bc7b1d056cb3384e094367936658c9970938807ef22735174bd0f2640622bec29435c84869d3ac2f371d96b1f665fc3f432cbdef0822c223b1a413ea92154faae765af590c3d6685994a87f90d8c5ccc3d3fe44396de136ccc2f111f7acd6ea6246598d25cf6de4c976de19c9dfb27173cf748302e13d20867164414b6d8ea6267e4ef9f6ccf56cf64990536ab2899a54d690c475e37133af31b376cef2932154dc5a55e4306633a6771f972ca9d5d6034b616e8035302918fbc924b99daacd52cc2bd99e9f002577318feaae12173eef1f9de711477943795af033eb81e9e056b6cdb6bc755fd3d383f2e10aec4f503b70a59af5bf9539cc3727c9d677ab7f9822de2d27cc02bc67bbe1b5b1986f9becc01b8195c98413f5dd60f8b4ca55c1302587f05a14a8f34e8e0ec537fbbaf09250681152380b8d4c7fafbb4725d8b02e22d7acb31e6f9fa3ce4208cb953a51442c878334c40ef6ff06e9d2ab3c51defa12ea7c570ed5f43e867572858f36d9d8f448b83c535606172b7805ed34f9d55e269a4cdfafc060cd1cf75b82368ceacf76e4b0432cfb81a6bb21186775073c1c330bee572f65c271c1340f2408f54cd43fc201ecdae49923f3e8e1a7cb286b7aee803b36587f5cf88eea8f69d76bb63377ba0cc294a857a471e59740a6dc5eb2097429953f7efc8c6f1aa10aea47e9cd71c7e740fea8fe0623e658f4c1092dc8f5e2a2318c7aa57a6d860540210d14b5f2b88235110b6bd67db1", 0x1000, 0x6, 0x0, 0x2, r9}, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x1, 0x6, r10, &(0x7f00000019c0)="3838d6c1728219d99ecb5f49b24dadb6d4b07c5f1d3478cf5677154a78f096", 0x1f, 0x1, 0x0, 0x5, r11}]) 18:23:15 executing program 3: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:23:15 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:23:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 8) 18:23:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:15 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:23:15 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000000000)) mmap$usbmon(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc, 0x8010, r0, 0x6) 18:23:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1017.599278] loop4: detected capacity change from 0 to 264192 [ 1017.617798] FAULT_INJECTION: forcing a failure. [ 1017.617798] name failslab, interval 1, probability 0, space 0, times 0 [ 1017.620135] CPU: 0 PID: 6851 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1017.621735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1017.623932] Call Trace: [ 1017.624428] [ 1017.624863] dump_stack_lvl+0x8b/0xb3 [ 1017.625615] should_fail.cold+0x5/0xa [ 1017.626357] ? xfrm_policy_alloc+0x91/0x460 [ 1017.627133] loop5: detected capacity change from 0 to 264192 [ 1017.627232] should_failslab+0x5/0x10 [ 1017.629142] kmem_cache_alloc_trace+0x55/0x3c0 [ 1017.630048] xfrm_policy_alloc+0x91/0x460 [ 1017.630891] xfrm_policy_construct+0x28/0x520 [ 1017.631793] xfrm_add_policy+0x391/0x7a0 [ 1017.632604] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.633720] ? xfrm_policy_construct+0x520/0x520 [ 1017.634689] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.635792] ? security_capable+0x95/0xc0 [ 1017.636631] ? __nla_parse+0x3e/0x50 [ 1017.637402] ? xfrm_policy_construct+0x520/0x520 [ 1017.638387] xfrm_user_rcv_msg+0x412/0x830 [ 1017.639245] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1017.640237] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1017.641348] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1017.642315] ? trace_contention_end+0xd8/0x130 [ 1017.643238] ? __mutex_lock+0x231/0x14c0 [ 1017.644056] netlink_rcv_skb+0x14b/0x430 [ 1017.644879] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1017.646119] ? netlink_ack+0xa80/0xa80 [ 1017.646973] ? lock_release+0x3b2/0x750 [ 1017.647786] ? netlink_deliver_tap+0x1b2/0xc30 [ 1017.648709] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1017.649725] xfrm_netlink_rcv+0x6b/0x90 [ 1017.650541] netlink_unicast+0x54a/0x800 [ 1017.651370] ? netlink_attachskb+0x880/0x880 [ 1017.652294] ? is_vmalloc_addr+0x7b/0xb0 [ 1017.653126] netlink_sendmsg+0x904/0xe00 [ 1017.653962] ? netlink_unicast+0x800/0x800 [ 1017.654845] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.655958] ? netlink_unicast+0x800/0x800 [ 1017.656808] sock_sendmsg+0x150/0x190 [ 1017.657580] ____sys_sendmsg+0x703/0x870 [ 1017.658408] ? kernel_sendmsg+0x50/0x50 [ 1017.659216] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1017.660150] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1017.661214] ? lock_release+0x3b2/0x750 [ 1017.662030] ___sys_sendmsg+0xf3/0x170 [ 1017.662870] ? sendmsg_copy_msghdr+0x160/0x160 [ 1017.663797] ? lock_release+0x3b2/0x750 [ 1017.664598] ? lock_downgrade+0x6d0/0x6d0 [ 1017.665438] ? lock_release+0x3b2/0x750 [ 1017.666244] ? ksys_write+0x20c/0x250 [ 1017.667030] ? lock_downgrade+0x6d0/0x6d0 [ 1017.667877] ? __fget_files+0x287/0x470 [ 1017.668711] ? __fget_light+0xea/0x270 [ 1017.669499] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1017.670638] __sys_sendmsg+0xe5/0x1b0 [ 1017.671419] ? __sys_sendmsg_sock+0x30/0x30 [ 1017.672294] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.673433] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1017.674487] do_syscall_64+0x3b/0x90 [ 1017.675252] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1017.676303] RIP: 0033:0x7f8aa55cdb19 18:23:15 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='net/sco\x00') ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) [ 1017.677045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1017.680933] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1017.682434] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1017.683854] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1017.685269] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1017.686725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1017.688146] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1017.689596] 18:23:15 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r2, &(0x7f0000000180)=[{0x4, 0x1, 0x1000}, {0x1, 0x7, 0x1000}, {0x3, 0x4, 0x800}, {0x4, 0x81, 0x800}], 0x4, &(0x7f00000001c0)) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f00000000c0)=[{0x1, 0x10, 0x1000}, {0x0, 0x81, 0x1000}, {0x4, 0x0, 0x800}, {0x4, 0x7}, {0x1, 0x692}, {0x2, 0x1, 0x1800}, {0x2, 0x3ff}, {0x6, 0x1, 0x1000}], 0x8, &(0x7f0000000140)={0x0, 0x989680}) semtimedop(r1, &(0x7f0000000000)=[{0x3, 0x1, 0x1000}, {0x2, 0x40, 0x3800}, {0x0, 0x6, 0x800}, {0x1, 0x3}, {0x4, 0x6, 0x1000}, {0x4, 0x9}], 0x6, &(0x7f0000000040)={0x77359400}) 18:23:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:15 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x8000000000000003, 0x292a01) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:23:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:15 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:23:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 9) [ 1017.880924] loop5: detected capacity change from 0 to 264192 [ 1017.891149] loop4: detected capacity change from 0 to 264192 [ 1017.951653] FAULT_INJECTION: forcing a failure. [ 1017.951653] name failslab, interval 1, probability 0, space 0, times 0 [ 1017.954131] CPU: 1 PID: 6882 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1017.955788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1017.958042] Call Trace: [ 1017.958564] [ 1017.959008] dump_stack_lvl+0x8b/0xb3 [ 1017.959785] should_fail.cold+0x5/0xa [ 1017.960555] ? create_object.isra.0+0x3a/0xa20 [ 1017.961474] should_failslab+0x5/0x10 [ 1017.962246] kmem_cache_alloc+0x5b/0x480 [ 1017.963103] create_object.isra.0+0x3a/0xa20 [ 1017.963989] ? kasan_unpoison+0x23/0x50 [ 1017.964797] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1017.965752] xfrm_policy_alloc+0x91/0x460 [ 1017.966607] xfrm_policy_construct+0x28/0x520 [ 1017.967521] xfrm_add_policy+0x391/0x7a0 [ 1017.968341] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.969457] ? xfrm_policy_construct+0x520/0x520 [ 1017.970409] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.971537] ? security_capable+0x95/0xc0 [ 1017.972383] ? __nla_parse+0x3e/0x50 [ 1017.973156] ? xfrm_policy_construct+0x520/0x520 [ 1017.974101] xfrm_user_rcv_msg+0x412/0x830 [ 1017.974956] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1017.975947] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1017.977053] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1017.978020] ? trace_contention_end+0xd8/0x130 [ 1017.978951] ? __mutex_lock+0x231/0x14c0 [ 1017.979774] netlink_rcv_skb+0x14b/0x430 [ 1017.980606] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1017.981597] ? netlink_ack+0xa80/0xa80 [ 1017.982389] ? lock_release+0x3b2/0x750 [ 1017.983215] ? netlink_deliver_tap+0x1b2/0xc30 [ 1017.984148] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1017.985169] xfrm_netlink_rcv+0x6b/0x90 [ 1017.985964] netlink_unicast+0x54a/0x800 [ 1017.986815] ? netlink_attachskb+0x880/0x880 [ 1017.987698] ? is_vmalloc_addr+0x7b/0xb0 [ 1017.988523] netlink_sendmsg+0x904/0xe00 [ 1017.989354] ? netlink_unicast+0x800/0x800 [ 1017.990220] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1017.991327] ? netlink_unicast+0x800/0x800 [ 1017.992180] sock_sendmsg+0x150/0x190 [ 1017.992949] ____sys_sendmsg+0x703/0x870 [ 1017.993766] ? kernel_sendmsg+0x50/0x50 [ 1017.994575] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1017.995493] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1017.996551] ? lock_release+0x3b2/0x750 [ 1017.997364] ___sys_sendmsg+0xf3/0x170 [ 1017.998153] ? sendmsg_copy_msghdr+0x160/0x160 [ 1017.999084] ? lock_release+0x3b2/0x750 [ 1017.999887] ? lock_downgrade+0x6d0/0x6d0 [ 1018.000721] ? lock_release+0x3b2/0x750 [ 1018.001511] ? ksys_write+0x20c/0x250 [ 1018.002269] ? lock_downgrade+0x6d0/0x6d0 [ 1018.003117] ? __fget_files+0x287/0x470 [ 1018.003935] ? __fget_light+0xea/0x270 [ 1018.004723] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1018.005831] __sys_sendmsg+0xe5/0x1b0 [ 1018.006621] ? __sys_sendmsg_sock+0x30/0x30 [ 1018.007485] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1018.008610] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1018.009639] do_syscall_64+0x3b/0x90 [ 1018.010391] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1018.011429] RIP: 0033:0x7f8aa55cdb19 [ 1018.012162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1018.015813] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1018.017313] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1018.018734] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1018.020141] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1018.021552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1018.022970] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1018.024415] 18:23:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:15 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x41) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:23:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 10) [ 1018.154169] loop4: detected capacity change from 0 to 264192 [ 1018.232102] FAULT_INJECTION: forcing a failure. [ 1018.232102] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.235044] CPU: 0 PID: 6889 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1018.236824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1018.239050] Call Trace: [ 1018.239551] [ 1018.239985] dump_stack_lvl+0x8b/0xb3 [ 1018.240745] should_fail.cold+0x5/0xa [ 1018.241491] ? lock_release+0x3b2/0x750 [ 1018.242278] ? __alloc_skb+0x211/0x340 [ 1018.243058] should_failslab+0x5/0x10 [ 1018.243807] kmem_cache_alloc_node+0x55/0x490 [ 1018.244704] __alloc_skb+0x211/0x340 [ 1018.245446] xfrm_send_policy_notify+0x4de/0x1630 [ 1018.246391] ? lockdep_hardirqs_on+0x79/0x100 [ 1018.247298] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1018.248182] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1018.249056] km_policy_notify+0xb1/0x200 [ 1018.249870] xfrm_add_policy+0x535/0x7a0 [ 1018.250673] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1018.251747] ? xfrm_policy_construct+0x520/0x520 [ 1018.252669] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1018.253750] ? __nla_parse+0x3e/0x50 [ 1018.254496] ? xfrm_policy_construct+0x520/0x520 [ 1018.255419] xfrm_user_rcv_msg+0x412/0x830 [ 1018.256246] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1018.257209] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1018.258291] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1018.259244] ? trace_contention_end+0xd8/0x130 [ 1018.260133] ? __mutex_lock+0x231/0x14c0 [ 1018.260933] netlink_rcv_skb+0x14b/0x430 [ 1018.261737] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1018.262723] ? netlink_ack+0xa80/0xa80 [ 1018.263487] ? lock_release+0x3b2/0x750 [ 1018.264277] ? netlink_deliver_tap+0x1b2/0xc30 [ 1018.265170] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1018.266154] xfrm_netlink_rcv+0x6b/0x90 [ 1018.266945] netlink_unicast+0x54a/0x800 [ 1018.267754] ? netlink_attachskb+0x880/0x880 [ 1018.268617] ? is_vmalloc_addr+0x7b/0xb0 [ 1018.269422] netlink_sendmsg+0x904/0xe00 [ 1018.270228] ? netlink_unicast+0x800/0x800 [ 1018.271079] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1018.272155] ? netlink_unicast+0x800/0x800 [ 1018.272987] sock_sendmsg+0x150/0x190 [ 1018.273736] ____sys_sendmsg+0x703/0x870 [ 1018.274552] ? kernel_sendmsg+0x50/0x50 [ 1018.275326] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1018.276220] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1018.277243] ? lock_release+0x3b2/0x750 [ 1018.278034] ___sys_sendmsg+0xf3/0x170 [ 1018.278809] ? sendmsg_copy_msghdr+0x160/0x160 [ 1018.279702] ? lock_release+0x3b2/0x750 [ 1018.280477] ? lock_downgrade+0x6d0/0x6d0 [ 1018.281288] ? lock_release+0x3b2/0x750 [ 1018.282060] ? ksys_write+0x20c/0x250 [ 1018.282989] ? lock_downgrade+0x6d0/0x6d0 [ 1018.283812] ? __fget_files+0x287/0x470 [ 1018.284611] ? __fget_light+0xea/0x270 [ 1018.285379] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1018.286462] __sys_sendmsg+0xe5/0x1b0 [ 1018.287226] ? __sys_sendmsg_sock+0x30/0x30 [ 1018.288070] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1018.289167] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1018.290172] do_syscall_64+0x3b/0x90 [ 1018.290940] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1018.291954] RIP: 0033:0x7f8aa55cdb19 [ 1018.292683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1018.296243] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1018.297710] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1018.299093] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1018.300466] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1018.301838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1018.303223] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1018.304625] [ 1032.601940] FAULT_INJECTION: forcing a failure. [ 1032.601940] name failslab, interval 1, probability 0, space 0, times 0 [ 1032.603246] CPU: 1 PID: 6903 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1032.604204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1032.605393] Call Trace: [ 1032.605773] [ 1032.606034] dump_stack_lvl+0x8b/0xb3 [ 1032.606421] should_fail.cold+0x5/0xa [ 1032.606814] ? create_object.isra.0+0x3a/0xa20 [ 1032.607466] should_failslab+0x5/0x10 [ 1032.607871] kmem_cache_alloc+0x5b/0x480 [ 1032.608279] create_object.isra.0+0x3a/0xa20 [ 1032.608739] ? kasan_unpoison+0x23/0x50 [ 1032.609346] kmem_cache_alloc_node+0x248/0x490 [ 1032.609848] __alloc_skb+0x211/0x340 [ 1032.610222] xfrm_send_policy_notify+0x4de/0x1630 [ 1032.610709] ? lockdep_hardirqs_on+0x79/0x100 [ 1032.611362] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1032.611914] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1032.612392] km_policy_notify+0xb1/0x200 [ 1032.612921] xfrm_add_policy+0x535/0x7a0 [ 1032.613449] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 18:23:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:30 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:23:30 executing program 3: unshare(0x8000000) unshare(0x40000400) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x3, 0x4) r1 = semget$private(0x0, 0x4, 0x2a2) semctl$GETNCNT(r1, 0x3, 0xe, &(0x7f0000000000)=""/36) semctl$GETPID(r0, 0x4, 0xb, &(0x7f0000000040)=""/57) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:23:30 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x73e1, 0x6e9c0) syz_open_dev$usbmon(&(0x7f0000000000), 0x7, 0x100202) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) syz_io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000400)={0x0}, &(0x7f0000000440)=0xc) perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0xd8, 0xff, 0x8, 0x1, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_config_ext={0x800, 0x6}, 0xce, 0x5, 0x98, 0x2, 0x1, 0x8, 0x101, 0x0, 0x1, 0x0, 0x9}, r4, 0xb, r1, 0x9) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r5}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000180)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x4007, @fd_index=0x2, 0x1f9, 0x0, 0x0, 0x10, 0x1}, 0x5) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r6) r7 = mq_open(&(0x7f00000000c0)='\x00', 0x800, 0x289, &(0x7f00000001c0)={0x3, 0xffff, 0x8001, 0x4}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FILES_UPDATE={0x14, 0x4, 0x0, 0x0, 0x8000000000000000, &(0x7f0000000200)=[r7], 0x1, 0x0, 0x1, {0x0, r6}}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000340)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x0, {0x0, r6}}, 0x10001) clone3(&(0x7f0000000280)={0xc800000, &(0x7f0000000040)=0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), {0x12}, &(0x7f0000000140)=""/4, 0x4, &(0x7f0000000180)=""/168, &(0x7f0000000240)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x5}, 0x58) r9 = dup2(r1, r8) ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x40082404, &(0x7f0000000300)=0x5) ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0xf75) 18:23:30 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) mmap$usbmon(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x40010, r0, 0x1000) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:23:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, 0x0, 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:30 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 11) 18:23:30 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) [ 1032.614020] ? xfrm_policy_construct+0x520/0x520 [ 1032.614908] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.615603] ? __nla_parse+0x3e/0x50 [ 1032.616114] ? xfrm_policy_construct+0x520/0x520 [ 1032.616611] xfrm_user_rcv_msg+0x412/0x830 [ 1032.617154] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1032.617688] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1032.618505] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1032.619026] ? trace_contention_end+0xd8/0x130 [ 1032.619488] ? __mutex_lock+0x231/0x14c0 [ 1032.619899] netlink_rcv_skb+0x14b/0x430 [ 1032.620357] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1032.621074] ? netlink_ack+0xa80/0xa80 [ 1032.621477] ? lock_release+0x3b2/0x750 [ 1032.621885] ? netlink_deliver_tap+0x1b2/0xc30 [ 1032.622348] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1032.622870] xfrm_netlink_rcv+0x6b/0x90 [ 1032.623271] netlink_unicast+0x54a/0x800 [ 1032.623701] ? netlink_attachskb+0x880/0x880 [ 1032.624148] ? is_vmalloc_addr+0x7b/0xb0 [ 1032.624580] netlink_sendmsg+0x904/0xe00 [ 1032.625050] ? netlink_unicast+0x800/0x800 [ 1032.625501] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.626056] ? netlink_unicast+0x800/0x800 [ 1032.626492] sock_sendmsg+0x150/0x190 [ 1032.626913] ____sys_sendmsg+0x703/0x870 [ 1032.627335] ? kernel_sendmsg+0x50/0x50 [ 1032.627748] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1032.628215] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1032.628758] ? lock_release+0x3b2/0x750 [ 1032.629170] ___sys_sendmsg+0xf3/0x170 [ 1032.629569] ? sendmsg_copy_msghdr+0x160/0x160 [ 1032.630043] ? lock_release+0x3b2/0x750 [ 1032.630465] ? lock_downgrade+0x6d0/0x6d0 [ 1032.630906] ? lock_release+0x3b2/0x750 [ 1032.631431] ? ksys_write+0x20c/0x250 [ 1032.631830] ? lock_downgrade+0x6d0/0x6d0 [ 1032.632268] ? __fget_files+0x287/0x470 [ 1032.632696] ? __fget_light+0xea/0x270 [ 1032.633107] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1032.633686] __sys_sendmsg+0xe5/0x1b0 [ 1032.634088] ? __sys_sendmsg_sock+0x30/0x30 [ 1032.634539] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.635148] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1032.635670] do_syscall_64+0x3b/0x90 [ 1032.636060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1032.636592] RIP: 0033:0x7f8aa55cdb19 [ 1032.636967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1032.638828] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1032.639592] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1032.640318] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1032.641040] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1032.641763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1032.642492] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1032.643230] [ 1032.650224] loop5: detected capacity change from 0 to 264192 [ 1032.685198] loop4: detected capacity change from 0 to 264192 18:23:30 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './file0\x00'}) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:23:30 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 12) 18:23:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, 0x0, 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:30 executing program 6: sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x10) lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='trusted.overlay.nlink\x00', &(0x7f0000000140)=""/228, 0xe4) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x8) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x200) [ 1032.872825] loop4: detected capacity change from 0 to 264192 18:23:30 executing program 3: unshare(0x8000880) unshare(0x400) unshare(0x40000) unshare(0x40000) r0 = semget$private(0x0, 0x4, 0xc1) unshare(0x8010100) semtimedop(r0, &(0x7f0000000000)=[{0x2, 0x7ff, 0x800}, {0x0, 0x1, 0x800}, {0x4, 0x3f, 0x800}, {0x1, 0x40, 0x1800}, {0x1, 0x2000, 0x1800}], 0x5, 0x0) [ 1032.897665] FAULT_INJECTION: forcing a failure. [ 1032.897665] name failslab, interval 1, probability 0, space 0, times 0 [ 1032.898875] CPU: 1 PID: 6928 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1032.900013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1032.901170] Call Trace: [ 1032.901567] [ 1032.901871] dump_stack_lvl+0x8b/0xb3 [ 1032.902256] should_fail.cold+0x5/0xa [ 1032.902706] ? lock_is_held_type+0xd7/0x130 [ 1032.903310] should_failslab+0x5/0x10 [ 1032.903690] __kmalloc_node_track_caller+0x7e/0x440 [ 1032.904183] ? xfrm_send_policy_notify+0x4de/0x1630 [ 1032.904678] __alloc_skb+0xe3/0x340 [ 1032.905074] xfrm_send_policy_notify+0x4de/0x1630 [ 1032.905570] ? lockdep_hardirqs_on+0x79/0x100 [ 1032.906038] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1032.906511] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1032.907003] km_policy_notify+0xb1/0x200 [ 1032.907434] xfrm_add_policy+0x535/0x7a0 [ 1032.907857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.908434] ? xfrm_policy_construct+0x520/0x520 [ 1032.908929] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.909508] ? __nla_parse+0x3e/0x50 [ 1032.909920] ? xfrm_policy_construct+0x520/0x520 [ 1032.910412] xfrm_user_rcv_msg+0x412/0x830 [ 1032.910868] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1032.911382] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1032.911966] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1032.912467] ? trace_contention_end+0xd8/0x130 [ 1032.912940] ? __mutex_lock+0x231/0x14c0 [ 1032.913366] netlink_rcv_skb+0x14b/0x430 [ 1032.913794] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1032.914316] ? netlink_ack+0xa80/0xa80 [ 1032.914827] ? lock_release+0x3b2/0x750 [ 1032.915396] ? netlink_deliver_tap+0x1b2/0xc30 [ 1032.915879] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1032.916405] xfrm_netlink_rcv+0x6b/0x90 [ 1032.916821] netlink_unicast+0x54a/0x800 [ 1032.917254] ? netlink_attachskb+0x880/0x880 [ 1032.917717] ? is_vmalloc_addr+0x7b/0xb0 [ 1032.918192] netlink_sendmsg+0x904/0xe00 [ 1032.918791] ? netlink_unicast+0x800/0x800 [ 1032.919272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.919837] ? netlink_unicast+0x800/0x800 [ 1032.920396] sock_sendmsg+0x150/0x190 [ 1032.920915] ____sys_sendmsg+0x703/0x870 [ 1032.921343] ? kernel_sendmsg+0x50/0x50 [ 1032.921872] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1032.922414] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1032.922970] ? lock_release+0x3b2/0x750 [ 1032.923431] ___sys_sendmsg+0xf3/0x170 [ 1032.924009] ? sendmsg_copy_msghdr+0x160/0x160 [ 1032.924505] ? lock_release+0x3b2/0x750 [ 1032.924982] ? lock_downgrade+0x6d0/0x6d0 [ 1032.925544] ? lock_release+0x3b2/0x750 [ 1032.925961] ? ksys_write+0x20c/0x250 [ 1032.926346] ? lock_downgrade+0x6d0/0x6d0 [ 1032.926846] ? __fget_files+0x287/0x470 [ 1032.927447] ? __fget_light+0xea/0x270 [ 1032.927884] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1032.928468] __sys_sendmsg+0xe5/0x1b0 [ 1032.928907] ? __sys_sendmsg_sock+0x30/0x30 [ 1032.929537] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1032.930153] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1032.930753] do_syscall_64+0x3b/0x90 [ 1032.931248] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1032.931796] RIP: 0033:0x7f8aa55cdb19 [ 1032.932179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1032.934218] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1032.935065] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1032.935909] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1032.936646] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1032.937546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1032.938281] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1032.939222] 18:23:30 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x200c00, 0x0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) r2 = dup(0xffffffffffffffff) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x767db) 18:23:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, 0x0, 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:23:30 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 13) [ 1033.077475] FAULT_INJECTION: forcing a failure. [ 1033.077475] name failslab, interval 1, probability 0, space 0, times 0 [ 1033.078724] CPU: 0 PID: 6940 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1033.079582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1033.080751] Call Trace: [ 1033.081023] [ 1033.081253] dump_stack_lvl+0x8b/0xb3 [ 1033.081677] should_fail.cold+0x5/0xa [ 1033.082076] ? lock_release+0x3b2/0x750 [ 1033.082520] ? create_object.isra.0+0x3a/0xa20 [ 1033.083015] should_failslab+0x5/0x10 [ 1033.083437] kmem_cache_alloc+0x5b/0x480 [ 1033.083875] create_object.isra.0+0x3a/0xa20 [ 1033.084358] ? kasan_unpoison+0x23/0x50 [ 1033.084777] __kmalloc_node_track_caller+0x269/0x440 [ 1033.085351] ? xfrm_send_policy_notify+0x4de/0x1630 [ 1033.085878] __alloc_skb+0xe3/0x340 [ 1033.086278] xfrm_send_policy_notify+0x4de/0x1630 [ 1033.086800] ? lockdep_hardirqs_on+0x79/0x100 [ 1033.087285] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1033.087762] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1033.088230] km_policy_notify+0xb1/0x200 [ 1033.088667] xfrm_add_policy+0x535/0x7a0 [ 1033.089088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1033.089682] ? xfrm_policy_construct+0x520/0x520 [ 1033.090180] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1033.090768] ? __nla_parse+0x3e/0x50 [ 1033.091175] ? xfrm_policy_construct+0x520/0x520 [ 1033.091670] xfrm_user_rcv_msg+0x412/0x830 [ 1033.092110] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1033.092634] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1033.093215] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1033.093726] ? trace_contention_end+0xd8/0x130 [ 1033.094198] ? __mutex_lock+0x231/0x14c0 [ 1033.094633] netlink_rcv_skb+0x14b/0x430 [ 1033.095080] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1033.095609] ? netlink_ack+0xa80/0xa80 [ 1033.096016] ? lock_release+0x3b2/0x750 [ 1033.096440] ? netlink_deliver_tap+0x1b2/0xc30 [ 1033.096916] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1033.097448] xfrm_netlink_rcv+0x6b/0x90 [ 1033.097864] netlink_unicast+0x54a/0x800 [ 1033.098293] ? netlink_attachskb+0x880/0x880 [ 1033.098771] ? is_vmalloc_addr+0x7b/0xb0 [ 1033.099209] netlink_sendmsg+0x904/0xe00 [ 1033.099646] ? netlink_unicast+0x800/0x800 [ 1033.100094] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1033.100670] ? netlink_unicast+0x800/0x800 [ 1033.101112] sock_sendmsg+0x150/0x190 [ 1033.101507] ____sys_sendmsg+0x703/0x870 [ 1033.101928] ? kernel_sendmsg+0x50/0x50 [ 1033.102338] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1033.102836] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1033.103389] ? lock_release+0x3b2/0x750 [ 1033.103810] ___sys_sendmsg+0xf3/0x170 [ 1033.104224] ? sendmsg_copy_msghdr+0x160/0x160 [ 1033.104704] ? lock_release+0x3b2/0x750 [ 1033.105120] ? lock_downgrade+0x6d0/0x6d0 [ 1033.105562] ? lock_release+0x3b2/0x750 [ 1033.105978] ? ksys_write+0x20c/0x250 [ 1033.106375] ? lock_downgrade+0x6d0/0x6d0 [ 1033.106831] ? __fget_files+0x287/0x470 [ 1033.107263] ? __fget_light+0xea/0x270 [ 1033.107678] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1033.108260] __sys_sendmsg+0xe5/0x1b0 [ 1033.108664] ? __sys_sendmsg_sock+0x30/0x30 [ 1033.109119] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1033.109706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1033.110241] do_syscall_64+0x3b/0x90 [ 1033.110643] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1033.111194] RIP: 0033:0x7f8aa55cdb19 [ 1033.111580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1033.113475] RSP: 002b:00007f8aa2b43188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1033.114253] RAX: ffffffffffffffda RBX: 00007f8aa56e0f60 RCX: 00007f8aa55cdb19 [ 1033.115014] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1033.115755] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1033.116489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1033.117220] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1033.117965] [ 1033.194972] loop4: detected capacity change from 0 to 264192 18:23:43 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) semget(0x0, 0x3, 0x200) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:23:43 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 14) 18:23:43 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3, 0x6e}) ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000080), 0x0, 0x7ffe}) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$MON_IOCQ_URB_LEN(r1, 0x9201) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, 0x0) [ 1045.800157] loop4: detected capacity change from 0 to 264192 18:23:43 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x3, 0x1) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f0000000000)=""/213) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:23:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) 18:23:43 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000000)={0x0, 0x0}) 18:23:43 executing program 2: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:23:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1045.811517] loop5: detected capacity change from 0 to 264192 18:23:43 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x1, 0x7fffffff, 0x400}) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/131, 0x83}, {&(0x7f0000000180)=""/13, 0xd}], 0x2, 0xffff5d08, 0xe5af) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000340)={0x0, 0x2, r0, 0x101}) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/zoneinfo\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) pipe2$9p(&(0x7f00000003c0)={0xffffffffffffffff}, 0x4000) dup2(r3, r4) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r2, 0xc05c5340, &(0x7f00000002c0)={0xfc0, 0xb1, 0x9, {0x200, 0x625395b5}, 0x1, 0x8000}) r5 = signalfd4(r1, &(0x7f0000000080)={[0x200]}, 0x8, 0x800) setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f00000000c0)=0x5, 0x4) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:23:43 executing program 6: rt_sigtimedwait(&(0x7f0000000000)={[0x5]}, &(0x7f0000000040), &(0x7f00000000c0)={0x0, 0x989680}, 0x8) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000180)={&(0x7f0000000140)=[0x0], 0x1, 0x9}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) [ 1045.861744] FAULT_INJECTION: forcing a failure. [ 1045.861744] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1045.863236] CPU: 1 PID: 6963 Comm: syz-executor.7 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1045.864032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1045.865120] Call Trace: [ 1045.865377] [ 1045.865596] dump_stack_lvl+0x8b/0xb3 [ 1045.865977] should_fail.cold+0x5/0xa [ 1045.866359] _copy_to_user+0x2a/0x140 [ 1045.866742] simple_read_from_buffer+0xcc/0x160 [ 1045.867214] proc_fail_nth_read+0x194/0x220 [ 1045.867644] ? proc_exe_link+0x1d0/0x1d0 [ 1045.868048] ? security_file_permission+0xb1/0xd0 [ 1045.868524] ? proc_exe_link+0x1d0/0x1d0 [ 1045.868925] vfs_read+0x1ea/0x5d0 [ 1045.869272] ksys_read+0x127/0x250 [ 1045.869626] ? __ia32_sys_pwrite64+0x220/0x220 [ 1045.870074] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1045.870578] do_syscall_64+0x3b/0x90 [ 1045.870965] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1045.871492] RIP: 0033:0x7f8aa558069c [ 1045.871880] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1045.873712] RSP: 002b:00007f8aa2b43170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1045.874495] RAX: ffffffffffffffda RBX: 00000000000000b8 RCX: 00007f8aa558069c [ 1045.875238] RDX: 000000000000000f RSI: 00007f8aa2b431e0 RDI: 0000000000000004 [ 1045.875934] RBP: 00007f8aa2b431d0 R08: 0000000000000000 R09: 0000000000000000 [ 1045.876649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1045.877337] R13: 00007ffc9a8091cf R14: 00007f8aa2b43300 R15: 0000000000022000 [ 1045.878065] 18:23:43 executing program 2: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:23:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) [ 1045.957802] loop4: detected capacity change from 0 to 264192 18:23:43 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000000), &(0x7f0000000180)=""/152, 0x98}) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) 18:23:43 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x2, 0x100) semget$private(0x0, 0x1, 0x0) r0 = semget$private(0x0, 0x4, 0x0) r1 = semget$private(0x0, 0x2, 0x348) semtimedop(r1, &(0x7f0000000080), 0x0, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000000), 0x0, 0x0) r2 = semget$private(0x0, 0x6d4dc3f8f334d223, 0x2) semctl$GETPID(r2, 0x1, 0xb, &(0x7f0000000100)=""/4096) unshare(0x44020000) r3 = semget(0x2, 0x3, 0x2c4) semtimedop(r3, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}, {0x0, 0x1ac, 0x1800}, {0xab5ba9711e2f69f3, 0x4}, {0x3, 0xffff, 0x800}], 0x4, &(0x7f00000000c0)={0x0, 0x989680}) 18:23:43 executing program 2: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}, {&(0x7f0000000240)=""/13, 0xd}], 0x4, 0x0, 0x7f) 18:23:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) 18:24:01 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:24:01 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:24:01 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, 0x0, 0x0, 0x0, 0x7f) 18:24:01 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xffff, 0x80) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) fcntl$notify(r2, 0x402, 0x15) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:24:01 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:24:01 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/95) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:24:01 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef) 18:24:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1063.503068] loop5: detected capacity change from 0 to 264192 [ 1063.514117] loop4: detected capacity change from 0 to 264192 18:24:01 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, 0x0, 0x0, 0x0, 0x7f) 18:24:15 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:24:15 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x4, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:24:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:24:15 executing program 3: ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000000)=0x3a0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000080)={0x2, 0x3, 0x100, 0x9}) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:24:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1077.309391] loop5: detected capacity change from 0 to 264192 18:24:15 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) mmap$usbmon(&(0x7f0000ff8000/0x5000)=nil, 0x5000, 0x100000b, 0x4000110, r0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:24:15 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, 0x0, 0x0, 0x0, 0x7f) 18:24:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef) [ 1077.343743] loop4: detected capacity change from 0 to 264192 18:24:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, 0x0, 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:24:15 executing program 0: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x801) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r0, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0, 0xfffffffffffffed4}) 18:24:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:24:15 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000140)=""/216, 0xd8}], 0x3, 0x0, 0x7f) 18:24:15 executing program 3: unshare(0x8000000) unshare(0xa040000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:24:15 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r0, &(0x7f0000000440)=""/57, 0x39) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) fsetxattr$trusted_overlay_origin(r1, &(0x7f0000001800), &(0x7f0000001840), 0x2, 0x3) getdents(r1, &(0x7f0000000440)=""/57, 0x39) r2 = openat$incfs(r1, &(0x7f0000000000)='.pending_reads\x00', 0x10101, 0x0) recvmmsg$unix(r2, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/237, 0xed}, {&(0x7f00000001c0)=""/26, 0x1a}, {&(0x7f0000000200)=""/102, 0x66}], 0x3, &(0x7f00000002c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000480)=""/252, 0xfc}, {&(0x7f0000000580)=""/207, 0xcf}], 0x2, &(0x7f0000005c40)=ANY=[@ANYBLOB="14000000000000000100000001000000c0dd715d0db4694e0e1a12d02efa4325b004ec06daa424e77f9000d6fe6077fab8ac44b0c44a74f22af7240fb20c990471e6a4b381bde2b2874de35a7ded8b8765f831af765f0e927e8f5162b589fc32bf581e6abd5b52aa9a6b6a42781a8d4eba9d8d7676bd908f68be1d2c4153b0788de1f02ca85a2c4421c40e90e161056747e9effa460cedbde90f0f4e09a5517ac6b20ea15f479913db2247facd8c7073f88980461cb69a43f274ee8e2fa1dae4be236a9287415f2438c1de8a3e2eb348aea76d01786e401ae536169e5db4372764844b8420e081d522ea730c9b7c2bd33bebacd66345d52e77a8021591015b11159639113716dfee18c9f9dd", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}, {{&(0x7f0000000680), 0x6e, &(0x7f0000001c40)=[{&(0x7f0000000700)=""/209, 0xd1}, {&(0x7f0000000800)=""/4096, 0x1000}, {&(0x7f0000005b40)=""/236, 0xec}, {&(0x7f00000063c0)=""/241, 0xf1}, {&(0x7f0000001a00)=""/98, 0x62}, {&(0x7f0000001a80)=""/141, 0x8d}, {&(0x7f0000001b40)=""/187, 0xbb}], 0x7, &(0x7f0000001cc0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}, {{0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000001d80)=""/65, 0x41}, {&(0x7f0000000400)=""/63, 0x3f}, {&(0x7f0000001e40)=""/4096, 0x1000}, {&(0x7f0000002e40)=""/195, 0xc3}], 0x4, &(0x7f0000002f80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x78}}, {{&(0x7f0000003000), 0x6e, &(0x7f00000044c0)=[{&(0x7f0000003080)=""/155, 0x9b}, {&(0x7f0000003140)=""/155, 0x9b}, {&(0x7f0000003200)=""/123, 0x7b}, {&(0x7f0000003280)=""/239, 0xef}, {&(0x7f0000003380)=""/19, 0x13}, {&(0x7f00000033c0)=""/252, 0xfc}, {&(0x7f00000034c0)=""/4096, 0x1000}], 0x7}}, {{&(0x7f0000004540), 0x6e, &(0x7f0000005940)=[{&(0x7f00000045c0)=""/121, 0x79}, {&(0x7f0000004640)=""/99, 0x63}, {&(0x7f00000046c0)=""/4082, 0xff2}, {&(0x7f00000056c0)=""/63, 0x3f}, {&(0x7f0000005700)=""/43, 0x2b}, {&(0x7f0000005740)=""/215, 0xd7}, {&(0x7f0000000040)=""/16, 0x10}, {&(0x7f0000005880)=""/31, 0x1f}, {&(0x7f00000058c0)=""/66, 0x42}], 0x9, &(0x7f0000005a00)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xc0}}, {{&(0x7f0000005ac0), 0x6e, &(0x7f0000005dc0)}}, {{&(0x7f0000005e00)=@abs, 0x6e, &(0x7f0000006080)=[{&(0x7f0000005e80)=""/238, 0xee}, {&(0x7f0000001900)=""/215, 0xd7}], 0x2, &(0x7f00000060c0)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000010000008228b8f7", @ANYRES32, @ANYRES32], 0x80}}], 0x8, 0x100, &(0x7f0000006340)={0x0, 0x3938700}) ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f0000006380)={0x0, 0x0, 0x32}) [ 1077.447795] loop5: detected capacity change from 0 to 264192 18:24:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef) 18:24:30 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000), &(0x7f0000000040)=""/26, 0x1a}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:24:30 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) [ 1093.153693] loop4: detected capacity change from 0 to 264192 18:24:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:24:30 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {r1}}, './file0\x00'}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) 18:24:30 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:24:30 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0xfff, 0x3000}, {0x2, 0x1, 0x800}, {0x3, 0x3f, 0x1000}, {0x2, 0x5}, {0x0, 0xc8, 0x800}, {0xc, 0xd59b, 0x800}, {0x2, 0x9}, {0x3, 0x3b8b, 0x800}, {0x1, 0x7, 0x800}, {0x2, 0x9}], 0xa, &(0x7f0000000040)={0x77359400}) 18:24:30 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1093.186030] loop5: detected capacity change from 0 to 264192 18:24:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0x0) [ 1093.253320] loop4: detected capacity change from 0 to 264192 18:24:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:24:31 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget(0x2, 0x0, 0x208) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0xc}], 0x4e, 0x0) 18:24:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:24:31 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}], 0x1, 0x0, 0x7f) 18:24:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0x0) 18:24:31 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x3, 0x410c00) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) syz_open_dev$usbmon(&(0x7f0000000000), 0x7f, 0x208002) 18:24:31 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x40200, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000000040)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000140)=""/224, 0xe0}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000013000000", @ANYRES32=r1, @ANYBLOB="ff760000000000002a8896e21fecd02867f4f5302e7fe0e1d7e4273ffec612"]) fgetxattr(r3, &(0x7f0000000240)=@known='trusted.overlay.nlink\x00', &(0x7f0000000280)=""/4096, 0x1000) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r4, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205) [ 1093.356833] loop4: detected capacity change from 0 to 264192 [ 1093.365057] loop5: detected capacity change from 0 to 264192 18:24:31 executing program 6: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) signalfd(r0, &(0x7f0000000000)={[0x400]}, 0x8) r1 = epoll_create1(0x0) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) r3 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x7, 0xc00) ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) 18:24:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0x0) 18:24:45 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:24:45 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r1 = semget(0x1, 0x3, 0x80) semctl$SETVAL(r1, 0x4, 0x10, &(0x7f00000000c0)=0x3) 18:24:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x8, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:24:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:24:45 executing program 0: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) 18:24:45 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0x7f) 18:24:45 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:24:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) [ 1107.301851] loop4: detected capacity change from 0 to 264192 18:24:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1107.359174] loop5: detected capacity change from 0 to 264192 18:24:45 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0x7f) 18:24:45 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x85a7f01, 0x80000000}}, './file0\x00'}) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:24:45 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) [ 1125.902448] loop5: detected capacity change from 0 to 264192 18:25:03 executing program 4: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:03 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x2, 0xd4, 0x800}, {0x4, 0x4ffc}], 0x2, 0x0) 18:25:03 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:03 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0x7f) 18:25:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:03 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:03 executing program 0: ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r0 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x40, 0x14}, 0x18) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) r1 = signalfd(r0, &(0x7f0000000080)={[0xd5]}, 0x8) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x1, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r3, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x88, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0xf759, 0x11}}}}, [@NL80211_ATTR_IE={0x4e, 0x2a, [@ht={0x2d, 0x1a, {0x406, 0x0, 0x1, 0x0, {0x10000, 0x7, 0x0, 0x6, 0x0, 0x1, 0x0, 0x3}, 0x1, 0xffffffff, 0x7}}, @ssid={0x0, 0x6, @default_ibss_ssid}, @tim={0x5, 0x24, {0x2, 0xfc, 0xa4, "da88cc3034f5a54b5ee6a65179bf90ae4b9863201cd26aeb4f386523324dee423e"}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x39}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x47}]}, 0x88}, 0x1, 0x0, 0x0, 0x40801}, 0x24000000) r5 = dup2(0xffffffffffffffff, r2) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000340)={{0x1, 0x1, 0x18, r2, {0x3f8}}, './file0\x00'}) ioctl$MON_IOCQ_RING_SIZE(r5, 0x9205) r7 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r7, 0x660c) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) r8 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) fcntl$dupfd(r8, 0x605, r3) 18:25:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:03 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="01010000080000002ebdd9d8d4566e8bf1853000"]) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r2, 0xf50f, 0x0) r3 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) clone3(&(0x7f0000000fc0)={0x18820900, &(0x7f0000000dc0), &(0x7f0000000e00), &(0x7f0000000e40)=0x0, {0x2f}, &(0x7f0000000e80)=""/173, 0xad, &(0x7f0000000f40), &(0x7f0000000f80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x7}, 0x58) lstat(&(0x7f0000001040)='./file0/file0\x00', &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000001100), &(0x7f0000001140)=0x0, &(0x7f0000001180)) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000001c0)="6acfc1fe115f2b19f2b550f0a711f5200481bbdbe36fdb6e0d60685d27e207d8924b71a1ea4a189255d5fc8c4252", 0x2e}, {&(0x7f0000000200)="d62069456450f4fe31b925c73fdc5abba5e25987c896a55103c2526efc0fb47250ae38a1a3ec2286b5b7a727237cf255ad61846682b8fc0547e109e0d27c4e41bc2618ff4e27f188219aac9dfc3092129cbb86036342bec10b8ec1f9169a660ea235104b0a4994c8945e3ac9f4cd9637f2867ac789e604a3b7df4291ecca631d7f7d318d48e3455dd0990e50fee71dfaf638fc4d0fcd058b3e9cdcee1d79169d753af6f926fae6976a173a9eee2f82df7ae3e6", 0xb3}, {&(0x7f00000002c0)="d6c1db44d7f486395cd1a652039169648f52b831a699c12211b9e6250e66e7d77e8dcb8e86ae78b8215ad91543de3e56fcaf", 0x32}, {&(0x7f0000000300)="d66c6e9e02f712f71b7e59f11c282b747fda04f8a6cf9f925d699932c2d8b8b485398066fb73c1cf1e39cd40bbc3d59e31f42fa2a33174882177b8e8e9327f2b8e3ae28f4e12b552d51df278b8f8ba6e98d604eb16aadd6f566c1aca062561adf739280114c5fc86ae454d0e4c7768995ca0b01aa9bc5b01eaa19d69e96af6bb68fb0ab557aab0f18b98971724e58462e6235899d6f0e4f617050abcf0406579ee5e564b2616a87888cfc83aaf5a78d81a6acf1ac53eb5a44a0cc0999f8b950b38bea645fce016bc44a7e41d8d177485005d0767724a8f6619e1cc4843c01e", 0xdf}], 0x4, &(0x7f00000004c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r2]}}, @rights={{0x24, 0x1, 0x1, [r0, r2, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60, 0x40}}, {{&(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000700)=[{&(0x7f00000005c0)="8194ee5ffb6286035de8503af01355897cf1cc7d9f5450e127a22595aa85bb8ea0285c29f117b7f63fb7394fc53cf32628cbac53a7a63140321010e45a14afeca6df72487e291dd76b3c17", 0x4b}, {&(0x7f0000000640)="8fdb112fbab4fcc19a11b84eca5f4d91b1a99e017f7258793fa2e399ef9a38eb710c657389e324963e173160385b090e75df06b27f17ceb44673e5fc37e055d3945b4f566db968eb12faddc3b38988c2898f27ebf5d94b85d1fd14f8018c1b08b878fe574db549c672d71a16809a65e8286fc5", 0x73}, {&(0x7f00000006c0)="530c4b6cc909350989f306e98017ea1d8da39a3ca998f0d000902354ec8e9c28cb9f49b2", 0x24}], 0x3, 0x0, 0x0, 0x40004}}, {{&(0x7f0000000740)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f00000008c0)=[{&(0x7f00000007c0)="9146bf9360f9f67b71866df0fff74fc7c5c77dc58399b834935660a8c49b22c242a7292af801ee1fb2714d010480739746a7b3e86631cfa27f39249cda9672812adad34e6be6ff6cd5a84327fbb39920ff8cc4c087963b5c81f43f6d632c23b0189cb0a66f854fa05900b98c87b3d41c5ca88fb1cb60380ee7ae6961afc83bbbfd835a3ca966000e65acf3b1430b202c37aea7dbbad92cba2aec584cb99eff0498da92c895c1d52f611da609e995066b310943a9150979c26b51595b07b39796667858c9c570f982e883c262d506c2e315c3d18fac41c392f0dabd9d9cda2b119d22", 0xe2}], 0x1, &(0x7f0000000bc0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58, 0xc0d4}}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000c40)="5cc68ecd20bffa619ea364684bc9c8a234050f5f79604de52d29f8bdc6a2f902d506b4b759fc9eeeee40c932f6969e4d529ebf1f176e6640e6112448f35d251732c8050933bb3fa77bc5e43b274c6378387dd246230b771766644126", 0x5c}, {&(0x7f0000000cc0)="0260a8de28285cde13d8ddda22906ff0ef577edf455a3de58d995e6cc8e449fd9bd3fa713b8a36f2547aafeb588a73d74b9ea1eda655ad890b57cd51d7a1e943def8e7d783aaec927bb57355035adfd1a378fcf11a020c0d628237804fc11e4532e1bb2fcde28e95b86634d27f527a88ab474d7b9e5ce0e6ad709d07944c4eb573fe3f610e4e1ab28ccf0d97d09a176c9b75b2ff8d0e3bbc0ce36c2f3f66ccb62866d7a4b0f1a06fd46896d5d931de274cce50c061f365ac6866e51ff97f35", 0xbf}], 0x2, &(0x7f00000011c0)=[@rights={{0x18, 0x1, 0x1, [r2, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r2, r2, r2, r0, 0xffffffffffffffff, r3, r0]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r5, r6}}}], 0x88, 0x8000}}], 0x4, 0x4040010) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0xab2c1) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r7, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r8 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_DEFRAG_RANGE(r8, 0x40309410, &(0x7f0000000180)={0x9, 0x8, 0x2, 0x7fff, 0x2, [0x6, 0x800, 0x2, 0x800]}) r9 = signalfd(r1, &(0x7f0000000040)={[0x50]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000010027813ca558e9cf9f000018000000", @ANYRES32=r9, @ANYBLOB="7f0a0000000000002e2f66696c65302f66696c653000"]) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:25:03 executing program 6: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:03 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x7f) [ 1126.027402] loop5: detected capacity change from 0 to 264192 18:25:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:18 executing program 6: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:18 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x7f) 18:25:18 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) unshare(0x10000) 18:25:18 executing program 4: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x147, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:18 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000000), &(0x7f0000000180)=""/162, 0xffffffa2}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_SET_FEATURES(r2, 0x40309439, &(0x7f0000000040)={0x3, 0x0, 0xc}) 18:25:18 executing program 1: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:18 executing program 6: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) [ 1140.400669] loop5: detected capacity change from 0 to 264192 18:25:18 executing program 6: r0 = syz_open_dev$usbmon(0x0, 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1140.458914] loop5: detected capacity change from 0 to 264192 18:25:18 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) unshare(0x30000000) semtimedop(r0, &(0x7f0000000000)=[{0x2, 0xffff, 0x1800}, {0x0, 0x1774}, {0x1, 0x2}, {0x1, 0xc6, 0x800}, {0x3, 0x8, 0x1800}, {0x4, 0x30b9, 0x800}, {0x1, 0x101}, {0x0, 0x2, 0x1000}], 0x8, &(0x7f0000000080)={r1, r2+60000000}) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:25:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:18 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x7f) 18:25:18 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0xea, 0x72100) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) close(r0) 18:25:18 executing program 6: r0 = syz_open_dev$usbmon(0x0, 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) [ 1140.633063] loop5: detected capacity change from 0 to 264192 18:25:31 executing program 1: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:31 executing program 4: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETZCNT(r0, 0x2, 0xf, &(0x7f0000000000)=""/77) 18:25:31 executing program 6: r0 = syz_open_dev$usbmon(0x0, 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:31 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000040)=[{0x4}, {0x0, 0x9}, {0x4, 0x2, 0x1000}, {0x1, 0x1000, 0x800}, {0x2, 0x7f68, 0x1000}, {0x3, 0x2, 0x1000}, {0x4, 0xff00, 0x1400}, {0x1, 0x6}, {0x0, 0x1c, 0x1000}, {0x4, 0x8, 0x800}, {0x4, 0x5, 0x1800}], 0xb, 0x0) 18:25:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x900, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:31 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x2) r1 = signalfd4(r0, &(0x7f0000000140)={[0x401]}, 0x8, 0x80000) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000180)={0x7, 0xffffffff, 0x2, 0xfffffffc, 0x100}) r2 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x1010, r2, 0x3) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r3, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$DVD_READ_STRUCT(r3, 0x5390, &(0x7f0000000300)=@physical={0x0, 0x0, [{0xa, 0x3, 0xa, 0x3, 0x2, 0x1, 0x1, 0xb, 0x8, 0x0, 0x2, 0xf6, 0x3f62}, {0x9, 0xc, 0x7, 0x4, 0x1, 0x0, 0x2, 0x4, 0x9, 0x1, 0x8, 0x6, 0x400}, {0x5, 0x7, 0x6, 0x1, 0x5, 0x1, 0x2, 0xa, 0x2, 0x0, 0x1, 0x7, 0x1000}, {0x5, 0x6, 0x2, 0xe, 0x9, 0x1, 0x2, 0x4, 0x6, 0x0, 0xffffffff, 0x169, 0x5}]}) ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000000), &(0x7f0000000040)=""/77, 0x4d}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r4, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCX_GETX(r4, 0x4018920a, &(0x7f00000002c0)={&(0x7f00000001c0), &(0x7f0000000200)=""/145, 0x91}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCQ_RING_SIZE(r3, 0x9205) 18:25:31 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}], 0x1, 0x0, 0x0) 18:25:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:31 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:31 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0xfffffffffffdfffe, 0x680183) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) close(r1) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000000)) [ 1153.935051] loop5: detected capacity change from 0 to 264192 18:25:31 executing program 1: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf00, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:31 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) unshare(0x44000000) unshare(0x0) semget$private(0x0, 0x4, 0x20f) r0 = semget(0x2, 0x0, 0x600) semctl$GETPID(r0, 0x3, 0xb, &(0x7f0000000000)=""/180) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9, 0x1800}], 0x2, 0x0) semget$private(0x0, 0x3, 0x240) unshare(0x80) unshare(0x40000800) unshare(0x10040080) 18:25:31 executing program 1: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) [ 1154.059044] loop5: detected capacity change from 0 to 264192 18:25:31 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) mmap$usbmon(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x810, r0, 0xf7) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) syz_io_uring_setup(0x1ac3, &(0x7f0000000080)={0x0, 0x57f9, 0x1, 0x3, 0x1c3, 0x0, r1}, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000000140), &(0x7f0000000180)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x2}}, './file1\x00'}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r3, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000240)='\x00', 0x0, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x4}}, './file1\x00'}) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r5, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r5, 0xc0109207, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x5}) r6 = syz_open_dev$vcsn(&(0x7f00000001c0), 0x3, 0x12040) r7 = socket$nl_audit(0x10, 0x3, 0x9) poll(&(0x7f0000000200)=[{r6, 0x21}, {r7, 0x6000}], 0x2, 0x1000000) ioctl$MON_IOCH_MFLUSH(r4, 0x9208, 0x2) 18:25:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:47 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:25:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:47 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:25:47 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x4, 0x38d100) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="81000400a7ef8e07ef8d3aa5f4ab9d94143fd92e356664bc4065b632c1c9acc27f142b5efcb58780cc08fefadffdef60e374adf4145d96ff0491e65f2bee2f74406a46746b256432ced166218df3b89e5c3fad1c56c8a2b897380f35e7c965502e38581560c04e989dd26c515a6910f79a4ab43113fc3409bc679ed3c3afb90826fc64ce9ed71cc5a9323164523114a2ae873eb4abb6"]) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) 18:25:47 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:25:47 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x234e, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:47 executing program 3: unshare(0x8000000) semget$private(0x0, 0x3, 0x16c) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r0 = semget(0x3, 0x0, 0x400) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/74) semctl$IPC_STAT(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000140)=""/170) 18:25:48 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) r4 = semget$private(0x0, 0x4, 0x14) semctl$IPC_RMID(r4, 0x0, 0x0) [ 1170.310392] loop5: detected capacity change from 0 to 264192 18:25:48 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = eventfd2(0x8, 0x800) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f0000000000)=0x2) 18:25:48 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) unshare(0x10000) unshare(0xa4010580) unshare(0x400) unshare(0x20000100) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) semctl$IPC_RMID(r0, 0x0, 0x0) unshare(0x6000000) unshare(0x800) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x4}, {0x4, 0x6, 0x1800}, {0x2}, {0x2, 0xffe8, 0x1000}, {0x4, 0x3, 0x4c1f27471e17cd90}], 0x5, &(0x7f0000000040)) unshare(0x300) 18:25:48 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4701, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:25:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:25:48 executing program 0: r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x101, 0x100) ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f0000000040)=0x200) r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x3f3c85) socket$nl_route(0x10, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x6}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) [ 1170.468792] loop5: detected capacity change from 0 to 264192 18:25:48 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4e23, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:03 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x1000000004, 0x742082) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) r3 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0), r1) sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x88, r3, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e21}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_PEER_V4={0x8, 0x8, @private=0xa010101}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0x64010100}, @FOU_ATTR_PEER_V6={0x14, 0x9, @loopback}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_PEER_V4={0x8, 0x8, @loopback}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}]}, 0x88}, 0x1, 0x0, 0x0, 0x200028d0}, 0x8800) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000040), &(0x7f0000000080)=""/79, 0x4f}) r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.pending_reads\x00', 0x4000, 0x0) ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205) r5 = syz_open_dev$hidraw(&(0x7f0000000340), 0x20, 0x40) fcntl$notify(r5, 0x402, 0x10) ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205) 18:26:03 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x89}], 0x2, 0x0) 18:26:03 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:03 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:26:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:26:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:03 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) r4 = semget$private(0x0, 0x4, 0x14) semctl$IPC_RMID(r4, 0x0, 0x0) 18:26:03 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) [ 1185.380948] loop5: detected capacity change from 0 to 264192 18:26:03 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x652) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x5}, {0x0, 0xff, 0x1000}], 0x2, 0x0) 18:26:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x80000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:26:03 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000001640)) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0, 0x1e}) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) preadv(r2, &(0x7f0000001580)=[{&(0x7f0000000000)=""/8, 0x8}, {&(0x7f0000000140)=""/239, 0xef}, {&(0x7f0000000040)=""/168, 0xa8}, {&(0x7f0000000240)=""/233, 0xe9}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/118, 0x76}, {&(0x7f00000013c0)=""/144, 0x90}, {&(0x7f0000001e40)=""/4096, 0x1000}, {&(0x7f0000001480)=""/246, 0xf6}], 0x9, 0xa96f, 0x9) [ 1185.523248] loop5: detected capacity change from 0 to 264192 18:26:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x1000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:03 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000040)=""/104, 0x68}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:26:03 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x10) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:26:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:26:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1185.666370] loop5: detected capacity change from 0 to 264192 18:26:18 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:18 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x18) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x113800) r2 = fcntl$dupfd(r1, 0x406, r0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xee01}}, './file1\x00'}) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) mmap$usbmon(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x800004, 0x110, r1, 0x5) 18:26:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x3000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, 0x0, 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:26:18 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 18:26:18 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) r4 = semget$private(0x0, 0x4, 0x14) semctl$IPC_RMID(r4, 0x0, 0x0) 18:26:18 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:26:18 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/75) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:26:18 executing program 3: unshare(0x8000000) unshare(0x8800) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) unshare(0x80200) [ 1200.908957] loop5: detected capacity change from 0 to 264192 18:26:18 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000040)={0x0, 0x0}) 18:26:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:18 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:26:18 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x4, 0x400) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) 18:26:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, 0x0, 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:26:18 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) [ 1201.027709] loop5: detected capacity change from 0 to 264192 [ 1215.107484] loop5: detected capacity change from 0 to 264192 18:26:32 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semtimedop(r2, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:26:32 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000), &(0x7f0000000040)=""/50, 0x32}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0, 0xfffffffffffffe69}) 18:26:32 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, 0x0, 0x220) sendfile(r1, r0, 0x0, 0xfffffdef) 18:26:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:32 executing program 3: unshare(0x8000000) unshare(0x40000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:26:32 executing program 6: syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}, {&(0x7f00000000c0)=""/56, 0x38}], 0x2, 0x0, 0x7f) 18:26:32 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) semget$private(0x0, 0x4, 0x14) 18:26:32 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) 18:26:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1215.184078] loop5: detected capacity change from 0 to 264192 18:26:32 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:32 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, 0x0, 0x0, 0x0, 0x7f) 18:26:32 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) 18:26:33 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, 0x0, 0x0, 0x0, 0x7f) 18:26:33 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:26:33 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x20000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:33 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, 0x0, 0x0, 0x0, 0x7f) 18:26:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r0, &(0x7f0000000440)=""/57, 0x39) sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000000)={0x28, 0x0, 0x10, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x101, 0x6a}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000804}, 0x1) unshare(0x8000000) semget$private(0x0, 0x4000, 0x422) semtimedop(0x0, &(0x7f0000000100), 0x0, 0x0) 18:26:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffdef) 18:26:33 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000000000)=""/75, 0x4b}], 0x2, 0x1ff, 0x3) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000001180)={&(0x7f0000001140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x8000}) [ 1215.990383] loop5: detected capacity change from 0 to 264192 18:26:33 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) semget$private(0x0, 0x4, 0x14) 18:26:33 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}], 0x1, 0x0, 0x7f) 18:26:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef) 18:26:33 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x47010000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:33 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x6c, r1, 0x300, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x30, 0x8, 0x0, 0x1, [{0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x16cf87ea}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4ec7fcd2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x22de6dac}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x400faf75}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5363cc2d}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000034}, 0x8010) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r2 = semget(0x1, 0x3, 0xc11) semtimedop(r2, &(0x7f0000000100)=[{0x3}, {0x0, 0x20}], 0x2, 0x0) 18:26:33 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0x7f) 18:26:46 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:26:46 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:26:46 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) 18:26:46 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r0 = semget$private(0x0, 0x2, 0x500) semctl$SEM_INFO(r0, 0x2, 0x13, &(0x7f0000000000)=""/171) 18:26:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef) 18:26:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4e230000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:46 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0x7f) 18:26:46 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) [ 1229.190362] loop5: detected capacity change from 0 to 264192 18:26:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9effffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:47 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0x7f) 18:26:47 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x2e1, 0xffff9009}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:26:47 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfcffffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:26:47 executing program 3: ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18}, './file0\x00'}) r0 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x30, 0xffffffffffffffff, 0x10000000) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x6000, @fd, 0x0, 0x1, 0x0, 0x10, 0x0, {0x3, r1}}, 0x5d8) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:26:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r0, 0xffffffffffffffff, 0x0, 0xfffffdef) 18:26:47 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x7f) [ 1229.397577] loop5: detected capacity change from 0 to 264192 18:27:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffff000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:02 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) 18:27:02 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x7f) 18:27:02 executing program 0: ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x2f, 0x81, 0xfb, 0x0, 0x23, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8000, 0x700, 0x0, 0x51a}}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000140)={'syztnl0\x00', r0, 0x7, 0x700, 0xff, 0x4, {{0x18, 0x4, 0x1, 0x3a, 0x60, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @dev={0xac, 0x14, 0x14, 0x40}, {[@cipso={0x86, 0x4c, 0xfffffffffffffffc, [{0x6, 0x5, "d6f939"}, {0x6, 0x7, "3fd7208b3b"}, {0x1, 0x4, "3ae6"}, {0x2, 0x2}, {0x5, 0xc, "e06b5a7566950d543625"}, {0x5, 0x6, "15e41cbb"}, {0x7, 0x10, "d2616b0e7343fcce6a06cfa68252"}, {0x0, 0x4, "0416"}, {0x6, 0xe, "4a5c2319ad79a470735e31d1"}]}]}}}}}) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:27:02 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:27:02 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0x0) 18:27:02 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x2, 0x9}, {0x0, 0x3, 0x1c00}, {0x1, 0x9, 0x800}], 0x3, &(0x7f0000000040)={0x77359400}) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) [ 1244.542113] loop5: detected capacity change from 0 to 264192 18:27:02 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x2, 0x614) semtimedop(r0, &(0x7f0000000000)=[{0x4, 0x9, 0x1000}, {0x1, 0xfe5e, 0x800}, {0x2, 0x0, 0x1000}, {0x0, 0x3f, 0x1000}, {0x3, 0x70fa}, {0x3, 0x9e54}, {0x0, 0x1, 0x400}, {0x2, 0xb144, 0x1800}], 0x8, &(0x7f0000000040)={0x77359400}) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) semget(0x3, 0x3, 0x102) unshare(0x42000000) r1 = semget$private(0x0, 0x3, 0xc) semctl$GETPID(r1, 0x0, 0xb, &(0x7f0000000140)=""/222) 18:27:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xffffff7f, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:02 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) 18:27:02 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x7f) 18:27:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0x0) 18:27:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xffffff9e, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:02 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0xc00) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/138, 0x8a}], 0x1, 0x0, 0x0) 18:27:02 executing program 3: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3, 0x0, 0x1000}, {0x0, 0x9}], 0x2, 0x0) semctl$IPC_RMID(r0, 0x0, 0x0) [ 1244.712859] loop5: detected capacity change from 0 to 264192 18:27:02 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x353c82) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = socket$nl_route(0x10, 0x3, 0x0) close(r1) 18:27:19 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:19 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x20000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0x220) sendfile(r1, r0, 0x0, 0x0) 18:27:19 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffffff0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:19 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) unshare(0x4a000980) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:27:19 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r2}]}, 0xc0}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r6}]}, 0xc0}}, 0x0) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r9}]}, 0xc0}}, 0x0) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) r11 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r12}]}, 0xc0}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x130, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x801}, 0x4) r13 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r13, 0x9208, &(0x7f0000000100)={0x0, 0x0}) [ 1261.557431] loop5: detected capacity change from 0 to 264192 18:27:19 executing program 6: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x2, 0x614) semtimedop(r0, &(0x7f0000000000)=[{0x4, 0x9, 0x1000}, {0x1, 0xfe5e, 0x800}, {0x2, 0x0, 0x1000}, {0x0, 0x3f, 0x1000}, {0x3, 0x70fa}, {0x3, 0x9e54}, {0x0, 0x1, 0x400}, {0x2, 0xb144, 0x1800}], 0x8, &(0x7f0000000040)={0x77359400}) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) semget(0x3, 0x3, 0x102) unshare(0x42000000) r1 = semget$private(0x0, 0x3, 0xc) semctl$GETPID(r1, 0x0, 0xb, &(0x7f0000000140)=""/222) 18:27:19 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) 18:27:19 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:19 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x10) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:27:19 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffffffc, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:19 executing program 5: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:27:19 executing program 3: r0 = inotify_init1(0x80000) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000000)) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x0, 0x400) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) unshare(0x0) unshare(0x200) 18:27:19 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:19 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7f, 0x400240) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ppoll(&(0x7f0000000040)=[{r1, 0x100}, {r0, 0x18}, {r0, 0x140}], 0x3, &(0x7f0000000080)={0x0, 0x3938700}, &(0x7f00000000c0)={[0xfff]}, 0x8) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) 18:27:19 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r2}]}, 0xc0}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r6}]}, 0xc0}}, 0x0) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r9}]}, 0xc0}}, 0x0) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) r11 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r12}]}, 0xc0}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x130, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x801}, 0x4) r13 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r13, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:27:32 executing program 5: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:32 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffffffc, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:32 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:32 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r2}]}, 0xc0}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r6}]}, 0xc0}}, 0x0) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r9}]}, 0xc0}}, 0x0) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) r11 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@XFRMA_IF_ID={0x8, 0x1f, r12}]}, 0xc0}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x130, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x801}, 0x4) r13 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r13, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:27:32 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000040)=""/23, 0x17}) 18:27:32 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:27:32 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xf, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:49 executing program 5: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:49 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x1, 0x701000) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x100000001) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000080)=ANY=[@ANYBLOB="0108000000000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f00000000c0)={0x0, 0x0, 0xb58948ae90ca0700}) 18:27:49 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) semget(0x0, 0x3, 0x200) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:49 executing program 6: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x3) r2 = semget$private(0x0, 0x4, 0x0) semctl$GETPID(r2, 0x2, 0xb, 0xffffffffffffffff) 18:27:49 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:49 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffffffc, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:49 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:27:49 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:27:49 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:27:49 executing program 1: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0xffffffffffffffff) 18:28:01 executing program 5: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0x2c0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:02 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:02 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:02 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:02 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:02 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x204102) syz_open_dev$usbmon(&(0x7f0000000000), 0x9, 0x80) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:28:02 executing program 1: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)={r2, r3+60000000}) unshare(0x44030000) unshare(0x8000080) semget$private(0x0, 0x4, 0x14) 18:28:02 executing program 0: ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000000)={0x5c, 0x4, 0xe0}) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:28:02 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x4a2082) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:28:02 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000), &(0x7f0000000040)=""/50, 0x32}) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0, 0xfffffffffffffe69}) 18:28:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xec0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:02 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000000)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xbe7}}, './file0\x00'}) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) syz_open_dev$vcsu(&(0x7f00000000c0), 0x6964, 0x80380) ioctl$MON_IOCQ_RING_SIZE(r2, 0x9205) 18:28:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0x33fe0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0x7ffff000, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:23 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x1000) name_to_handle_at(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x48c6, 0x3, 0xfffffffc}}, &(0x7f0000000180), 0x2400) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r0, &(0x7f0000000440)=""/57, 0x39) getdents64(r1, &(0x7f00000001c0)=""/110, 0x6e) connect$802154_dgram(r0, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xffff}}, 0x14) r2 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r2, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:28:23 executing program 5: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:23 executing program 1: unshare(0x8000000) unshare(0x40000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:28:23 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:23 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xfffffdef, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:23 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:23 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000240)=""/66) r1 = semget(0x0, 0x3, 0x200) semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000140)=""/104) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:23 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:23 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0xf, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:23 executing program 5: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) [ 1325.566227] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=7772 comm=syz-executor.7 18:28:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x280000) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000017c0)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000050500)={0x0, 0x0, "a39e30bcd9cd2bef3ba6da5ccf13ad3d01dfc7ff5ca5e8720cefc76c509b7b37b5d619cfb78370537fc2b039507a4de846a6bdf0dcdd8d61acb3ad113e6cc5f3d78fa203743f6b213bb4a35748a21da67aa061c1aafd4e2005dbf3c5f90cb2ba3bb3db765db199c2d90a927e9e7d920476cb376ba44eba8ee841b51d109262faccc090acb529e2b2fc2ff38c043bd4a28188d68385c428825eda67c26eb81c3495bb01148d54799431df8e063ddfc566b739b946e7962d2cb73832963ea2b71c56d1165fae6cff6cccc3360cbab5d6e65edaad42db4ac3904d73da75b824aec190c4c47f2dbe89f0b353c11ebfe45e47ddc6a80116357916d881350ff9d143d4", "6ed14c6089716b98fcc089bae4f6e1a4613fee779387f400f2ab69d0c193b3576fd8a8e6e487c44ab000f37ee4be9cd718add070321797fcffa835eeddf14091052167350e334b528c713367717fc7ca69df998efb4722bb5b262a191f7e8bd4d01035b80813e311ebc4282a8fa2a5f3adb8fa57fb15b4b5fe5911c2efe0b00431fe8a613dca64c926b6bc601062ca67594f381737d432ea7539a3a5efd18917b9eb6fad7d7724cf9457eb7af17ee04fdaa0199ee200884b704944ecd640ce2c7220f2a3c9e252439227586bad92a1efdb30306baac589fe3e18c2514c6536c02947698fbe8c07fdb8beeab9d2578c5066ac84e479b453759906bbfd0e48e0d2ebd20a34f46c3717a8a915870c1de1744e475bc74613607113bd321a9575f5e38d289bebfe993383228866eb7f9c2804a60824b7721eeeca072656781636b37ce5fce1f310bd7301010f0e40bd98341997ea886cc8a258acbb3602660a0fb083a4370b89caa1227f8b6ed4681bff458a3175f8a7c4f7da4f61873f5fe066bb74ab30294dd6bdc5ed0579a7f909969da0e00e8bec0ef0787508937cb037a004cedb98ba5a52eb77893218564a1f90324bc1b63a8fb3596ae9c8a109a5b6a45957ac8b3adb77ed9307eaeedc4862a1783ad0c1da818b0b976f53258a52386e224ea40512e267dab8160279ed64d3d43cba46ed6feced99f4ca6b71db1e4f8e58a1ddbb251816584359b378cc22b4480126ba81ff36eb2c9ece554a6031dedd344123bb47c89309496d2cc9941979702337bfd8ec2c397274a93b4637287b4461a8316591156bc6df0d89eb859d56dcdfb4931a76f8cb92f282fbd252e2a37102a3eae34b11dd343a556c45f1e65debb412c293af9e10bea1142af53f95fbce56b462d95bdd2f89428b505505241e7c3dd3227ba05c656ebac5963b6784ea4927a2c1484499205a4304e73bfaee30ff6a6ead7526b6a275a7d3b05d3176c8aa64025bf66f42a3966a56aef0cb99475b980610a7e235f02ba29260fbb1cc2813a6aa395b23184bf0d4bd2610859bb402d57b9ddd1c49b799c42e4fa61edd365cecf5a5b59bed631168882256ebcc9d30dd3342f75908199ea4b3a3f765a26383747446ac25c8183e6f31f5aeb60ec480cc10715326f28d1d088886ee1be07faf314d7f2967aab9416f2d6726ff097f0894c854b5490bcabf3c781345e893e536afca869d4e6a6403a99a2c105a5f0085e650eb46ab92253ea54e129f5f865c52cf423a5e7ead374342c39d91e0bf3124d2fcbc8791cefb1e5349b2a6ce1b5ad1f923d0036fb119d96fbcd4a57b251d1f62bf8d49b40d3b7806ff3be9a204fde0820fa6b8fef057c4f4324184c64d750d349578549e343a7ee6ccdded50abff02d0433739f5b9f3b619a80b07f5ba62c6b386b8c4483209c366dd51a2c1bd3bb9d1b01357386f352f23f746a6f03e6d68a7adace0454f46cefb30292cfba171f68789bf7dd2d0f5ada68fa27f40c843dbbd4535212eb0d4b0aec3578001ee7ce6ce711584368ecc46330b017352eeb5bb69773aee155543ad0cda9e43444f97d8a972837ace60640d18eff1e0689ddce75d694c85d43a9603d1ffe58c42393d34c6090c320f3e9c6facd117a6b9d9f7808a8f1a268ab81fabec7e0ad5b95b0392cd04614e9cfc95db2cdd34374324f83a858c3d46fc3b430b5b6b8e27871e961fc24da3d85b924276ce73452cd000f0b2f245a255560faff9d91f28811ac21bcbc2976ed332cebe7c0a3621e3126e283dd6f2bfd7955a27ae7bafe4738bdf038a6975cffd5e698c4dc74d194b90f1bda6287e263a0ddae4dc02d355781cb8e8d16b03a41b22e8e5b025a921f5c543fd09fd9730a1b2c3fc983f068b534b69dbe985f6a1593a7aa0a86ed4d4dd1bb5f151626b4f32cded28917582b12050894aa1b00f2dd6dc7866ab362e318a0fe27f750bec69dc82e7ff08c1bce75782cb20505ba416714eed780635c7ae9b9a06b90944375d33249d5ca4f732c03387388828cd0ab881d143f98fd854a40ade3963985a22baab5967bbd2543f231dcb295ba8050c2a8bb1603feda6877be98688a37d70ad944e6b81d1e8c5e013a5b22c52c0f42da321038e53f1bd77b008404ce6eec87e1effa22eed11c5bcdcefff6c3f2160a6f62f88ae33976a50546098a9fe6649f7bf840b99e1934c0337bb508ed13fb5ce37252a659ed80f44581bc591c61d66e35742505c67cc7d039771a0c545cd4d35d0265ba67915414b0e800dae2f8f703ebbe98b433d0686bf77959b566fc20276c387a1021d4b88bc29a25ebef1f24f5cef7325224762dc605a2c2c81d906feca693cad7895a598633b2720c6a7de9691c54422229d27ca8c48af8a16ec877b5abb93c2f1e48faff8a613213df3f2a008f8cdd714f105697798e95976110d0bde9c880bbd74d4c246208cbba710b8115292ffc5476410ed8b14bd22c3bd6a867ddfa38d07f07ebadc87cc7eaaacdd4f0e542ed9233a406fc74c6a6443deb3f32accbbfc380919effaf32014f8a7c5ae9dedf26bccba8f02f977dc7f2fc8c0b4ecd01a174d10af07912f07bb4041c48458248e34d95e78f737c572dde15d88b4d5b78a110ed971029ee7a9dfc8031cc00d0c66808355f5c526be9a6011389904403c1952189005549f0a088658fd984128b0d16185df1f1fdd34455a478f5cf5f378125c0bd36c0cfd551f6f298bd79e2f6c1cffaa11d4ac23b68790fcb02dd537eaffbec3cb0bfc9f6963657b684ef3ca8c8981ea8259126119f69c6bdfa401ceded5463dc027339a01a8cbd8eb1cfa75bb1f700bc53690a99da257dbf86c5d28c3e0ed3e4e99d89b26afc3dccd02a1e4b00440e9abe7b07a100e0506d27ae708902572d3b2139514d22ba3c8dc39d6add62522b70a5d591318be4a6fa0acd2d9299e53aab961177ee3fe6523ac396e483a3b9ce935d5901a37e2340e0135f2287a271c88cb1cefa83f05bec4d02606d3d559b8fe209e2ddf8ee6161fea64c3b63c9515b41abf451a8657435e788190c3c447b334abdd088c5a5b975897b367784dda36005def6377f9fad72164f63f4d36c86fc3d75070a46ef6e5b5f7d80c6f55c8c379c05320baa3c435c08b216c90217643fcca51cb733404bad43e6ac4b6522d8c9e360b153b0377b58d5d2e01f14104f78ea09c878ec72d29a4dfeae763b1699805b05e9accd0be69ffba8efe236ce6038a651825204ab1c6b063495c5d7772f624795be0568d314cf8f97382e0d5673a63d91c8a2dfe2ba1b5d5e7187235e1e3978bcca3799fd3655b28b2fe64d8efe6b7bba7ec2c3c06c1228d33b64eebc8428c67efb217e7b58ce1ec50444656544b56c83be43b13a4499d78c350d38ed192c11710982100a3dfbee49802b0a9a761cf431db9bcf705860c1f2c6d60dedc95c3e4b26f3894169bd81d1c0b8b0682b49579552629e9d6dc35a919ccf6d747d74834daef574d4dbfe8d1b7e518d5d64b186e8679de5404d56d599061a9a9738ed3021ef1d57cbb5cb76c7f937587b4b26bbe55e94a805ebf44ea532179039d0fcafaad99ddae3757b47b7d1a537fb113a9da5c81505460ba192d8fc5e9232ba9cf9661b88f84b02c2eff5613e9e7f95d787e8bbdf94d299d2b9cfb4161b51ca5fa8b0cb78cd5ca048cd1d05cd391a6eca9cd1c75411cf7af5dc785dac245c52e3551934213dbffe28f242f1766522cb1ee731769c226ecbc5e5bd458d46cc927fd6a5d50b666b66c25d74e7026f9b1889c1f7123b0df4a12806ab6712b4ffc521b305b9b9cba5d2833458d74a89b7bc5ca9875cda61ac8259d0d0f4586b3230a80b168fe662ea89bac5bb0eca1508f46f7e662ba7e3e646ca94c956e22aeea8a66d7b3a1003698624defe95426f05ca839b10baa4b301314f46ad3f8e150bdb4105b22cce245587f243b2aa057427261e71b6b5108d393ed4e8d87ec701b432ad4fdfb1625158920463a991fe65f6628742161d5ec933f846b99c40c66167397938393c6c17102b7fa599dec8265adaa4697139b7eb9ff6fe476b9330d3c2aac9d0767e845ff85f669ecc5a847a94950944d76b48dc4a2b045d8818c8fd948502a4a536ef7f373e5b5d2deb42e3ca62d001af48a4ee2086c420cefc1a608dc481469c3eac38445a53b32691b4a1b36b40dc21d87d7a27c7fb667fbdc5f70de072cba4a8db45ba6aa11ed52559cdafe7ad2bc95a4110a7845136fab847b72e2515e077f83ba211d2251424f4518ca10bace8491709806bda482795d4a330285208dec20433e62ccec3111765fff6305532d65814bb6b9218d293d0821779f1aba96c20ac29f55927cbe0673a0c246675b995a77da6b29ebf779d79c42c95aee3a2b92123752a8f0f6f1ea2c39941ac9df56e86cde471f3047a14d7b17f0207578a5f330f049b611b3eb62900cb3bf50d386f988b83ca6ba9e24f8b1aecc735318e7f60506393df1d1b09cec6a748836c1cfb6074dbc21909e82b0133f6a4be2a1b80dd1806019e6943e1268c3534cf5861630df0406ba33a36dc10d2c600f496b05a1053063d7840ca4e57e612e8b22cc7b44240cb4a1180506e54627c16502fce4300c4c0ac8769d1c61dfd27d2cfb7f70cf2b306304349d8d08b37b95151c2bea2a1f2d2bf62ef0e910ee05e6aec750b802b9c65d078769fa4157fd12226e85049663e87a5e54cde8da2aa97106e511a1f87c880003c23cc95475954eacd1cd334dfb7710038c39e7632cc233260328eb363d5e6866bce561c5e20d8951cfd93a78b54f23a09f5483cbedd35a62815c93104439c4dca35f41734e0028f6ea24d18110aecec6c601d8bd17980e329cc73948cbf29a78c25c6a74a95280e720c945637dc8bebfd88bf8209d96a418f52838cba8503a5f88cb0bf74676007df8928d7e1924048bb19c8f326955d6a960ddb97c5593f50688cae526720d3b77dc4d16cfb21b002786cdd7e49a756368930316d9bb5b2e1234b9a90b2285da5a7410e933baeeb4a9aa6fd0f723fd96cbca29ee08b2f7cfa875e557e4ec4d76c4b6f40a038f6e2204b299574c96f3d7119c41419a3a74f3f2a4673d945ea51c54574319207c36aa1d26147e189a8e605e66a051c4be947dcda70fb344ae5fc5b94690140b7a7cc03452eef6d824e2718fa5fd3ebcc36c08452dc9928bed6572741d171e9ed3e38f57596266b41311478f52837f485b7bd8b9be40d87500e1f3fc6cc75a4b801e9b8a6fb44797ae3d6d4ac776b2b141c5e8ef067ad974378db61a909b1c69bcf2064b13742d9c03fa3550507f8c163755cbbf2ad59441e136c929c247d4bf828fd1e6d73867d190e6967138ac031e1c6e3c90c5087eea2305c046094b11e75a1b7415a772cb12cf75d2"}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000000)=[r0], 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={0x0, 0x1}) r8 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r8, 0x50009418, &(0x7f0000001e40)={{r1}, r4, 0x14, @unused=[0x8000, 0xffffffffffffff81, 0x8, 0x2], @name="d927fb8ac30dab4272210f15e7c975462d1c69de2b6a10364ee87385240d4cd6c7240e21c58f23d2d14c1d5924ef16f80352f8eb1b4d6b3ea36c437a3b8395195ef2c8fd7366fd773936eb74558d228523fa46ecdfbfcef131211d123ebc0c2b1fb2872ab5f568bc88ef2645c5be85feb266485265f5dfc21f5f03e009b26c4f4f3870b7090737376a91c8a421d62f1b910e7ee68109cccdc272385aae879f3d597cc488ae5753f4e0f9067ad6f1868e805b79a864eaca3b09b2e5a735f6ae0ca0a286c88907aa784daa7d328111e73b7450182bb9de6fc96ba237b909f362b7eb57721c02cc5790e8addaba2a583d8aaafcd87d69ce45d34a482071bb4459cbbf2a6a5f883150a1e95f625622975abff900ba11f02e43c8798cc3527544fde918c7b28d899f72125eac185246e8e73f1f61e898c8468e878c77ebbd1fb1eac107e5c2d68fc2190bd278cf9c587882f21be88d7a7e3145edefc024852e3b538b6865cd690a745f62db7e32188071c23234544697091a8bf93d6eefd7e0daddca8feec363b2cff7ea8dac04f56e6b6bd829cb86510e2daa7972f63676b1f292129336ccac724dced1e45e498890cc8e487f39f3c8e0bd6efbad6c4c2c9ea18b7b3c58b691076ee5e6d81c427475a47df34b867318a5adab4eada51cb724f3ffe6db9501b303a62e546054873cb211a3847896f06cd37cf4a08e92d58d64473c3f85065f2ed03258c7ee4bd9af0ce037b88c13205809d3db200f554463c196d2caf6de4e3b914410c932520e30e5eaeb3948e67272fa4a18d63cd609dc0b377d3d10b1cd02ef630e37392100c809675b2ff6bc0a2490e87788aa7ff401433a085c1a167351872a73b70effd50b4fa48180a8d243f8d31babae4b4e035726cc478a5742760c262cec5d465ac813c6f6d3e01c87d9dfb11e0e9b56d12640780484c9cbf2c9fab70ba4e4af5d6b8b04d478b50dda22ab6b413ffff2027088449cf8aefb0664a9be487af7ebd3b112eb23a03ee185aa1b86e7310545dbfc4b26e1f4cc2cbb3d7d1fdde415df754a3d8d530f91f55a7c83bcd073f1c798af36c4514efc013c1f9fc42671d59a950dac7eebd6bd9bffaec3189b6d6179d3f30ea6bbecd75b13dbaa60b34c29ca8c88c674a8d1461b0e09081a000d7b6c6a0c182348a2d690ba02753e51da00841691343549c22739e82f36d13437587f5993bc0c62321a59611b9255e18a60e80cd617999dfa025cd4276380cbf2ed44d1524b504c8d99475a5fcd98462d095a64a14a3f0d0c67eb3fdb3f53b5b479d53118e8c5b0b8dbc6df5e69a1ca29e113266e7eb8fbf79fb1586d472bfcf994a4d4e399c65760e11ada432d1fcba41a7e251bf0f907cf2c02419e6dc34a41b766dbab91edc8ed302ca5e95deb7dd1bfb149d06bb691b91d98b20c4baaca56560c15ecfc302066a2c8c106efd08aa1584f112040025299ce36f405ff5d33221f41e7c1ab4e096613165190b531fd81457dbb4768b324ae385dce2b81570b02f9cee744acba748faddc1dc20dae49556dd0f3a7be29c6cd1a6d8126d5f233f2699359a4f67b7288482e9916006829fb25a35909a09d441bbf2e79b92566310199b52c7097ae6b68f0e1aa10b9a790952540530137363c85d57fbacc5918b01c6ae06341ad82bd4b1c19b841caa261eced9bd5fa214f21dfaf97d103ef521853d3600827b1b9c15711b625aaf5729fb407947ae0323e48d808b35ed31748cb7aef69817c41bd4191276f784ec59ab0a887122eee7188c0a90ab706849a7bfa182790d78a496f3a5b841061acc4574faf06b377a1f1d0a9d5737cea6d7230108a945abf9a65dcfa0094d59a9dc447d72a0ef3f2faadcfee484798c06d169c6302c6217a076e4aa7f1daf39b4b4b5f3c20e26f1924d200c906850758a07edd213a1d067f2a6b1078c2ce568c20ebfc63098dffa00522e1512f2447dc5c2e9bd68b75f99667b05c8a1b76d20a2419d8b25acb263df2e4407fb183ffeab32ab9b50c01904c6c2580d8121690822f0babf2b0a081729776f644e5850548ef12fed9b96c472f920783823c3911b26459d0dc783bdf371fc14fb4c3b4e6dd882ac0648cf9d9e6c5317fcbe12062122b6b5d76d4d4540accbc4fcaa97d664ab7a17a4e297db92b17b422419b70e916702565a4db2b4efe56424467da0ddd7da9d8c150e353db96116749318af04ec0188d3ed52a08b975b0946dac2703d67408610f898f90e99e84e775bd1e75ec811e59946d22b410f1e5bdff04c5898d00e7f615b5922df85b1555f2676bce460e4771097e798a2e27bf2dbea947f8c25c8b7d1e1e834a74c04c542c47644675d8918e2c1d1c093141ff1bd40ac27945fd8b7b25dbac29b36aeaad59d02d8da1c2f861730f22dcf5370a96eb4df27f97b757213f9e5c43fa256813e87f8c131e1c49573bfafe5cc551cf2f4b9f416ab3cad7ca8bd1762d684fcfcd2cb7a5a45ef69730bb558acc4ddb1efc6d04a161da2f6c431b79e1b43895b84e7a9be7c236a7145a02673bc453b44c66d602f03341ed05c23db9773c3375b00f049b78903288721b77755878cdbcc94faf21393d4e21d76158b8c5948a36b66dd5ffd3967c2439a211b711a2bfd8100ca81fc8d67b711b9954ac95b28b9a3a55f85b89d5eb39c43e45c4bc46a4994de6fec8dae8b9b48078829413d44ac88d9c28bf3e1c936021d355492c763d6e6e1b42748ffd06e3ef2ef12fe33d8338af49c3c5e5b6159049ebb745be1b42d73ceb765f5535e64241d582ae2c295c1fa21a0ead1b490cb7a25485482b5be40048496518a3d4ef7b4ae42ec76ff8f32d012bba67151475d7e4b07ce59d9c6b5b34104ddd3ba48f112151e5c7571a19b9009ed4801b32e30a3a1736cc1a6227d00cae925f20ec0b25b91333bbd382f4e5bcd0e8123b01e5a546d69fb5f457745337ffc4c74f5f6ebbb33380046f315e93ed481b91419c4f7a8c35d72c8c199e56f306377e7d3ae034c6b4f03a35cbcdd68d324d4390b1edec96813e30d8e3b1e1dd7ebcd36866539411868f291898ddb601961788b828a8d141be4eac9ccc49fa5cfb494fc215909bc1305de5da1515c156e4d961e97b7e253d839b13e3f42f69f6af4d884f72b6fc875ea14a72b677582d2f52e12e9c432eb34a54fc395a501b4c60c456a6dda69835c1720892a01c30547491ca5e19ad810977014bd0a139f249d6367ce15a120152098c280f500756088de07b6bdc678773956008a44d51244febebc700b2e93b2c79b6931015888fe3f42d1f733f08547cf50e321899d4c315076f2a7deeccbd70d1a816e35ca7432163b7696cae5505eb6f890ad1bc0c7d8f5b4dbdf31ccbbbbea8afb8e1c5af56a46da11e41b3e1f58ec81c2bff887f1a3d63353e76d19ff3afd33ab66c0c5961f1e11a35639befc6af89fbe7a1e654a706b0b750c507498032997613412703006831fa1de53f3aca3dd2e76e8899ee25cefe03a13865ec9abe913031c66f8f6abeef0bd65e3aab7b3bcd235d911750c43e2bf72dcae750c3a636de67d08323deb8751f0372393ec76b8b0a9f7fd00e8a4c97e820c765fd9caffaa7e58953d9e93c0c9c1b32f6eb5bec0a4f4a44522844417eed35b0511ea85df6448d31006df43e5e9906110c6a8b90b1c2e1eff416d0d8490dd1f463ba5339abbc7e2a0cc7d5efcf6f853ef2c5b16eedb745b34fb8db536f40f30efcc07756d136e124ea760c1b64db68efd72706d3f574ca1b0895bb0537ccc10b4dd89b09c284f0aef36e3bea257570405c77e5c94e892e0de1609061b5a96a95d156a3f9308e6b19007a41f02141f9ed1581d6b60ac5032ddf7ef606a0b07857c674007f2e0d1c3a55707b581c4293532551831bfdc1091477516de97bc2733db2cfbd01caf63cf56fce515a55b4af5573b99182f5e37b341a7e7fd902c4e21903d5fff7c970e4b59491656e25f9d29c458a3a1f4b0d8bdab9bdd0998a95eb8ee9f273ba8d55c200bbaa557394601bd1f37fd2f2b1f27de8821cba5503b43fe4b7a49f4d03ba55810c256a446a136beaa1e4c3cb3bf68c1f64ff10ac264c50e050f318bbfa16c796baa6c06933eaaccf7584330cb7d9db2e760ec6f8072cdc1bd8125380898985dfa39779b03357400113a2559117f49d8982b783435a50f25e0c1ae8b771656d8bb52481f3191e1618ead74212833a5f27257d0a9d3dde3416b9d1407e65c2a7c9dc362363a7bff22b39bc03c99b590da5b96fadde8d5ab865f218005755b32e156ed9434f04b1260f2d787f47fdb298224916d40112a679b79ff4eb2bf90824a3371ae7b1d41fa92253ce12d2df37f87ea3b95f6372c7323889e049cc507dd3fa69237cbfa460f3263a652d40ddebe6da517fe8816bc12a0221b72608d119c3010b60d52f75072779227f102b57a23925909771022d8adbd1e73d94be72217fe0f84e3c1c48417f47cbace0220b455a19bffee73e57699afdee1de12a50440bdb9b6a4d24910e3de98564a304426b7879f57370c3bd044ba3bc67dc004e951faa5058a753b2df8ee524be89d56fb718bd439078f1340c2d12d9612d1349645e4a9e32996e79a6ce0b3dbfa435f22fdeaf5e983c5a3069ca4003d5c5c64e8b080113f55ad353fd9b15ddd8e24fe084c10f76fe3af8f86e46f865d072afd569cb999d8b06f6430c938e3875aaf6f1fd3504212e2087624c777097544d40dffc714eef1e117ca5061a588a0cfb468d59924b4cd70df782179ea5f5f766f8371ae055a8a2da3e351b179dbbb3391beb4d4ddd808b39d7f357202b4e2277d99b3c58cdb6f50697fbff26215b225de0ccfdfb399dc9e7c6b233d069393f666d77cd4615c415727c9f723a8e7cc010931ccd2c8df855bf51d9d0f2f58e25b1a6bf97ed849e60b7dad629efed88803217f7dbb584a96104cda003c0dfd93c7984eb364ed26304faacdbe0dba2960d6ee5ed2492d558642aa09a55c2a61e90402ebe770f8147d8486fb2716bdee25866dcbaec158bb89739b424465ca830c59054b54e107634f8f253170f8731cfa8e2f5e93490f116a72844d578224c5f78f310b998c6123a4492c8475477b02c9a1ee99aeca12bbd9dfd9fd65e6b0d718a6351f9bc6f00248f2611a9a827cb1e743f64aacf3d2a6b7ca3ece4afd2b692a7de332410f085f7673c0ef69d7a74f961f4561194bbfc871659785e2e38af01a5eead5d9ff7655c19898b26a5590ace677f44585ea79795ac96dd3ec9755c45a3c9e1acdfcf38edcd843459014a15759e500949f8bc7d1c1062e464b2fad62a1c3ea43977bbaed2e57e4c0f1f4a8b8cb95f84c945500dd14b42511576ddc9bf7837be29f8002d3fa689bbaed83e470ac295829937f105f4b89b0673fd142746be59b572da9666e460ebec94b32c8066b99aff0bcd0b5407ace9276044216093fdbc2b59487e2e23b015a2eaa384600c04aee63f974824aa769fc23112957b85f1606c74a3eeb4211871509c727449e553da44d6bacbe5ff5f871e7fefa08d9b902314cd7568dab67172e7f9783d0b2c3c9dd030591412b318ef9e5a6d0d11c946a1d45283e2ab1b9892ff7e7986c2bcfdeb7c06f0eb443c69110ba3c54b4f02355fb65e39b34f396febccf9556731107fbeb52ffabd4fc327a4778c7a2c9838ec78ec46a1c6737322a75ee48bd356f987fd0ba135b05977"}) r9 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={r10, 0x101}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r9, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {0x0, 0x0}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051500)={0x7cbb, [{}, {}, {}, {}, {}, {r24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r23}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {0x0, r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3, r5}, {r7}, {0x0, r11}], 0xff, "dda46f09132a67"}) openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x10300, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000140)={r11, 0x0, "692a6ba68b8d3efea80aa6b60dd7d55e38f78a8c67a815a8803b112dc0e8d0feadb507e730b42306e897eac590044a2ad4255bdb660d36362c35585bfc6ee9cde9f73a780ea0c5a89c5a584090e18a3ba0f58ba2132d03dc0bcc7b0421d0f42e785901036fbd5971100522db904d44c395007e5b67b8a87633ef1a55883bfb1dfada5d059178830f00dd280350d36c75d59cfcf031dc363e2d01f6b1ee51525a7c6061c2191e547c32ae968ba804ea7ec6b21901febfc89e03059a5189d22674270383f6300dd4e949f3fff031db617b3846d57a08106a2369288ccde46a246b22672caf0bf7d30618c3ab754647616120bf6c9a63d020cbb074ef45e1bf7187", "79a4d307e68ff02a0cb429a55fabf067fc425966150c03f5036c9edf20d836e73e2a874ee6024d4933e20c7b477a7ff0656006ca3d9f18c47da7c348c5200c62b09c55d6c87b1c2971eb22b7517329a9c083a154fa9b092403d0c1a7b54241780ab7e81d532d8a6ca20be1f6b3d49e8760371d69539100d5558bfd63060b676fc67c6c8ee85616d2f13d9fb93c96c65a9c8a4cc67f85a45a0f52e17659331cb1e1acc62d3e5e33c508fbd45ef6dfbf9600cdec902ffa01b3559f0b681a05207ed81dd1192eb138fb52338f315ac7745babb2747a88908a4c49e54a7d958c5549dd9a24c891b7726d9ef49feca75da9e941b2d0d3f0e4c8d28067f5a4b03949f60fd4f9e452034a17880d9a80ebcc62a0b364a6e6db67c2940aace868331010d384c835796683bff2e212dd68e24881709209eda7200763aa50d76d4537c2177d5a82cb1d764f6e3e352ce5a4c9470cef42a34fab8cd9bf3d0ab08cf9217bdfd0344dc19ffd0442c031daa620e0adcdcee0b3cd919d8f3fb72c8adce0a469db86b8145a2351ea7cc6665ad628382b6742d6d3b3a3bb1eae72cf5f276da234d03e683d50f562d9dee5ebf1dd1d164ebebec50fafa2380ad937e7d8f003d750e1c305be275ea1351ddc43a2e4cffe1a847ce591c6484c1ecc8e838d2eac2c34247aec2435847b65b88d9c1d51c0523188457bb9d062f592ad235cf047fa6907be6c025f074c059e7b537b8452736b63534af5cf9d98e7579e9ca05b330fa8ef5058d0c1389030cf67b3c5e50d63a179e58adc943358e28e108cd64d37498a4a74307b89ddf4c0e4b3d9f19839ce66f72eb1e02aa397cdeb3eb31ff59e6d2852d0869316aa363b7c04ccf13356eba411e2db128eb3d7ac00fa452cd0bac6f817940bf96702b394ebd8739a3806235b235940e7bede98c36aaff96d29a29c48448e17df2ba97c1ed747205ef11778e1ccdd90c109914a906cfee1b6ad98936058c7c976ad2c03cfc3777b43c9cfa3d775d841fa22287af0a10b72684106eada658a4af85220ae9f63f0bdcc23476a42f28ec10439eab50a1fc0c8e07e93abf36fe369f241e70fc12858b51f314e3ed9289ebf3aeff037470652d1f387ed6c788ce12b68c7e9cb4a2052f0cf2f8d8dd61c4afb0a453bc020ba1bb1991063a3eff7c3c325005dc41055fcae817639dea63433b6e34c5cced988b73340e63de907afed3e86da0ef59b1802c7c0ba768a3a8bf384ea3afd869efe100e79d99b89fcb5e566a347071a5b6bf3dc5809389d0e79872615e60f23bbf896294a077e3de672a0b4c3b3db55e831a8e52553ce6be35534d1ba2fd73655de1452d0eaeb39f3c09c12de82a98f4ed22c30bc5ccd79402d27a77c443fca920e7aa3061fa9730db2fc9155554679656c6771cc3e693f1641a8601dabf6dbcd4ed5c01cf491ea9f1330f7fe542f4d8ee805abb9bd9baafab22ea878a2e31f1a9a603f8e0f34258fbaeca47e614d916c64e39674d856eb87fd08c7bc2e0f35e916afd57dfddbb9c1fb96371f40c9b626d947b8ceead1b6d5773c3f7df5635357bd78589fc870a3e665a03616eb98626d54dc33b8935aa84c5bfae30e2473f64d39b4a223f4c91e798ae3c44622ca2d5606b1d6f4863c3d03e240c1fbd7a0eaa86bf8ca298f52c3e783aa03b0f3dacf086ed188c284d5e435142380de664aa94027e5c8dbc3c1f6beb4dbc8e7656513b259aa068527d6904bd69baea09259558f481858007623c590d539200f7ef8d4b66b8115dc0c43049667f3e34f34ee0ae41565d59a6fdbb283a459888cc72815b2156e33b1346d72b67ca4f101909fbfb98cc9bc585250fc03c17ba556a5a5b3e29116a3085db30c9b68fbe6c6a6dc3e3278d64bd77ac2305111470019dcddae99dad37cf9c5681eab50bc9b710af5d4d6e6a227366296c425b8e12f806404247caf739889ee074acb8424db260622e069bf26d0baa500d3342e8663aaf7f0bd16a02984d1b081a03bc486ee0a82e2ebe872b74ae7572a2c34c6a565c2599bb03fa41a7941636ef9f81b3a8e4f0cc1b457bfa2126e006ddd942353aa5bec5ce6c242efa682514dfb81b139c602e5ec0311c36823df21b0d245303c3ff6a8acb4c0822570623913323f18fc4f071ea2b3cc4d95cc1c5a4a2977371bb6962b89d73b8cfb8a2969dabe07b87514b764fd7ef3c7673f1e9c6d6133538e8274ab1fed92e6bc861825cb912a2b69f7e9957038c15d341dc3b2d0c0bf97f9513c0d2041aa9ae9a38a41b9d972fa7265ac10b8abfc6e9bf0708aaf0731dc48bbf0a05784bcdc915be5d20d907754605ad164831ebfddee02a8be139604b728a23c74978f444c559aa8119187d03df54391ba2cdad3c676a782ad6a439cd2fba62fd33909c42f2a8635b80dffa47105225a26acf26eb8fdb941b106545f98515079e86f2e0934f35aa5c9a8ba388f0661cecee2a91f77e4129a4b6fc68665757fe8cd134309c39a5caa1c5eb4b585f2381697925420b84d4f00b5fdfbb5ea1bac42e2edaa229dd55750f23f7f3e9bb8f91de1d5c9fe2155d64dea5f9873e3805d7a1c77b0d89ecded66f42cb837cf012f14ce00af36ab3fbdfc3ceb5c66634b7876e16926a44372112906b76727b27b49852a1704570f6f841265f33d7dcb82ff2cd5256bc06ba24c24defc6584d6ce494b8f6011118699eaae35ce1151f2f9b6ff771766b0d581f75f5bcaaffe009eef4919b2ca071a982d146b41e299173e0f206f68c5b4a6426f6ceacb1694586d6db125a810ef665760e9cb7d33b886a086865f4a29a2e15187a748fcd2d9837377579bc8d8ee2f05ae00a59cdde8bff2b158be8bf94949fbb6c31cecab8a0d538002cbb9fbb5c00e81b4d549927a5aeab592b247d2f83a328eb36eaff516f0786bb90496456ac4b04457bed0d4a3914513e579c7970cedc7d7279ae6e14aada98342661f897440c2ad0e17c771e9740ef8d7c083c1315c1ba1f6106e2b7463b3529618953673390f8f6b74302e9e426911750e025391529998eded24fbf5f3df39642a53193228aac0e9923f2fb8125842f46b7df3f8ce0cb10f7ac6f83cbbeae34c70afd9c4e4f244a9301c8946f851dbfd695b5c64f1be226ece44b4dc0b7cea1fd81a65344f97b3f91bf2fdf2dd145e0e08a964ec81c23c32f75cf48819e072ea0a7e090691e4f945bbdf008a0226b0ebef2b0d2543c9adbf912d6c1ade03846b85985fbfbff07d642d5f887d86b382543bd47d2bdf47443ac1d5ed04807d45db3fa5b68af5f37440bac30e8d6840f15428339f7a5d1e550d00780963a9f214e1c823e70ef100612397616d47c02d925155aa294c0e9d6dca6ccb7cf7dbac258f6a14a37a7fab1c57f30b2315900ff53583c2b7d448915f82abf46ec9563c87f34bd80074e629e6834d8698de76505a56dcda2bb7001511b5154b77feba426c11f51ab49e378b08edfbd62d5c883360c4b596531c37f51c4b6098443cc242d606156db26bd476d088620cc2805f0ba9c04543dbd0d69cbc92f68176d3c02660ed6f1abaea856b70720108aee681cfe0e902712edf87884355106ade0029f26fc99db93328bd70de190174c68459ed24f4d44b4d06022e5d682f44f4e1ebf364a8fc4bc4e48340300fb7f58d73a40704a525684798db7c9bbd3c8d9d9101df988d1d0121ce7f0b1ffba9de61c9565b4ad36dc16c300aa7c47e0f42eb7a9b402f5e0a515fe95b90514214ff46d7e1903fd8d73c0dddac0d5f8a06e821148dfbc9facbc92c7b848de91e527f97ff0f6a2100bbe2e4ee3cbd51816a2fd04588f992c075654f6c79ae23287c8734eb0db3192d94b74c10bad881195c264a9010dbc97959ec0a8d2bc661917b8f3787a6d3b7e50869ff05046d63bdad5d02b560986fd3135e76047b97854ed12539892c031bcb6b631288f7377beb38fa4569d1641c5098db3513d1cc3274719ab1d65205f0d824fa1e24e6e0dfad5db551d200430dfc0f3a7f9d9db628795a2d36d1f549026d51603845a7bf73286cac7da65416f20f242e6fd87cd5c2569c3d17a0b8b2cb87b92a2665982dcab02816f93fccdbc6d06bcc812c21880bf2de97c0712d1e946a33887c3f319fca13170103c754276b7e7d8ec703d1204d194e147689557f4ff22d6a438a9ada9aea965be341f2234be923a2f1d5ef9ee1e8e2d77691721b4ae86a9eb25e09e77990f3f87e0f98334284423731cbbcd62f7524803bdaa005104d3b10c0531f8b480c85e9598dc32dc702be08dee52eebf0b143453c7805baee4bae3e1677198c4c9b994824f4cb991411e51f014914002576c16557cd9c3129d1e6ecf86d09ee17930cb6d67318290b0546d765f29ab66841b91f35b0ddaa035240ea0b563a59481efad000f7f8563771880c4bbeb0183174301a93ff763400f481530ef760c02ad2c07a3e4192287b6940ec52e3d67746cb25ef9a522cf0cf9b1bb9d2835b7ff03b36d278ab6592c690b5f76dff7f62af8209a575a8ce59cc91e6c426a37f6cde8aa6eca67869ed0d6df34f39c295b9d543c9f724399c3df6b8ab90d2fc7db31cf02bce5112d2a2795539ca880dee5b298d8f3acf60a0d70b1ac04f15ded81b61365e4694c9d66900db16688c44e009a99b8c1ce968f7e42e82e5a3f71aa3806d5ae1148ac572987b64b1fdaa8f253db5c823ce3432a7e5c6a8c83130bc229519819c0bf667a866aa83bdf07a23346a7f9322433d7d47d00f146f45dc6a5ffe74169fbcd495494d7d17b1b7ee86eebfa81a44345a2cfb1421a2d49a9542f52b036a6f76846464928499d0b766e0c393349c6d725190468300a0635f1038c4b624a38176c19b9639edded69a576f3a83f84b686da46ef467ff17f1ed3c14bff28a1b2e864cc9bfc069f1c0569ca37842c27ac7be8c5e2a3574c69719b4d2ef606afe5ac236f115630d62852cbdf48489a5fa88eb407f30660cacddb509baadb96f418f930124870c5588a98852e6ff2634af4ad4d0e949265b2d4659f3261e7af340f66f5ddb8b43ce5124d779e6b88468503258a6fde0bc80e503635bb4779ecda9c1a1decc66ea6908e0fafdec92520b3e01d8e6966db8b3e6947e4499af7d77057d7bd100aa0ed3cd1d4d2b0b5650afb85bdc34da4f37982c56c72e08133a5b4263692925c50f2507c1d6e4a9421ba1c4d0c64320958e646b86c82470cedb26415244e569b952894777c951aaef2df7dec3b7269f459a8c2ec8e1f191c982a1f31c69649dc42bd887233cabed2cf167bb36c186c2fdbfb5ea44ce4dfd63a31583f505ff1f86a69fb5b2e9fd8b49352c90edf41563e1e4fe281c57af187375c4dccd0197a511f6f7c1a34ab5881c5c3b78e7043bcf7e549d3c4dcf2bd252ddb0db9cf14d3ad65693"}) 18:28:23 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:23 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x11, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:23 executing program 5: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:23 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) [ 1325.674425] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.7'. 18:28:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@nfc_llcp, &(0x7f0000000080)=0x80, 0x80000) r2 = openat$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0) r3 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0, {0xfffffffffffffffb}}, './file0\x00'}) openat$cgroup_ro(r6, &(0x7f0000000300)='memory.numa_stat\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0, 0x2001}, {r1, 0x438}, {r2, 0x8000}, {r0, 0x8080}, {r3, 0x1}, {r0, 0x10}, {r0, 0x8}, {r0}, {0xffffffffffffffff, 0x200}], 0x9, &(0x7f0000000240)={r4, r5+10000000}, &(0x7f0000000280)={[0xdfa6]}, 0x8) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r7, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r7, 0x9205) 18:28:23 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x12, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1325.728569] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.7'. 18:28:37 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:28:37 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x280000) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000017c0)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000050500)={0x0, 0x0, "a39e30bcd9cd2bef3ba6da5ccf13ad3d01dfc7ff5ca5e8720cefc76c509b7b37b5d619cfb78370537fc2b039507a4de846a6bdf0dcdd8d61acb3ad113e6cc5f3d78fa203743f6b213bb4a35748a21da67aa061c1aafd4e2005dbf3c5f90cb2ba3bb3db765db199c2d90a927e9e7d920476cb376ba44eba8ee841b51d109262faccc090acb529e2b2fc2ff38c043bd4a28188d68385c428825eda67c26eb81c3495bb01148d54799431df8e063ddfc566b739b946e7962d2cb73832963ea2b71c56d1165fae6cff6cccc3360cbab5d6e65edaad42db4ac3904d73da75b824aec190c4c47f2dbe89f0b353c11ebfe45e47ddc6a80116357916d881350ff9d143d4", "6ed14c6089716b98fcc089bae4f6e1a4613fee779387f400f2ab69d0c193b3576fd8a8e6e487c44ab000f37ee4be9cd718add070321797fcffa835eeddf14091052167350e334b528c713367717fc7ca69df998efb4722bb5b262a191f7e8bd4d01035b80813e311ebc4282a8fa2a5f3adb8fa57fb15b4b5fe5911c2efe0b00431fe8a613dca64c926b6bc601062ca67594f381737d432ea7539a3a5efd18917b9eb6fad7d7724cf9457eb7af17ee04fdaa0199ee200884b704944ecd640ce2c7220f2a3c9e252439227586bad92a1efdb30306baac589fe3e18c2514c6536c02947698fbe8c07fdb8beeab9d2578c5066ac84e479b453759906bbfd0e48e0d2ebd20a34f46c3717a8a915870c1de1744e475bc74613607113bd321a9575f5e38d289bebfe993383228866eb7f9c2804a60824b7721eeeca072656781636b37ce5fce1f310bd7301010f0e40bd98341997ea886cc8a258acbb3602660a0fb083a4370b89caa1227f8b6ed4681bff458a3175f8a7c4f7da4f61873f5fe066bb74ab30294dd6bdc5ed0579a7f909969da0e00e8bec0ef0787508937cb037a004cedb98ba5a52eb77893218564a1f90324bc1b63a8fb3596ae9c8a109a5b6a45957ac8b3adb77ed9307eaeedc4862a1783ad0c1da818b0b976f53258a52386e224ea40512e267dab8160279ed64d3d43cba46ed6feced99f4ca6b71db1e4f8e58a1ddbb251816584359b378cc22b4480126ba81ff36eb2c9ece554a6031dedd344123bb47c89309496d2cc9941979702337bfd8ec2c397274a93b4637287b4461a8316591156bc6df0d89eb859d56dcdfb4931a76f8cb92f282fbd252e2a37102a3eae34b11dd343a556c45f1e65debb412c293af9e10bea1142af53f95fbce56b462d95bdd2f89428b505505241e7c3dd3227ba05c656ebac5963b6784ea4927a2c1484499205a4304e73bfaee30ff6a6ead7526b6a275a7d3b05d3176c8aa64025bf66f42a3966a56aef0cb99475b980610a7e235f02ba29260fbb1cc2813a6aa395b23184bf0d4bd2610859bb402d57b9ddd1c49b799c42e4fa61edd365cecf5a5b59bed631168882256ebcc9d30dd3342f75908199ea4b3a3f765a26383747446ac25c8183e6f31f5aeb60ec480cc10715326f28d1d088886ee1be07faf314d7f2967aab9416f2d6726ff097f0894c854b5490bcabf3c781345e893e536afca869d4e6a6403a99a2c105a5f0085e650eb46ab92253ea54e129f5f865c52cf423a5e7ead374342c39d91e0bf3124d2fcbc8791cefb1e5349b2a6ce1b5ad1f923d0036fb119d96fbcd4a57b251d1f62bf8d49b40d3b7806ff3be9a204fde0820fa6b8fef057c4f4324184c64d750d349578549e343a7ee6ccdded50abff02d0433739f5b9f3b619a80b07f5ba62c6b386b8c4483209c366dd51a2c1bd3bb9d1b01357386f352f23f746a6f03e6d68a7adace0454f46cefb30292cfba171f68789bf7dd2d0f5ada68fa27f40c843dbbd4535212eb0d4b0aec3578001ee7ce6ce711584368ecc46330b017352eeb5bb69773aee155543ad0cda9e43444f97d8a972837ace60640d18eff1e0689ddce75d694c85d43a9603d1ffe58c42393d34c6090c320f3e9c6facd117a6b9d9f7808a8f1a268ab81fabec7e0ad5b95b0392cd04614e9cfc95db2cdd34374324f83a858c3d46fc3b430b5b6b8e27871e961fc24da3d85b924276ce73452cd000f0b2f245a255560faff9d91f28811ac21bcbc2976ed332cebe7c0a3621e3126e283dd6f2bfd7955a27ae7bafe4738bdf038a6975cffd5e698c4dc74d194b90f1bda6287e263a0ddae4dc02d355781cb8e8d16b03a41b22e8e5b025a921f5c543fd09fd9730a1b2c3fc983f068b534b69dbe985f6a1593a7aa0a86ed4d4dd1bb5f151626b4f32cded28917582b12050894aa1b00f2dd6dc7866ab362e318a0fe27f750bec69dc82e7ff08c1bce75782cb20505ba416714eed780635c7ae9b9a06b90944375d33249d5ca4f732c03387388828cd0ab881d143f98fd854a40ade3963985a22baab5967bbd2543f231dcb295ba8050c2a8bb1603feda6877be98688a37d70ad944e6b81d1e8c5e013a5b22c52c0f42da321038e53f1bd77b008404ce6eec87e1effa22eed11c5bcdcefff6c3f2160a6f62f88ae33976a50546098a9fe6649f7bf840b99e1934c0337bb508ed13fb5ce37252a659ed80f44581bc591c61d66e35742505c67cc7d039771a0c545cd4d35d0265ba67915414b0e800dae2f8f703ebbe98b433d0686bf77959b566fc20276c387a1021d4b88bc29a25ebef1f24f5cef7325224762dc605a2c2c81d906feca693cad7895a598633b2720c6a7de9691c54422229d27ca8c48af8a16ec877b5abb93c2f1e48faff8a613213df3f2a008f8cdd714f105697798e95976110d0bde9c880bbd74d4c246208cbba710b8115292ffc5476410ed8b14bd22c3bd6a867ddfa38d07f07ebadc87cc7eaaacdd4f0e542ed9233a406fc74c6a6443deb3f32accbbfc380919effaf32014f8a7c5ae9dedf26bccba8f02f977dc7f2fc8c0b4ecd01a174d10af07912f07bb4041c48458248e34d95e78f737c572dde15d88b4d5b78a110ed971029ee7a9dfc8031cc00d0c66808355f5c526be9a6011389904403c1952189005549f0a088658fd984128b0d16185df1f1fdd34455a478f5cf5f378125c0bd36c0cfd551f6f298bd79e2f6c1cffaa11d4ac23b68790fcb02dd537eaffbec3cb0bfc9f6963657b684ef3ca8c8981ea8259126119f69c6bdfa401ceded5463dc027339a01a8cbd8eb1cfa75bb1f700bc53690a99da257dbf86c5d28c3e0ed3e4e99d89b26afc3dccd02a1e4b00440e9abe7b07a100e0506d27ae708902572d3b2139514d22ba3c8dc39d6add62522b70a5d591318be4a6fa0acd2d9299e53aab961177ee3fe6523ac396e483a3b9ce935d5901a37e2340e0135f2287a271c88cb1cefa83f05bec4d02606d3d559b8fe209e2ddf8ee6161fea64c3b63c9515b41abf451a8657435e788190c3c447b334abdd088c5a5b975897b367784dda36005def6377f9fad72164f63f4d36c86fc3d75070a46ef6e5b5f7d80c6f55c8c379c05320baa3c435c08b216c90217643fcca51cb733404bad43e6ac4b6522d8c9e360b153b0377b58d5d2e01f14104f78ea09c878ec72d29a4dfeae763b1699805b05e9accd0be69ffba8efe236ce6038a651825204ab1c6b063495c5d7772f624795be0568d314cf8f97382e0d5673a63d91c8a2dfe2ba1b5d5e7187235e1e3978bcca3799fd3655b28b2fe64d8efe6b7bba7ec2c3c06c1228d33b64eebc8428c67efb217e7b58ce1ec50444656544b56c83be43b13a4499d78c350d38ed192c11710982100a3dfbee49802b0a9a761cf431db9bcf705860c1f2c6d60dedc95c3e4b26f3894169bd81d1c0b8b0682b49579552629e9d6dc35a919ccf6d747d74834daef574d4dbfe8d1b7e518d5d64b186e8679de5404d56d599061a9a9738ed3021ef1d57cbb5cb76c7f937587b4b26bbe55e94a805ebf44ea532179039d0fcafaad99ddae3757b47b7d1a537fb113a9da5c81505460ba192d8fc5e9232ba9cf9661b88f84b02c2eff5613e9e7f95d787e8bbdf94d299d2b9cfb4161b51ca5fa8b0cb78cd5ca048cd1d05cd391a6eca9cd1c75411cf7af5dc785dac245c52e3551934213dbffe28f242f1766522cb1ee731769c226ecbc5e5bd458d46cc927fd6a5d50b666b66c25d74e7026f9b1889c1f7123b0df4a12806ab6712b4ffc521b305b9b9cba5d2833458d74a89b7bc5ca9875cda61ac8259d0d0f4586b3230a80b168fe662ea89bac5bb0eca1508f46f7e662ba7e3e646ca94c956e22aeea8a66d7b3a1003698624defe95426f05ca839b10baa4b301314f46ad3f8e150bdb4105b22cce245587f243b2aa057427261e71b6b5108d393ed4e8d87ec701b432ad4fdfb1625158920463a991fe65f6628742161d5ec933f846b99c40c66167397938393c6c17102b7fa599dec8265adaa4697139b7eb9ff6fe476b9330d3c2aac9d0767e845ff85f669ecc5a847a94950944d76b48dc4a2b045d8818c8fd948502a4a536ef7f373e5b5d2deb42e3ca62d001af48a4ee2086c420cefc1a608dc481469c3eac38445a53b32691b4a1b36b40dc21d87d7a27c7fb667fbdc5f70de072cba4a8db45ba6aa11ed52559cdafe7ad2bc95a4110a7845136fab847b72e2515e077f83ba211d2251424f4518ca10bace8491709806bda482795d4a330285208dec20433e62ccec3111765fff6305532d65814bb6b9218d293d0821779f1aba96c20ac29f55927cbe0673a0c246675b995a77da6b29ebf779d79c42c95aee3a2b92123752a8f0f6f1ea2c39941ac9df56e86cde471f3047a14d7b17f0207578a5f330f049b611b3eb62900cb3bf50d386f988b83ca6ba9e24f8b1aecc735318e7f60506393df1d1b09cec6a748836c1cfb6074dbc21909e82b0133f6a4be2a1b80dd1806019e6943e1268c3534cf5861630df0406ba33a36dc10d2c600f496b05a1053063d7840ca4e57e612e8b22cc7b44240cb4a1180506e54627c16502fce4300c4c0ac8769d1c61dfd27d2cfb7f70cf2b306304349d8d08b37b95151c2bea2a1f2d2bf62ef0e910ee05e6aec750b802b9c65d078769fa4157fd12226e85049663e87a5e54cde8da2aa97106e511a1f87c880003c23cc95475954eacd1cd334dfb7710038c39e7632cc233260328eb363d5e6866bce561c5e20d8951cfd93a78b54f23a09f5483cbedd35a62815c93104439c4dca35f41734e0028f6ea24d18110aecec6c601d8bd17980e329cc73948cbf29a78c25c6a74a95280e720c945637dc8bebfd88bf8209d96a418f52838cba8503a5f88cb0bf74676007df8928d7e1924048bb19c8f326955d6a960ddb97c5593f50688cae526720d3b77dc4d16cfb21b002786cdd7e49a756368930316d9bb5b2e1234b9a90b2285da5a7410e933baeeb4a9aa6fd0f723fd96cbca29ee08b2f7cfa875e557e4ec4d76c4b6f40a038f6e2204b299574c96f3d7119c41419a3a74f3f2a4673d945ea51c54574319207c36aa1d26147e189a8e605e66a051c4be947dcda70fb344ae5fc5b94690140b7a7cc03452eef6d824e2718fa5fd3ebcc36c08452dc9928bed6572741d171e9ed3e38f57596266b41311478f52837f485b7bd8b9be40d87500e1f3fc6cc75a4b801e9b8a6fb44797ae3d6d4ac776b2b141c5e8ef067ad974378db61a909b1c69bcf2064b13742d9c03fa3550507f8c163755cbbf2ad59441e136c929c247d4bf828fd1e6d73867d190e6967138ac031e1c6e3c90c5087eea2305c046094b11e75a1b7415a772cb12cf75d2"}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000000)=[r0], 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={0x0, 0x1}) r8 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r8, 0x50009418, &(0x7f0000001e40)={{r1}, r4, 0x14, @unused=[0x8000, 0xffffffffffffff81, 0x8, 0x2], @name="d927fb8ac30dab4272210f15e7c975462d1c69de2b6a10364ee87385240d4cd6c7240e21c58f23d2d14c1d5924ef16f80352f8eb1b4d6b3ea36c437a3b8395195ef2c8fd7366fd773936eb74558d228523fa46ecdfbfcef131211d123ebc0c2b1fb2872ab5f568bc88ef2645c5be85feb266485265f5dfc21f5f03e009b26c4f4f3870b7090737376a91c8a421d62f1b910e7ee68109cccdc272385aae879f3d597cc488ae5753f4e0f9067ad6f1868e805b79a864eaca3b09b2e5a735f6ae0ca0a286c88907aa784daa7d328111e73b7450182bb9de6fc96ba237b909f362b7eb57721c02cc5790e8addaba2a583d8aaafcd87d69ce45d34a482071bb4459cbbf2a6a5f883150a1e95f625622975abff900ba11f02e43c8798cc3527544fde918c7b28d899f72125eac185246e8e73f1f61e898c8468e878c77ebbd1fb1eac107e5c2d68fc2190bd278cf9c587882f21be88d7a7e3145edefc024852e3b538b6865cd690a745f62db7e32188071c23234544697091a8bf93d6eefd7e0daddca8feec363b2cff7ea8dac04f56e6b6bd829cb86510e2daa7972f63676b1f292129336ccac724dced1e45e498890cc8e487f39f3c8e0bd6efbad6c4c2c9ea18b7b3c58b691076ee5e6d81c427475a47df34b867318a5adab4eada51cb724f3ffe6db9501b303a62e546054873cb211a3847896f06cd37cf4a08e92d58d64473c3f85065f2ed03258c7ee4bd9af0ce037b88c13205809d3db200f554463c196d2caf6de4e3b914410c932520e30e5eaeb3948e67272fa4a18d63cd609dc0b377d3d10b1cd02ef630e37392100c809675b2ff6bc0a2490e87788aa7ff401433a085c1a167351872a73b70effd50b4fa48180a8d243f8d31babae4b4e035726cc478a5742760c262cec5d465ac813c6f6d3e01c87d9dfb11e0e9b56d12640780484c9cbf2c9fab70ba4e4af5d6b8b04d478b50dda22ab6b413ffff2027088449cf8aefb0664a9be487af7ebd3b112eb23a03ee185aa1b86e7310545dbfc4b26e1f4cc2cbb3d7d1fdde415df754a3d8d530f91f55a7c83bcd073f1c798af36c4514efc013c1f9fc42671d59a950dac7eebd6bd9bffaec3189b6d6179d3f30ea6bbecd75b13dbaa60b34c29ca8c88c674a8d1461b0e09081a000d7b6c6a0c182348a2d690ba02753e51da00841691343549c22739e82f36d13437587f5993bc0c62321a59611b9255e18a60e80cd617999dfa025cd4276380cbf2ed44d1524b504c8d99475a5fcd98462d095a64a14a3f0d0c67eb3fdb3f53b5b479d53118e8c5b0b8dbc6df5e69a1ca29e113266e7eb8fbf79fb1586d472bfcf994a4d4e399c65760e11ada432d1fcba41a7e251bf0f907cf2c02419e6dc34a41b766dbab91edc8ed302ca5e95deb7dd1bfb149d06bb691b91d98b20c4baaca56560c15ecfc302066a2c8c106efd08aa1584f112040025299ce36f405ff5d33221f41e7c1ab4e096613165190b531fd81457dbb4768b324ae385dce2b81570b02f9cee744acba748faddc1dc20dae49556dd0f3a7be29c6cd1a6d8126d5f233f2699359a4f67b7288482e9916006829fb25a35909a09d441bbf2e79b92566310199b52c7097ae6b68f0e1aa10b9a790952540530137363c85d57fbacc5918b01c6ae06341ad82bd4b1c19b841caa261eced9bd5fa214f21dfaf97d103ef521853d3600827b1b9c15711b625aaf5729fb407947ae0323e48d808b35ed31748cb7aef69817c41bd4191276f784ec59ab0a887122eee7188c0a90ab706849a7bfa182790d78a496f3a5b841061acc4574faf06b377a1f1d0a9d5737cea6d7230108a945abf9a65dcfa0094d59a9dc447d72a0ef3f2faadcfee484798c06d169c6302c6217a076e4aa7f1daf39b4b4b5f3c20e26f1924d200c906850758a07edd213a1d067f2a6b1078c2ce568c20ebfc63098dffa00522e1512f2447dc5c2e9bd68b75f99667b05c8a1b76d20a2419d8b25acb263df2e4407fb183ffeab32ab9b50c01904c6c2580d8121690822f0babf2b0a081729776f644e5850548ef12fed9b96c472f920783823c3911b26459d0dc783bdf371fc14fb4c3b4e6dd882ac0648cf9d9e6c5317fcbe12062122b6b5d76d4d4540accbc4fcaa97d664ab7a17a4e297db92b17b422419b70e916702565a4db2b4efe56424467da0ddd7da9d8c150e353db96116749318af04ec0188d3ed52a08b975b0946dac2703d67408610f898f90e99e84e775bd1e75ec811e59946d22b410f1e5bdff04c5898d00e7f615b5922df85b1555f2676bce460e4771097e798a2e27bf2dbea947f8c25c8b7d1e1e834a74c04c542c47644675d8918e2c1d1c093141ff1bd40ac27945fd8b7b25dbac29b36aeaad59d02d8da1c2f861730f22dcf5370a96eb4df27f97b757213f9e5c43fa256813e87f8c131e1c49573bfafe5cc551cf2f4b9f416ab3cad7ca8bd1762d684fcfcd2cb7a5a45ef69730bb558acc4ddb1efc6d04a161da2f6c431b79e1b43895b84e7a9be7c236a7145a02673bc453b44c66d602f03341ed05c23db9773c3375b00f049b78903288721b77755878cdbcc94faf21393d4e21d76158b8c5948a36b66dd5ffd3967c2439a211b711a2bfd8100ca81fc8d67b711b9954ac95b28b9a3a55f85b89d5eb39c43e45c4bc46a4994de6fec8dae8b9b48078829413d44ac88d9c28bf3e1c936021d355492c763d6e6e1b42748ffd06e3ef2ef12fe33d8338af49c3c5e5b6159049ebb745be1b42d73ceb765f5535e64241d582ae2c295c1fa21a0ead1b490cb7a25485482b5be40048496518a3d4ef7b4ae42ec76ff8f32d012bba67151475d7e4b07ce59d9c6b5b34104ddd3ba48f112151e5c7571a19b9009ed4801b32e30a3a1736cc1a6227d00cae925f20ec0b25b91333bbd382f4e5bcd0e8123b01e5a546d69fb5f457745337ffc4c74f5f6ebbb33380046f315e93ed481b91419c4f7a8c35d72c8c199e56f306377e7d3ae034c6b4f03a35cbcdd68d324d4390b1edec96813e30d8e3b1e1dd7ebcd36866539411868f291898ddb601961788b828a8d141be4eac9ccc49fa5cfb494fc215909bc1305de5da1515c156e4d961e97b7e253d839b13e3f42f69f6af4d884f72b6fc875ea14a72b677582d2f52e12e9c432eb34a54fc395a501b4c60c456a6dda69835c1720892a01c30547491ca5e19ad810977014bd0a139f249d6367ce15a120152098c280f500756088de07b6bdc678773956008a44d51244febebc700b2e93b2c79b6931015888fe3f42d1f733f08547cf50e321899d4c315076f2a7deeccbd70d1a816e35ca7432163b7696cae5505eb6f890ad1bc0c7d8f5b4dbdf31ccbbbbea8afb8e1c5af56a46da11e41b3e1f58ec81c2bff887f1a3d63353e76d19ff3afd33ab66c0c5961f1e11a35639befc6af89fbe7a1e654a706b0b750c507498032997613412703006831fa1de53f3aca3dd2e76e8899ee25cefe03a13865ec9abe913031c66f8f6abeef0bd65e3aab7b3bcd235d911750c43e2bf72dcae750c3a636de67d08323deb8751f0372393ec76b8b0a9f7fd00e8a4c97e820c765fd9caffaa7e58953d9e93c0c9c1b32f6eb5bec0a4f4a44522844417eed35b0511ea85df6448d31006df43e5e9906110c6a8b90b1c2e1eff416d0d8490dd1f463ba5339abbc7e2a0cc7d5efcf6f853ef2c5b16eedb745b34fb8db536f40f30efcc07756d136e124ea760c1b64db68efd72706d3f574ca1b0895bb0537ccc10b4dd89b09c284f0aef36e3bea257570405c77e5c94e892e0de1609061b5a96a95d156a3f9308e6b19007a41f02141f9ed1581d6b60ac5032ddf7ef606a0b07857c674007f2e0d1c3a55707b581c4293532551831bfdc1091477516de97bc2733db2cfbd01caf63cf56fce515a55b4af5573b99182f5e37b341a7e7fd902c4e21903d5fff7c970e4b59491656e25f9d29c458a3a1f4b0d8bdab9bdd0998a95eb8ee9f273ba8d55c200bbaa557394601bd1f37fd2f2b1f27de8821cba5503b43fe4b7a49f4d03ba55810c256a446a136beaa1e4c3cb3bf68c1f64ff10ac264c50e050f318bbfa16c796baa6c06933eaaccf7584330cb7d9db2e760ec6f8072cdc1bd8125380898985dfa39779b03357400113a2559117f49d8982b783435a50f25e0c1ae8b771656d8bb52481f3191e1618ead74212833a5f27257d0a9d3dde3416b9d1407e65c2a7c9dc362363a7bff22b39bc03c99b590da5b96fadde8d5ab865f218005755b32e156ed9434f04b1260f2d787f47fdb298224916d40112a679b79ff4eb2bf90824a3371ae7b1d41fa92253ce12d2df37f87ea3b95f6372c7323889e049cc507dd3fa69237cbfa460f3263a652d40ddebe6da517fe8816bc12a0221b72608d119c3010b60d52f75072779227f102b57a23925909771022d8adbd1e73d94be72217fe0f84e3c1c48417f47cbace0220b455a19bffee73e57699afdee1de12a50440bdb9b6a4d24910e3de98564a304426b7879f57370c3bd044ba3bc67dc004e951faa5058a753b2df8ee524be89d56fb718bd439078f1340c2d12d9612d1349645e4a9e32996e79a6ce0b3dbfa435f22fdeaf5e983c5a3069ca4003d5c5c64e8b080113f55ad353fd9b15ddd8e24fe084c10f76fe3af8f86e46f865d072afd569cb999d8b06f6430c938e3875aaf6f1fd3504212e2087624c777097544d40dffc714eef1e117ca5061a588a0cfb468d59924b4cd70df782179ea5f5f766f8371ae055a8a2da3e351b179dbbb3391beb4d4ddd808b39d7f357202b4e2277d99b3c58cdb6f50697fbff26215b225de0ccfdfb399dc9e7c6b233d069393f666d77cd4615c415727c9f723a8e7cc010931ccd2c8df855bf51d9d0f2f58e25b1a6bf97ed849e60b7dad629efed88803217f7dbb584a96104cda003c0dfd93c7984eb364ed26304faacdbe0dba2960d6ee5ed2492d558642aa09a55c2a61e90402ebe770f8147d8486fb2716bdee25866dcbaec158bb89739b424465ca830c59054b54e107634f8f253170f8731cfa8e2f5e93490f116a72844d578224c5f78f310b998c6123a4492c8475477b02c9a1ee99aeca12bbd9dfd9fd65e6b0d718a6351f9bc6f00248f2611a9a827cb1e743f64aacf3d2a6b7ca3ece4afd2b692a7de332410f085f7673c0ef69d7a74f961f4561194bbfc871659785e2e38af01a5eead5d9ff7655c19898b26a5590ace677f44585ea79795ac96dd3ec9755c45a3c9e1acdfcf38edcd843459014a15759e500949f8bc7d1c1062e464b2fad62a1c3ea43977bbaed2e57e4c0f1f4a8b8cb95f84c945500dd14b42511576ddc9bf7837be29f8002d3fa689bbaed83e470ac295829937f105f4b89b0673fd142746be59b572da9666e460ebec94b32c8066b99aff0bcd0b5407ace9276044216093fdbc2b59487e2e23b015a2eaa384600c04aee63f974824aa769fc23112957b85f1606c74a3eeb4211871509c727449e553da44d6bacbe5ff5f871e7fefa08d9b902314cd7568dab67172e7f9783d0b2c3c9dd030591412b318ef9e5a6d0d11c946a1d45283e2ab1b9892ff7e7986c2bcfdeb7c06f0eb443c69110ba3c54b4f02355fb65e39b34f396febccf9556731107fbeb52ffabd4fc327a4778c7a2c9838ec78ec46a1c6737322a75ee48bd356f987fd0ba135b05977"}) r9 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={r10, 0x101}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r9, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {0x0, 0x0}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051500)={0x7cbb, [{}, {}, {}, {}, {}, {r24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r23}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {0x0, r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3, r5}, {r7}, {0x0, r11}], 0xff, "dda46f09132a67"}) openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x10300, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000140)={r11, 0x0, "692a6ba68b8d3efea80aa6b60dd7d55e38f78a8c67a815a8803b112dc0e8d0feadb507e730b42306e897eac590044a2ad4255bdb660d36362c35585bfc6ee9cde9f73a780ea0c5a89c5a584090e18a3ba0f58ba2132d03dc0bcc7b0421d0f42e785901036fbd5971100522db904d44c395007e5b67b8a87633ef1a55883bfb1dfada5d059178830f00dd280350d36c75d59cfcf031dc363e2d01f6b1ee51525a7c6061c2191e547c32ae968ba804ea7ec6b21901febfc89e03059a5189d22674270383f6300dd4e949f3fff031db617b3846d57a08106a2369288ccde46a246b22672caf0bf7d30618c3ab754647616120bf6c9a63d020cbb074ef45e1bf7187", "79a4d307e68ff02a0cb429a55fabf067fc425966150c03f5036c9edf20d836e73e2a874ee6024d4933e20c7b477a7ff0656006ca3d9f18c47da7c348c5200c62b09c55d6c87b1c2971eb22b7517329a9c083a154fa9b092403d0c1a7b54241780ab7e81d532d8a6ca20be1f6b3d49e8760371d69539100d5558bfd63060b676fc67c6c8ee85616d2f13d9fb93c96c65a9c8a4cc67f85a45a0f52e17659331cb1e1acc62d3e5e33c508fbd45ef6dfbf9600cdec902ffa01b3559f0b681a05207ed81dd1192eb138fb52338f315ac7745babb2747a88908a4c49e54a7d958c5549dd9a24c891b7726d9ef49feca75da9e941b2d0d3f0e4c8d28067f5a4b03949f60fd4f9e452034a17880d9a80ebcc62a0b364a6e6db67c2940aace868331010d384c835796683bff2e212dd68e24881709209eda7200763aa50d76d4537c2177d5a82cb1d764f6e3e352ce5a4c9470cef42a34fab8cd9bf3d0ab08cf9217bdfd0344dc19ffd0442c031daa620e0adcdcee0b3cd919d8f3fb72c8adce0a469db86b8145a2351ea7cc6665ad628382b6742d6d3b3a3bb1eae72cf5f276da234d03e683d50f562d9dee5ebf1dd1d164ebebec50fafa2380ad937e7d8f003d750e1c305be275ea1351ddc43a2e4cffe1a847ce591c6484c1ecc8e838d2eac2c34247aec2435847b65b88d9c1d51c0523188457bb9d062f592ad235cf047fa6907be6c025f074c059e7b537b8452736b63534af5cf9d98e7579e9ca05b330fa8ef5058d0c1389030cf67b3c5e50d63a179e58adc943358e28e108cd64d37498a4a74307b89ddf4c0e4b3d9f19839ce66f72eb1e02aa397cdeb3eb31ff59e6d2852d0869316aa363b7c04ccf13356eba411e2db128eb3d7ac00fa452cd0bac6f817940bf96702b394ebd8739a3806235b235940e7bede98c36aaff96d29a29c48448e17df2ba97c1ed747205ef11778e1ccdd90c109914a906cfee1b6ad98936058c7c976ad2c03cfc3777b43c9cfa3d775d841fa22287af0a10b72684106eada658a4af85220ae9f63f0bdcc23476a42f28ec10439eab50a1fc0c8e07e93abf36fe369f241e70fc12858b51f314e3ed9289ebf3aeff037470652d1f387ed6c788ce12b68c7e9cb4a2052f0cf2f8d8dd61c4afb0a453bc020ba1bb1991063a3eff7c3c325005dc41055fcae817639dea63433b6e34c5cced988b73340e63de907afed3e86da0ef59b1802c7c0ba768a3a8bf384ea3afd869efe100e79d99b89fcb5e566a347071a5b6bf3dc5809389d0e79872615e60f23bbf896294a077e3de672a0b4c3b3db55e831a8e52553ce6be35534d1ba2fd73655de1452d0eaeb39f3c09c12de82a98f4ed22c30bc5ccd79402d27a77c443fca920e7aa3061fa9730db2fc9155554679656c6771cc3e693f1641a8601dabf6dbcd4ed5c01cf491ea9f1330f7fe542f4d8ee805abb9bd9baafab22ea878a2e31f1a9a603f8e0f34258fbaeca47e614d916c64e39674d856eb87fd08c7bc2e0f35e916afd57dfddbb9c1fb96371f40c9b626d947b8ceead1b6d5773c3f7df5635357bd78589fc870a3e665a03616eb98626d54dc33b8935aa84c5bfae30e2473f64d39b4a223f4c91e798ae3c44622ca2d5606b1d6f4863c3d03e240c1fbd7a0eaa86bf8ca298f52c3e783aa03b0f3dacf086ed188c284d5e435142380de664aa94027e5c8dbc3c1f6beb4dbc8e7656513b259aa068527d6904bd69baea09259558f481858007623c590d539200f7ef8d4b66b8115dc0c43049667f3e34f34ee0ae41565d59a6fdbb283a459888cc72815b2156e33b1346d72b67ca4f101909fbfb98cc9bc585250fc03c17ba556a5a5b3e29116a3085db30c9b68fbe6c6a6dc3e3278d64bd77ac2305111470019dcddae99dad37cf9c5681eab50bc9b710af5d4d6e6a227366296c425b8e12f806404247caf739889ee074acb8424db260622e069bf26d0baa500d3342e8663aaf7f0bd16a02984d1b081a03bc486ee0a82e2ebe872b74ae7572a2c34c6a565c2599bb03fa41a7941636ef9f81b3a8e4f0cc1b457bfa2126e006ddd942353aa5bec5ce6c242efa682514dfb81b139c602e5ec0311c36823df21b0d245303c3ff6a8acb4c0822570623913323f18fc4f071ea2b3cc4d95cc1c5a4a2977371bb6962b89d73b8cfb8a2969dabe07b87514b764fd7ef3c7673f1e9c6d6133538e8274ab1fed92e6bc861825cb912a2b69f7e9957038c15d341dc3b2d0c0bf97f9513c0d2041aa9ae9a38a41b9d972fa7265ac10b8abfc6e9bf0708aaf0731dc48bbf0a05784bcdc915be5d20d907754605ad164831ebfddee02a8be139604b728a23c74978f444c559aa8119187d03df54391ba2cdad3c676a782ad6a439cd2fba62fd33909c42f2a8635b80dffa47105225a26acf26eb8fdb941b106545f98515079e86f2e0934f35aa5c9a8ba388f0661cecee2a91f77e4129a4b6fc68665757fe8cd134309c39a5caa1c5eb4b585f2381697925420b84d4f00b5fdfbb5ea1bac42e2edaa229dd55750f23f7f3e9bb8f91de1d5c9fe2155d64dea5f9873e3805d7a1c77b0d89ecded66f42cb837cf012f14ce00af36ab3fbdfc3ceb5c66634b7876e16926a44372112906b76727b27b49852a1704570f6f841265f33d7dcb82ff2cd5256bc06ba24c24defc6584d6ce494b8f6011118699eaae35ce1151f2f9b6ff771766b0d581f75f5bcaaffe009eef4919b2ca071a982d146b41e299173e0f206f68c5b4a6426f6ceacb1694586d6db125a810ef665760e9cb7d33b886a086865f4a29a2e15187a748fcd2d9837377579bc8d8ee2f05ae00a59cdde8bff2b158be8bf94949fbb6c31cecab8a0d538002cbb9fbb5c00e81b4d549927a5aeab592b247d2f83a328eb36eaff516f0786bb90496456ac4b04457bed0d4a3914513e579c7970cedc7d7279ae6e14aada98342661f897440c2ad0e17c771e9740ef8d7c083c1315c1ba1f6106e2b7463b3529618953673390f8f6b74302e9e426911750e025391529998eded24fbf5f3df39642a53193228aac0e9923f2fb8125842f46b7df3f8ce0cb10f7ac6f83cbbeae34c70afd9c4e4f244a9301c8946f851dbfd695b5c64f1be226ece44b4dc0b7cea1fd81a65344f97b3f91bf2fdf2dd145e0e08a964ec81c23c32f75cf48819e072ea0a7e090691e4f945bbdf008a0226b0ebef2b0d2543c9adbf912d6c1ade03846b85985fbfbff07d642d5f887d86b382543bd47d2bdf47443ac1d5ed04807d45db3fa5b68af5f37440bac30e8d6840f15428339f7a5d1e550d00780963a9f214e1c823e70ef100612397616d47c02d925155aa294c0e9d6dca6ccb7cf7dbac258f6a14a37a7fab1c57f30b2315900ff53583c2b7d448915f82abf46ec9563c87f34bd80074e629e6834d8698de76505a56dcda2bb7001511b5154b77feba426c11f51ab49e378b08edfbd62d5c883360c4b596531c37f51c4b6098443cc242d606156db26bd476d088620cc2805f0ba9c04543dbd0d69cbc92f68176d3c02660ed6f1abaea856b70720108aee681cfe0e902712edf87884355106ade0029f26fc99db93328bd70de190174c68459ed24f4d44b4d06022e5d682f44f4e1ebf364a8fc4bc4e48340300fb7f58d73a40704a525684798db7c9bbd3c8d9d9101df988d1d0121ce7f0b1ffba9de61c9565b4ad36dc16c300aa7c47e0f42eb7a9b402f5e0a515fe95b90514214ff46d7e1903fd8d73c0dddac0d5f8a06e821148dfbc9facbc92c7b848de91e527f97ff0f6a2100bbe2e4ee3cbd51816a2fd04588f992c075654f6c79ae23287c8734eb0db3192d94b74c10bad881195c264a9010dbc97959ec0a8d2bc661917b8f3787a6d3b7e50869ff05046d63bdad5d02b560986fd3135e76047b97854ed12539892c031bcb6b631288f7377beb38fa4569d1641c5098db3513d1cc3274719ab1d65205f0d824fa1e24e6e0dfad5db551d200430dfc0f3a7f9d9db628795a2d36d1f549026d51603845a7bf73286cac7da65416f20f242e6fd87cd5c2569c3d17a0b8b2cb87b92a2665982dcab02816f93fccdbc6d06bcc812c21880bf2de97c0712d1e946a33887c3f319fca13170103c754276b7e7d8ec703d1204d194e147689557f4ff22d6a438a9ada9aea965be341f2234be923a2f1d5ef9ee1e8e2d77691721b4ae86a9eb25e09e77990f3f87e0f98334284423731cbbcd62f7524803bdaa005104d3b10c0531f8b480c85e9598dc32dc702be08dee52eebf0b143453c7805baee4bae3e1677198c4c9b994824f4cb991411e51f014914002576c16557cd9c3129d1e6ecf86d09ee17930cb6d67318290b0546d765f29ab66841b91f35b0ddaa035240ea0b563a59481efad000f7f8563771880c4bbeb0183174301a93ff763400f481530ef760c02ad2c07a3e4192287b6940ec52e3d67746cb25ef9a522cf0cf9b1bb9d2835b7ff03b36d278ab6592c690b5f76dff7f62af8209a575a8ce59cc91e6c426a37f6cde8aa6eca67869ed0d6df34f39c295b9d543c9f724399c3df6b8ab90d2fc7db31cf02bce5112d2a2795539ca880dee5b298d8f3acf60a0d70b1ac04f15ded81b61365e4694c9d66900db16688c44e009a99b8c1ce968f7e42e82e5a3f71aa3806d5ae1148ac572987b64b1fdaa8f253db5c823ce3432a7e5c6a8c83130bc229519819c0bf667a866aa83bdf07a23346a7f9322433d7d47d00f146f45dc6a5ffe74169fbcd495494d7d17b1b7ee86eebfa81a44345a2cfb1421a2d49a9542f52b036a6f76846464928499d0b766e0c393349c6d725190468300a0635f1038c4b624a38176c19b9639edded69a576f3a83f84b686da46ef467ff17f1ed3c14bff28a1b2e864cc9bfc069f1c0569ca37842c27ac7be8c5e2a3574c69719b4d2ef606afe5ac236f115630d62852cbdf48489a5fa88eb407f30660cacddb509baadb96f418f930124870c5588a98852e6ff2634af4ad4d0e949265b2d4659f3261e7af340f66f5ddb8b43ce5124d779e6b88468503258a6fde0bc80e503635bb4779ecda9c1a1decc66ea6908e0fafdec92520b3e01d8e6966db8b3e6947e4499af7d77057d7bd100aa0ed3cd1d4d2b0b5650afb85bdc34da4f37982c56c72e08133a5b4263692925c50f2507c1d6e4a9421ba1c4d0c64320958e646b86c82470cedb26415244e569b952894777c951aaef2df7dec3b7269f459a8c2ec8e1f191c982a1f31c69649dc42bd887233cabed2cf167bb36c186c2fdbfb5ea44ce4dfd63a31583f505ff1f86a69fb5b2e9fd8b49352c90edf41563e1e4fe281c57af187375c4dccd0197a511f6f7c1a34ab5881c5c3b78e7043bcf7e549d3c4dcf2bd252ddb0db9cf14d3ad65693"}) 18:28:37 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000280)={&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f00000001c0)=""/146, 0x92}) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x7fff}) r3 = syz_open_dev$usbmon(&(0x7f00000000c0), 0xfffffffffffffffe, 0x20000) ioctl$MON_IOCG_STATS(r3, 0x80089203, &(0x7f0000000140)) close(r2) r4 = dup2(r0, r0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205) 18:28:37 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:37 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:37 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:37 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x280000) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) r1 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000017c0)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000050500)={0x0, 0x0, "a39e30bcd9cd2bef3ba6da5ccf13ad3d01dfc7ff5ca5e8720cefc76c509b7b37b5d619cfb78370537fc2b039507a4de846a6bdf0dcdd8d61acb3ad113e6cc5f3d78fa203743f6b213bb4a35748a21da67aa061c1aafd4e2005dbf3c5f90cb2ba3bb3db765db199c2d90a927e9e7d920476cb376ba44eba8ee841b51d109262faccc090acb529e2b2fc2ff38c043bd4a28188d68385c428825eda67c26eb81c3495bb01148d54799431df8e063ddfc566b739b946e7962d2cb73832963ea2b71c56d1165fae6cff6cccc3360cbab5d6e65edaad42db4ac3904d73da75b824aec190c4c47f2dbe89f0b353c11ebfe45e47ddc6a80116357916d881350ff9d143d4", "6ed14c6089716b98fcc089bae4f6e1a4613fee779387f400f2ab69d0c193b3576fd8a8e6e487c44ab000f37ee4be9cd718add070321797fcffa835eeddf14091052167350e334b528c713367717fc7ca69df998efb4722bb5b262a191f7e8bd4d01035b80813e311ebc4282a8fa2a5f3adb8fa57fb15b4b5fe5911c2efe0b00431fe8a613dca64c926b6bc601062ca67594f381737d432ea7539a3a5efd18917b9eb6fad7d7724cf9457eb7af17ee04fdaa0199ee200884b704944ecd640ce2c7220f2a3c9e252439227586bad92a1efdb30306baac589fe3e18c2514c6536c02947698fbe8c07fdb8beeab9d2578c5066ac84e479b453759906bbfd0e48e0d2ebd20a34f46c3717a8a915870c1de1744e475bc74613607113bd321a9575f5e38d289bebfe993383228866eb7f9c2804a60824b7721eeeca072656781636b37ce5fce1f310bd7301010f0e40bd98341997ea886cc8a258acbb3602660a0fb083a4370b89caa1227f8b6ed4681bff458a3175f8a7c4f7da4f61873f5fe066bb74ab30294dd6bdc5ed0579a7f909969da0e00e8bec0ef0787508937cb037a004cedb98ba5a52eb77893218564a1f90324bc1b63a8fb3596ae9c8a109a5b6a45957ac8b3adb77ed9307eaeedc4862a1783ad0c1da818b0b976f53258a52386e224ea40512e267dab8160279ed64d3d43cba46ed6feced99f4ca6b71db1e4f8e58a1ddbb251816584359b378cc22b4480126ba81ff36eb2c9ece554a6031dedd344123bb47c89309496d2cc9941979702337bfd8ec2c397274a93b4637287b4461a8316591156bc6df0d89eb859d56dcdfb4931a76f8cb92f282fbd252e2a37102a3eae34b11dd343a556c45f1e65debb412c293af9e10bea1142af53f95fbce56b462d95bdd2f89428b505505241e7c3dd3227ba05c656ebac5963b6784ea4927a2c1484499205a4304e73bfaee30ff6a6ead7526b6a275a7d3b05d3176c8aa64025bf66f42a3966a56aef0cb99475b980610a7e235f02ba29260fbb1cc2813a6aa395b23184bf0d4bd2610859bb402d57b9ddd1c49b799c42e4fa61edd365cecf5a5b59bed631168882256ebcc9d30dd3342f75908199ea4b3a3f765a26383747446ac25c8183e6f31f5aeb60ec480cc10715326f28d1d088886ee1be07faf314d7f2967aab9416f2d6726ff097f0894c854b5490bcabf3c781345e893e536afca869d4e6a6403a99a2c105a5f0085e650eb46ab92253ea54e129f5f865c52cf423a5e7ead374342c39d91e0bf3124d2fcbc8791cefb1e5349b2a6ce1b5ad1f923d0036fb119d96fbcd4a57b251d1f62bf8d49b40d3b7806ff3be9a204fde0820fa6b8fef057c4f4324184c64d750d349578549e343a7ee6ccdded50abff02d0433739f5b9f3b619a80b07f5ba62c6b386b8c4483209c366dd51a2c1bd3bb9d1b01357386f352f23f746a6f03e6d68a7adace0454f46cefb30292cfba171f68789bf7dd2d0f5ada68fa27f40c843dbbd4535212eb0d4b0aec3578001ee7ce6ce711584368ecc46330b017352eeb5bb69773aee155543ad0cda9e43444f97d8a972837ace60640d18eff1e0689ddce75d694c85d43a9603d1ffe58c42393d34c6090c320f3e9c6facd117a6b9d9f7808a8f1a268ab81fabec7e0ad5b95b0392cd04614e9cfc95db2cdd34374324f83a858c3d46fc3b430b5b6b8e27871e961fc24da3d85b924276ce73452cd000f0b2f245a255560faff9d91f28811ac21bcbc2976ed332cebe7c0a3621e3126e283dd6f2bfd7955a27ae7bafe4738bdf038a6975cffd5e698c4dc74d194b90f1bda6287e263a0ddae4dc02d355781cb8e8d16b03a41b22e8e5b025a921f5c543fd09fd9730a1b2c3fc983f068b534b69dbe985f6a1593a7aa0a86ed4d4dd1bb5f151626b4f32cded28917582b12050894aa1b00f2dd6dc7866ab362e318a0fe27f750bec69dc82e7ff08c1bce75782cb20505ba416714eed780635c7ae9b9a06b90944375d33249d5ca4f732c03387388828cd0ab881d143f98fd854a40ade3963985a22baab5967bbd2543f231dcb295ba8050c2a8bb1603feda6877be98688a37d70ad944e6b81d1e8c5e013a5b22c52c0f42da321038e53f1bd77b008404ce6eec87e1effa22eed11c5bcdcefff6c3f2160a6f62f88ae33976a50546098a9fe6649f7bf840b99e1934c0337bb508ed13fb5ce37252a659ed80f44581bc591c61d66e35742505c67cc7d039771a0c545cd4d35d0265ba67915414b0e800dae2f8f703ebbe98b433d0686bf77959b566fc20276c387a1021d4b88bc29a25ebef1f24f5cef7325224762dc605a2c2c81d906feca693cad7895a598633b2720c6a7de9691c54422229d27ca8c48af8a16ec877b5abb93c2f1e48faff8a613213df3f2a008f8cdd714f105697798e95976110d0bde9c880bbd74d4c246208cbba710b8115292ffc5476410ed8b14bd22c3bd6a867ddfa38d07f07ebadc87cc7eaaacdd4f0e542ed9233a406fc74c6a6443deb3f32accbbfc380919effaf32014f8a7c5ae9dedf26bccba8f02f977dc7f2fc8c0b4ecd01a174d10af07912f07bb4041c48458248e34d95e78f737c572dde15d88b4d5b78a110ed971029ee7a9dfc8031cc00d0c66808355f5c526be9a6011389904403c1952189005549f0a088658fd984128b0d16185df1f1fdd34455a478f5cf5f378125c0bd36c0cfd551f6f298bd79e2f6c1cffaa11d4ac23b68790fcb02dd537eaffbec3cb0bfc9f6963657b684ef3ca8c8981ea8259126119f69c6bdfa401ceded5463dc027339a01a8cbd8eb1cfa75bb1f700bc53690a99da257dbf86c5d28c3e0ed3e4e99d89b26afc3dccd02a1e4b00440e9abe7b07a100e0506d27ae708902572d3b2139514d22ba3c8dc39d6add62522b70a5d591318be4a6fa0acd2d9299e53aab961177ee3fe6523ac396e483a3b9ce935d5901a37e2340e0135f2287a271c88cb1cefa83f05bec4d02606d3d559b8fe209e2ddf8ee6161fea64c3b63c9515b41abf451a8657435e788190c3c447b334abdd088c5a5b975897b367784dda36005def6377f9fad72164f63f4d36c86fc3d75070a46ef6e5b5f7d80c6f55c8c379c05320baa3c435c08b216c90217643fcca51cb733404bad43e6ac4b6522d8c9e360b153b0377b58d5d2e01f14104f78ea09c878ec72d29a4dfeae763b1699805b05e9accd0be69ffba8efe236ce6038a651825204ab1c6b063495c5d7772f624795be0568d314cf8f97382e0d5673a63d91c8a2dfe2ba1b5d5e7187235e1e3978bcca3799fd3655b28b2fe64d8efe6b7bba7ec2c3c06c1228d33b64eebc8428c67efb217e7b58ce1ec50444656544b56c83be43b13a4499d78c350d38ed192c11710982100a3dfbee49802b0a9a761cf431db9bcf705860c1f2c6d60dedc95c3e4b26f3894169bd81d1c0b8b0682b49579552629e9d6dc35a919ccf6d747d74834daef574d4dbfe8d1b7e518d5d64b186e8679de5404d56d599061a9a9738ed3021ef1d57cbb5cb76c7f937587b4b26bbe55e94a805ebf44ea532179039d0fcafaad99ddae3757b47b7d1a537fb113a9da5c81505460ba192d8fc5e9232ba9cf9661b88f84b02c2eff5613e9e7f95d787e8bbdf94d299d2b9cfb4161b51ca5fa8b0cb78cd5ca048cd1d05cd391a6eca9cd1c75411cf7af5dc785dac245c52e3551934213dbffe28f242f1766522cb1ee731769c226ecbc5e5bd458d46cc927fd6a5d50b666b66c25d74e7026f9b1889c1f7123b0df4a12806ab6712b4ffc521b305b9b9cba5d2833458d74a89b7bc5ca9875cda61ac8259d0d0f4586b3230a80b168fe662ea89bac5bb0eca1508f46f7e662ba7e3e646ca94c956e22aeea8a66d7b3a1003698624defe95426f05ca839b10baa4b301314f46ad3f8e150bdb4105b22cce245587f243b2aa057427261e71b6b5108d393ed4e8d87ec701b432ad4fdfb1625158920463a991fe65f6628742161d5ec933f846b99c40c66167397938393c6c17102b7fa599dec8265adaa4697139b7eb9ff6fe476b9330d3c2aac9d0767e845ff85f669ecc5a847a94950944d76b48dc4a2b045d8818c8fd948502a4a536ef7f373e5b5d2deb42e3ca62d001af48a4ee2086c420cefc1a608dc481469c3eac38445a53b32691b4a1b36b40dc21d87d7a27c7fb667fbdc5f70de072cba4a8db45ba6aa11ed52559cdafe7ad2bc95a4110a7845136fab847b72e2515e077f83ba211d2251424f4518ca10bace8491709806bda482795d4a330285208dec20433e62ccec3111765fff6305532d65814bb6b9218d293d0821779f1aba96c20ac29f55927cbe0673a0c246675b995a77da6b29ebf779d79c42c95aee3a2b92123752a8f0f6f1ea2c39941ac9df56e86cde471f3047a14d7b17f0207578a5f330f049b611b3eb62900cb3bf50d386f988b83ca6ba9e24f8b1aecc735318e7f60506393df1d1b09cec6a748836c1cfb6074dbc21909e82b0133f6a4be2a1b80dd1806019e6943e1268c3534cf5861630df0406ba33a36dc10d2c600f496b05a1053063d7840ca4e57e612e8b22cc7b44240cb4a1180506e54627c16502fce4300c4c0ac8769d1c61dfd27d2cfb7f70cf2b306304349d8d08b37b95151c2bea2a1f2d2bf62ef0e910ee05e6aec750b802b9c65d078769fa4157fd12226e85049663e87a5e54cde8da2aa97106e511a1f87c880003c23cc95475954eacd1cd334dfb7710038c39e7632cc233260328eb363d5e6866bce561c5e20d8951cfd93a78b54f23a09f5483cbedd35a62815c93104439c4dca35f41734e0028f6ea24d18110aecec6c601d8bd17980e329cc73948cbf29a78c25c6a74a95280e720c945637dc8bebfd88bf8209d96a418f52838cba8503a5f88cb0bf74676007df8928d7e1924048bb19c8f326955d6a960ddb97c5593f50688cae526720d3b77dc4d16cfb21b002786cdd7e49a756368930316d9bb5b2e1234b9a90b2285da5a7410e933baeeb4a9aa6fd0f723fd96cbca29ee08b2f7cfa875e557e4ec4d76c4b6f40a038f6e2204b299574c96f3d7119c41419a3a74f3f2a4673d945ea51c54574319207c36aa1d26147e189a8e605e66a051c4be947dcda70fb344ae5fc5b94690140b7a7cc03452eef6d824e2718fa5fd3ebcc36c08452dc9928bed6572741d171e9ed3e38f57596266b41311478f52837f485b7bd8b9be40d87500e1f3fc6cc75a4b801e9b8a6fb44797ae3d6d4ac776b2b141c5e8ef067ad974378db61a909b1c69bcf2064b13742d9c03fa3550507f8c163755cbbf2ad59441e136c929c247d4bf828fd1e6d73867d190e6967138ac031e1c6e3c90c5087eea2305c046094b11e75a1b7415a772cb12cf75d2"}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000000)=[r0], 0x1) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={0x0, 0x1}) r8 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r8, 0x50009418, &(0x7f0000001e40)={{r1}, r4, 0x14, @unused=[0x8000, 0xffffffffffffff81, 0x8, 0x2], @name="d927fb8ac30dab4272210f15e7c975462d1c69de2b6a10364ee87385240d4cd6c7240e21c58f23d2d14c1d5924ef16f80352f8eb1b4d6b3ea36c437a3b8395195ef2c8fd7366fd773936eb74558d228523fa46ecdfbfcef131211d123ebc0c2b1fb2872ab5f568bc88ef2645c5be85feb266485265f5dfc21f5f03e009b26c4f4f3870b7090737376a91c8a421d62f1b910e7ee68109cccdc272385aae879f3d597cc488ae5753f4e0f9067ad6f1868e805b79a864eaca3b09b2e5a735f6ae0ca0a286c88907aa784daa7d328111e73b7450182bb9de6fc96ba237b909f362b7eb57721c02cc5790e8addaba2a583d8aaafcd87d69ce45d34a482071bb4459cbbf2a6a5f883150a1e95f625622975abff900ba11f02e43c8798cc3527544fde918c7b28d899f72125eac185246e8e73f1f61e898c8468e878c77ebbd1fb1eac107e5c2d68fc2190bd278cf9c587882f21be88d7a7e3145edefc024852e3b538b6865cd690a745f62db7e32188071c23234544697091a8bf93d6eefd7e0daddca8feec363b2cff7ea8dac04f56e6b6bd829cb86510e2daa7972f63676b1f292129336ccac724dced1e45e498890cc8e487f39f3c8e0bd6efbad6c4c2c9ea18b7b3c58b691076ee5e6d81c427475a47df34b867318a5adab4eada51cb724f3ffe6db9501b303a62e546054873cb211a3847896f06cd37cf4a08e92d58d64473c3f85065f2ed03258c7ee4bd9af0ce037b88c13205809d3db200f554463c196d2caf6de4e3b914410c932520e30e5eaeb3948e67272fa4a18d63cd609dc0b377d3d10b1cd02ef630e37392100c809675b2ff6bc0a2490e87788aa7ff401433a085c1a167351872a73b70effd50b4fa48180a8d243f8d31babae4b4e035726cc478a5742760c262cec5d465ac813c6f6d3e01c87d9dfb11e0e9b56d12640780484c9cbf2c9fab70ba4e4af5d6b8b04d478b50dda22ab6b413ffff2027088449cf8aefb0664a9be487af7ebd3b112eb23a03ee185aa1b86e7310545dbfc4b26e1f4cc2cbb3d7d1fdde415df754a3d8d530f91f55a7c83bcd073f1c798af36c4514efc013c1f9fc42671d59a950dac7eebd6bd9bffaec3189b6d6179d3f30ea6bbecd75b13dbaa60b34c29ca8c88c674a8d1461b0e09081a000d7b6c6a0c182348a2d690ba02753e51da00841691343549c22739e82f36d13437587f5993bc0c62321a59611b9255e18a60e80cd617999dfa025cd4276380cbf2ed44d1524b504c8d99475a5fcd98462d095a64a14a3f0d0c67eb3fdb3f53b5b479d53118e8c5b0b8dbc6df5e69a1ca29e113266e7eb8fbf79fb1586d472bfcf994a4d4e399c65760e11ada432d1fcba41a7e251bf0f907cf2c02419e6dc34a41b766dbab91edc8ed302ca5e95deb7dd1bfb149d06bb691b91d98b20c4baaca56560c15ecfc302066a2c8c106efd08aa1584f112040025299ce36f405ff5d33221f41e7c1ab4e096613165190b531fd81457dbb4768b324ae385dce2b81570b02f9cee744acba748faddc1dc20dae49556dd0f3a7be29c6cd1a6d8126d5f233f2699359a4f67b7288482e9916006829fb25a35909a09d441bbf2e79b92566310199b52c7097ae6b68f0e1aa10b9a790952540530137363c85d57fbacc5918b01c6ae06341ad82bd4b1c19b841caa261eced9bd5fa214f21dfaf97d103ef521853d3600827b1b9c15711b625aaf5729fb407947ae0323e48d808b35ed31748cb7aef69817c41bd4191276f784ec59ab0a887122eee7188c0a90ab706849a7bfa182790d78a496f3a5b841061acc4574faf06b377a1f1d0a9d5737cea6d7230108a945abf9a65dcfa0094d59a9dc447d72a0ef3f2faadcfee484798c06d169c6302c6217a076e4aa7f1daf39b4b4b5f3c20e26f1924d200c906850758a07edd213a1d067f2a6b1078c2ce568c20ebfc63098dffa00522e1512f2447dc5c2e9bd68b75f99667b05c8a1b76d20a2419d8b25acb263df2e4407fb183ffeab32ab9b50c01904c6c2580d8121690822f0babf2b0a081729776f644e5850548ef12fed9b96c472f920783823c3911b26459d0dc783bdf371fc14fb4c3b4e6dd882ac0648cf9d9e6c5317fcbe12062122b6b5d76d4d4540accbc4fcaa97d664ab7a17a4e297db92b17b422419b70e916702565a4db2b4efe56424467da0ddd7da9d8c150e353db96116749318af04ec0188d3ed52a08b975b0946dac2703d67408610f898f90e99e84e775bd1e75ec811e59946d22b410f1e5bdff04c5898d00e7f615b5922df85b1555f2676bce460e4771097e798a2e27bf2dbea947f8c25c8b7d1e1e834a74c04c542c47644675d8918e2c1d1c093141ff1bd40ac27945fd8b7b25dbac29b36aeaad59d02d8da1c2f861730f22dcf5370a96eb4df27f97b757213f9e5c43fa256813e87f8c131e1c49573bfafe5cc551cf2f4b9f416ab3cad7ca8bd1762d684fcfcd2cb7a5a45ef69730bb558acc4ddb1efc6d04a161da2f6c431b79e1b43895b84e7a9be7c236a7145a02673bc453b44c66d602f03341ed05c23db9773c3375b00f049b78903288721b77755878cdbcc94faf21393d4e21d76158b8c5948a36b66dd5ffd3967c2439a211b711a2bfd8100ca81fc8d67b711b9954ac95b28b9a3a55f85b89d5eb39c43e45c4bc46a4994de6fec8dae8b9b48078829413d44ac88d9c28bf3e1c936021d355492c763d6e6e1b42748ffd06e3ef2ef12fe33d8338af49c3c5e5b6159049ebb745be1b42d73ceb765f5535e64241d582ae2c295c1fa21a0ead1b490cb7a25485482b5be40048496518a3d4ef7b4ae42ec76ff8f32d012bba67151475d7e4b07ce59d9c6b5b34104ddd3ba48f112151e5c7571a19b9009ed4801b32e30a3a1736cc1a6227d00cae925f20ec0b25b91333bbd382f4e5bcd0e8123b01e5a546d69fb5f457745337ffc4c74f5f6ebbb33380046f315e93ed481b91419c4f7a8c35d72c8c199e56f306377e7d3ae034c6b4f03a35cbcdd68d324d4390b1edec96813e30d8e3b1e1dd7ebcd36866539411868f291898ddb601961788b828a8d141be4eac9ccc49fa5cfb494fc215909bc1305de5da1515c156e4d961e97b7e253d839b13e3f42f69f6af4d884f72b6fc875ea14a72b677582d2f52e12e9c432eb34a54fc395a501b4c60c456a6dda69835c1720892a01c30547491ca5e19ad810977014bd0a139f249d6367ce15a120152098c280f500756088de07b6bdc678773956008a44d51244febebc700b2e93b2c79b6931015888fe3f42d1f733f08547cf50e321899d4c315076f2a7deeccbd70d1a816e35ca7432163b7696cae5505eb6f890ad1bc0c7d8f5b4dbdf31ccbbbbea8afb8e1c5af56a46da11e41b3e1f58ec81c2bff887f1a3d63353e76d19ff3afd33ab66c0c5961f1e11a35639befc6af89fbe7a1e654a706b0b750c507498032997613412703006831fa1de53f3aca3dd2e76e8899ee25cefe03a13865ec9abe913031c66f8f6abeef0bd65e3aab7b3bcd235d911750c43e2bf72dcae750c3a636de67d08323deb8751f0372393ec76b8b0a9f7fd00e8a4c97e820c765fd9caffaa7e58953d9e93c0c9c1b32f6eb5bec0a4f4a44522844417eed35b0511ea85df6448d31006df43e5e9906110c6a8b90b1c2e1eff416d0d8490dd1f463ba5339abbc7e2a0cc7d5efcf6f853ef2c5b16eedb745b34fb8db536f40f30efcc07756d136e124ea760c1b64db68efd72706d3f574ca1b0895bb0537ccc10b4dd89b09c284f0aef36e3bea257570405c77e5c94e892e0de1609061b5a96a95d156a3f9308e6b19007a41f02141f9ed1581d6b60ac5032ddf7ef606a0b07857c674007f2e0d1c3a55707b581c4293532551831bfdc1091477516de97bc2733db2cfbd01caf63cf56fce515a55b4af5573b99182f5e37b341a7e7fd902c4e21903d5fff7c970e4b59491656e25f9d29c458a3a1f4b0d8bdab9bdd0998a95eb8ee9f273ba8d55c200bbaa557394601bd1f37fd2f2b1f27de8821cba5503b43fe4b7a49f4d03ba55810c256a446a136beaa1e4c3cb3bf68c1f64ff10ac264c50e050f318bbfa16c796baa6c06933eaaccf7584330cb7d9db2e760ec6f8072cdc1bd8125380898985dfa39779b03357400113a2559117f49d8982b783435a50f25e0c1ae8b771656d8bb52481f3191e1618ead74212833a5f27257d0a9d3dde3416b9d1407e65c2a7c9dc362363a7bff22b39bc03c99b590da5b96fadde8d5ab865f218005755b32e156ed9434f04b1260f2d787f47fdb298224916d40112a679b79ff4eb2bf90824a3371ae7b1d41fa92253ce12d2df37f87ea3b95f6372c7323889e049cc507dd3fa69237cbfa460f3263a652d40ddebe6da517fe8816bc12a0221b72608d119c3010b60d52f75072779227f102b57a23925909771022d8adbd1e73d94be72217fe0f84e3c1c48417f47cbace0220b455a19bffee73e57699afdee1de12a50440bdb9b6a4d24910e3de98564a304426b7879f57370c3bd044ba3bc67dc004e951faa5058a753b2df8ee524be89d56fb718bd439078f1340c2d12d9612d1349645e4a9e32996e79a6ce0b3dbfa435f22fdeaf5e983c5a3069ca4003d5c5c64e8b080113f55ad353fd9b15ddd8e24fe084c10f76fe3af8f86e46f865d072afd569cb999d8b06f6430c938e3875aaf6f1fd3504212e2087624c777097544d40dffc714eef1e117ca5061a588a0cfb468d59924b4cd70df782179ea5f5f766f8371ae055a8a2da3e351b179dbbb3391beb4d4ddd808b39d7f357202b4e2277d99b3c58cdb6f50697fbff26215b225de0ccfdfb399dc9e7c6b233d069393f666d77cd4615c415727c9f723a8e7cc010931ccd2c8df855bf51d9d0f2f58e25b1a6bf97ed849e60b7dad629efed88803217f7dbb584a96104cda003c0dfd93c7984eb364ed26304faacdbe0dba2960d6ee5ed2492d558642aa09a55c2a61e90402ebe770f8147d8486fb2716bdee25866dcbaec158bb89739b424465ca830c59054b54e107634f8f253170f8731cfa8e2f5e93490f116a72844d578224c5f78f310b998c6123a4492c8475477b02c9a1ee99aeca12bbd9dfd9fd65e6b0d718a6351f9bc6f00248f2611a9a827cb1e743f64aacf3d2a6b7ca3ece4afd2b692a7de332410f085f7673c0ef69d7a74f961f4561194bbfc871659785e2e38af01a5eead5d9ff7655c19898b26a5590ace677f44585ea79795ac96dd3ec9755c45a3c9e1acdfcf38edcd843459014a15759e500949f8bc7d1c1062e464b2fad62a1c3ea43977bbaed2e57e4c0f1f4a8b8cb95f84c945500dd14b42511576ddc9bf7837be29f8002d3fa689bbaed83e470ac295829937f105f4b89b0673fd142746be59b572da9666e460ebec94b32c8066b99aff0bcd0b5407ace9276044216093fdbc2b59487e2e23b015a2eaa384600c04aee63f974824aa769fc23112957b85f1606c74a3eeb4211871509c727449e553da44d6bacbe5ff5f871e7fefa08d9b902314cd7568dab67172e7f9783d0b2c3c9dd030591412b318ef9e5a6d0d11c946a1d45283e2ab1b9892ff7e7986c2bcfdeb7c06f0eb443c69110ba3c54b4f02355fb65e39b34f396febccf9556731107fbeb52ffabd4fc327a4778c7a2c9838ec78ec46a1c6737322a75ee48bd356f987fd0ba135b05977"}) r9 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000007c0)={r10, 0x101}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r9, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {0x0, 0x0}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051500)={0x7cbb, [{}, {}, {}, {}, {}, {r24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r23}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {0x0, r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r22}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3, r5}, {r7}, {0x0, r11}], 0xff, "dda46f09132a67"}) openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x10300, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000140)={r11, 0x0, "692a6ba68b8d3efea80aa6b60dd7d55e38f78a8c67a815a8803b112dc0e8d0feadb507e730b42306e897eac590044a2ad4255bdb660d36362c35585bfc6ee9cde9f73a780ea0c5a89c5a584090e18a3ba0f58ba2132d03dc0bcc7b0421d0f42e785901036fbd5971100522db904d44c395007e5b67b8a87633ef1a55883bfb1dfada5d059178830f00dd280350d36c75d59cfcf031dc363e2d01f6b1ee51525a7c6061c2191e547c32ae968ba804ea7ec6b21901febfc89e03059a5189d22674270383f6300dd4e949f3fff031db617b3846d57a08106a2369288ccde46a246b22672caf0bf7d30618c3ab754647616120bf6c9a63d020cbb074ef45e1bf7187", "79a4d307e68ff02a0cb429a55fabf067fc425966150c03f5036c9edf20d836e73e2a874ee6024d4933e20c7b477a7ff0656006ca3d9f18c47da7c348c5200c62b09c55d6c87b1c2971eb22b7517329a9c083a154fa9b092403d0c1a7b54241780ab7e81d532d8a6ca20be1f6b3d49e8760371d69539100d5558bfd63060b676fc67c6c8ee85616d2f13d9fb93c96c65a9c8a4cc67f85a45a0f52e17659331cb1e1acc62d3e5e33c508fbd45ef6dfbf9600cdec902ffa01b3559f0b681a05207ed81dd1192eb138fb52338f315ac7745babb2747a88908a4c49e54a7d958c5549dd9a24c891b7726d9ef49feca75da9e941b2d0d3f0e4c8d28067f5a4b03949f60fd4f9e452034a17880d9a80ebcc62a0b364a6e6db67c2940aace868331010d384c835796683bff2e212dd68e24881709209eda7200763aa50d76d4537c2177d5a82cb1d764f6e3e352ce5a4c9470cef42a34fab8cd9bf3d0ab08cf9217bdfd0344dc19ffd0442c031daa620e0adcdcee0b3cd919d8f3fb72c8adce0a469db86b8145a2351ea7cc6665ad628382b6742d6d3b3a3bb1eae72cf5f276da234d03e683d50f562d9dee5ebf1dd1d164ebebec50fafa2380ad937e7d8f003d750e1c305be275ea1351ddc43a2e4cffe1a847ce591c6484c1ecc8e838d2eac2c34247aec2435847b65b88d9c1d51c0523188457bb9d062f592ad235cf047fa6907be6c025f074c059e7b537b8452736b63534af5cf9d98e7579e9ca05b330fa8ef5058d0c1389030cf67b3c5e50d63a179e58adc943358e28e108cd64d37498a4a74307b89ddf4c0e4b3d9f19839ce66f72eb1e02aa397cdeb3eb31ff59e6d2852d0869316aa363b7c04ccf13356eba411e2db128eb3d7ac00fa452cd0bac6f817940bf96702b394ebd8739a3806235b235940e7bede98c36aaff96d29a29c48448e17df2ba97c1ed747205ef11778e1ccdd90c109914a906cfee1b6ad98936058c7c976ad2c03cfc3777b43c9cfa3d775d841fa22287af0a10b72684106eada658a4af85220ae9f63f0bdcc23476a42f28ec10439eab50a1fc0c8e07e93abf36fe369f241e70fc12858b51f314e3ed9289ebf3aeff037470652d1f387ed6c788ce12b68c7e9cb4a2052f0cf2f8d8dd61c4afb0a453bc020ba1bb1991063a3eff7c3c325005dc41055fcae817639dea63433b6e34c5cced988b73340e63de907afed3e86da0ef59b1802c7c0ba768a3a8bf384ea3afd869efe100e79d99b89fcb5e566a347071a5b6bf3dc5809389d0e79872615e60f23bbf896294a077e3de672a0b4c3b3db55e831a8e52553ce6be35534d1ba2fd73655de1452d0eaeb39f3c09c12de82a98f4ed22c30bc5ccd79402d27a77c443fca920e7aa3061fa9730db2fc9155554679656c6771cc3e693f1641a8601dabf6dbcd4ed5c01cf491ea9f1330f7fe542f4d8ee805abb9bd9baafab22ea878a2e31f1a9a603f8e0f34258fbaeca47e614d916c64e39674d856eb87fd08c7bc2e0f35e916afd57dfddbb9c1fb96371f40c9b626d947b8ceead1b6d5773c3f7df5635357bd78589fc870a3e665a03616eb98626d54dc33b8935aa84c5bfae30e2473f64d39b4a223f4c91e798ae3c44622ca2d5606b1d6f4863c3d03e240c1fbd7a0eaa86bf8ca298f52c3e783aa03b0f3dacf086ed188c284d5e435142380de664aa94027e5c8dbc3c1f6beb4dbc8e7656513b259aa068527d6904bd69baea09259558f481858007623c590d539200f7ef8d4b66b8115dc0c43049667f3e34f34ee0ae41565d59a6fdbb283a459888cc72815b2156e33b1346d72b67ca4f101909fbfb98cc9bc585250fc03c17ba556a5a5b3e29116a3085db30c9b68fbe6c6a6dc3e3278d64bd77ac2305111470019dcddae99dad37cf9c5681eab50bc9b710af5d4d6e6a227366296c425b8e12f806404247caf739889ee074acb8424db260622e069bf26d0baa500d3342e8663aaf7f0bd16a02984d1b081a03bc486ee0a82e2ebe872b74ae7572a2c34c6a565c2599bb03fa41a7941636ef9f81b3a8e4f0cc1b457bfa2126e006ddd942353aa5bec5ce6c242efa682514dfb81b139c602e5ec0311c36823df21b0d245303c3ff6a8acb4c0822570623913323f18fc4f071ea2b3cc4d95cc1c5a4a2977371bb6962b89d73b8cfb8a2969dabe07b87514b764fd7ef3c7673f1e9c6d6133538e8274ab1fed92e6bc861825cb912a2b69f7e9957038c15d341dc3b2d0c0bf97f9513c0d2041aa9ae9a38a41b9d972fa7265ac10b8abfc6e9bf0708aaf0731dc48bbf0a05784bcdc915be5d20d907754605ad164831ebfddee02a8be139604b728a23c74978f444c559aa8119187d03df54391ba2cdad3c676a782ad6a439cd2fba62fd33909c42f2a8635b80dffa47105225a26acf26eb8fdb941b106545f98515079e86f2e0934f35aa5c9a8ba388f0661cecee2a91f77e4129a4b6fc68665757fe8cd134309c39a5caa1c5eb4b585f2381697925420b84d4f00b5fdfbb5ea1bac42e2edaa229dd55750f23f7f3e9bb8f91de1d5c9fe2155d64dea5f9873e3805d7a1c77b0d89ecded66f42cb837cf012f14ce00af36ab3fbdfc3ceb5c66634b7876e16926a44372112906b76727b27b49852a1704570f6f841265f33d7dcb82ff2cd5256bc06ba24c24defc6584d6ce494b8f6011118699eaae35ce1151f2f9b6ff771766b0d581f75f5bcaaffe009eef4919b2ca071a982d146b41e299173e0f206f68c5b4a6426f6ceacb1694586d6db125a810ef665760e9cb7d33b886a086865f4a29a2e15187a748fcd2d9837377579bc8d8ee2f05ae00a59cdde8bff2b158be8bf94949fbb6c31cecab8a0d538002cbb9fbb5c00e81b4d549927a5aeab592b247d2f83a328eb36eaff516f0786bb90496456ac4b04457bed0d4a3914513e579c7970cedc7d7279ae6e14aada98342661f897440c2ad0e17c771e9740ef8d7c083c1315c1ba1f6106e2b7463b3529618953673390f8f6b74302e9e426911750e025391529998eded24fbf5f3df39642a53193228aac0e9923f2fb8125842f46b7df3f8ce0cb10f7ac6f83cbbeae34c70afd9c4e4f244a9301c8946f851dbfd695b5c64f1be226ece44b4dc0b7cea1fd81a65344f97b3f91bf2fdf2dd145e0e08a964ec81c23c32f75cf48819e072ea0a7e090691e4f945bbdf008a0226b0ebef2b0d2543c9adbf912d6c1ade03846b85985fbfbff07d642d5f887d86b382543bd47d2bdf47443ac1d5ed04807d45db3fa5b68af5f37440bac30e8d6840f15428339f7a5d1e550d00780963a9f214e1c823e70ef100612397616d47c02d925155aa294c0e9d6dca6ccb7cf7dbac258f6a14a37a7fab1c57f30b2315900ff53583c2b7d448915f82abf46ec9563c87f34bd80074e629e6834d8698de76505a56dcda2bb7001511b5154b77feba426c11f51ab49e378b08edfbd62d5c883360c4b596531c37f51c4b6098443cc242d606156db26bd476d088620cc2805f0ba9c04543dbd0d69cbc92f68176d3c02660ed6f1abaea856b70720108aee681cfe0e902712edf87884355106ade0029f26fc99db93328bd70de190174c68459ed24f4d44b4d06022e5d682f44f4e1ebf364a8fc4bc4e48340300fb7f58d73a40704a525684798db7c9bbd3c8d9d9101df988d1d0121ce7f0b1ffba9de61c9565b4ad36dc16c300aa7c47e0f42eb7a9b402f5e0a515fe95b90514214ff46d7e1903fd8d73c0dddac0d5f8a06e821148dfbc9facbc92c7b848de91e527f97ff0f6a2100bbe2e4ee3cbd51816a2fd04588f992c075654f6c79ae23287c8734eb0db3192d94b74c10bad881195c264a9010dbc97959ec0a8d2bc661917b8f3787a6d3b7e50869ff05046d63bdad5d02b560986fd3135e76047b97854ed12539892c031bcb6b631288f7377beb38fa4569d1641c5098db3513d1cc3274719ab1d65205f0d824fa1e24e6e0dfad5db551d200430dfc0f3a7f9d9db628795a2d36d1f549026d51603845a7bf73286cac7da65416f20f242e6fd87cd5c2569c3d17a0b8b2cb87b92a2665982dcab02816f93fccdbc6d06bcc812c21880bf2de97c0712d1e946a33887c3f319fca13170103c754276b7e7d8ec703d1204d194e147689557f4ff22d6a438a9ada9aea965be341f2234be923a2f1d5ef9ee1e8e2d77691721b4ae86a9eb25e09e77990f3f87e0f98334284423731cbbcd62f7524803bdaa005104d3b10c0531f8b480c85e9598dc32dc702be08dee52eebf0b143453c7805baee4bae3e1677198c4c9b994824f4cb991411e51f014914002576c16557cd9c3129d1e6ecf86d09ee17930cb6d67318290b0546d765f29ab66841b91f35b0ddaa035240ea0b563a59481efad000f7f8563771880c4bbeb0183174301a93ff763400f481530ef760c02ad2c07a3e4192287b6940ec52e3d67746cb25ef9a522cf0cf9b1bb9d2835b7ff03b36d278ab6592c690b5f76dff7f62af8209a575a8ce59cc91e6c426a37f6cde8aa6eca67869ed0d6df34f39c295b9d543c9f724399c3df6b8ab90d2fc7db31cf02bce5112d2a2795539ca880dee5b298d8f3acf60a0d70b1ac04f15ded81b61365e4694c9d66900db16688c44e009a99b8c1ce968f7e42e82e5a3f71aa3806d5ae1148ac572987b64b1fdaa8f253db5c823ce3432a7e5c6a8c83130bc229519819c0bf667a866aa83bdf07a23346a7f9322433d7d47d00f146f45dc6a5ffe74169fbcd495494d7d17b1b7ee86eebfa81a44345a2cfb1421a2d49a9542f52b036a6f76846464928499d0b766e0c393349c6d725190468300a0635f1038c4b624a38176c19b9639edded69a576f3a83f84b686da46ef467ff17f1ed3c14bff28a1b2e864cc9bfc069f1c0569ca37842c27ac7be8c5e2a3574c69719b4d2ef606afe5ac236f115630d62852cbdf48489a5fa88eb407f30660cacddb509baadb96f418f930124870c5588a98852e6ff2634af4ad4d0e949265b2d4659f3261e7af340f66f5ddb8b43ce5124d779e6b88468503258a6fde0bc80e503635bb4779ecda9c1a1decc66ea6908e0fafdec92520b3e01d8e6966db8b3e6947e4499af7d77057d7bd100aa0ed3cd1d4d2b0b5650afb85bdc34da4f37982c56c72e08133a5b4263692925c50f2507c1d6e4a9421ba1c4d0c64320958e646b86c82470cedb26415244e569b952894777c951aaef2df7dec3b7269f459a8c2ec8e1f191c982a1f31c69649dc42bd887233cabed2cf167bb36c186c2fdbfb5ea44ce4dfd63a31583f505ff1f86a69fb5b2e9fd8b49352c90edf41563e1e4fe281c57af187375c4dccd0197a511f6f7c1a34ab5881c5c3b78e7043bcf7e549d3c4dcf2bd252ddb0db9cf14d3ad65693"}) 18:28:37 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x13, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:37 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x100) stat(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140)={{}, {}, [{0x2, 0x4, 0xee00}, {0x2, 0x4, 0xee00}, {0x2, 0x2, 0xffffffffffffffff}, {0x2, 0x2}, {0x2, 0x0, 0xffffffffffffffff}], {0x4, 0x4}, [{0x8, 0x4, r1}], {0x10, 0x3}, {0x20, 0x6}}, 0x54, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) 18:28:37 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1340.201999] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.7'. 18:28:37 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x13, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:37 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:28:37 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:37 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:37 executing program 0: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0xfffffffc}}, './file0\x00'}) ioctl$MON_IOCX_GETX(r2, 0x9208, &(0x7f0000000100)={0x0, 0x0}) [ 1340.262638] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.7'. [ 1340.308365] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. 18:28:54 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:28:54 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:28:54 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:28:54 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:54 executing program 0: r0 = open(&(0x7f0000000000)='./file0\x00', 0x20040, 0x9) ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f0000000040)) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000140)=0x5) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_URB_LEN(r2, 0x9201) open(&(0x7f00000000c0)='./file0\x00', 0xf8b41, 0x30) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:28:54 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) [ 1356.907609] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. 18:28:54 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x16, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:54 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1356.957645] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. 18:28:54 executing program 1: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:54 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) 18:28:54 executing program 0: ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000300)='/dev/usbmon#\x00') setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000000)={0x4}, 0x4) getpeername(0xffffffffffffffff, &(0x7f0000000240)=@ethernet={0x0, @link_local}, &(0x7f00000002c0)=0x80) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1ad5b4d03466f4fcb24efd0a33df82de6b66e958928126026f3d6cfadc7009c7dbe618e9b9437d656c60c73e4d1a2c30ad4632d93241377886f89ad686d82e223d39b435a26b2dd2f1af248b12620e6ddead3c3e2897e0b55aa742ea4b3b22e4e668e5d199ac00d7552ab3a1e99f529f2237e3a57f2269eb9435b3d9d99dc49f04b0330b901dbf669ebff94a9d561ee468a817674f40ca7735361d26c3ed881ae455ef1a143b18131371145fa9c7521cd044ee3167fb0e138e2afac58c37e8b114a9174f8d8d1c15b950b8fc095edb509ecae24710e0647399726a070b65a0877c4aaa3f473813a6303b1fd66dd715b1bbbad3e094c729", 0xf7}, {&(0x7f0000000040)="b4c49404cfeb67dddd4c1ba4538a0e0f58a48b3107356f6c08b86134d81c72cd7a65f885c9a90889362c0b87d5908be9f3efbbbb9bf542ba8ea91e992eb4446ec3924f7989529b8b0ec13b43d1dc28021ab7c076346c9b", 0x57}], 0x2, 0x1, 0x8000) r1 = socket$packet(0x11, 0x2, 0x300) recvmsg(r1, &(0x7f0000000580)={&(0x7f0000000340)=@un=@abs, 0x80, &(0x7f0000000540)=[{&(0x7f00000003c0)=""/208, 0xd0}, {&(0x7f00000004c0)=""/86, 0x56}], 0x2}, 0x1) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, 0x0, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x40}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40012) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000005c0)={0x5, 0x3, 0x7}) 18:28:54 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x17, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:28:54 executing program 5: r0 = open(&(0x7f0000000000)='./file0\x00', 0x20040, 0x9) ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f0000000040)) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000140)=0x5) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_URB_LEN(r2, 0x9201) open(&(0x7f00000000c0)='./file0\x00', 0xf8b41, 0x30) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:29:11 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:29:11 executing program 5: r0 = open(&(0x7f0000000000)='./file0\x00', 0x20040, 0x9) ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f0000000040)) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000140)=0x5) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r2, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_URB_LEN(r2, 0x9201) open(&(0x7f00000000c0)='./file0\x00', 0xf8b41, 0x30) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:29:11 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:11 executing program 1: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:11 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) futimesat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{r2, r3/1000+60000}}) 18:29:11 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x18, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) 18:29:11 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:29:11 executing program 1: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:11 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7, 0x400000) mmap$usbmon(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000008, 0x10010, r0, 0x100) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000140)=""/168, 0xa8}) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/104, 0x68}, {&(0x7f00000000c0)=""/17, 0x11}, {&(0x7f0000000280)=""/18, 0x12}], 0x3, 0x5, 0x0) 18:29:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) 18:29:11 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) 18:29:11 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x1b, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:11 executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:11 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1373.601247] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.7'. 18:29:11 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) 18:29:24 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x28, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 2: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:24 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) semget$private(0x0, 0x4, 0x0) 18:29:24 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 18:29:24 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:29:24 executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) [ 1386.475196] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.7'. 18:29:24 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x2, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1386.508169] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'. 18:29:24 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) 18:29:24 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x8, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 18:29:24 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) [ 1386.646491] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'. 18:29:24 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0xe, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:24 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) 18:29:24 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) 18:29:39 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x19, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:39 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:29:39 executing program 2: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:39 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:39 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:29:39 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:29:39 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 18:29:39 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) [ 1401.808640] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'. 18:29:39 executing program 0: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:29:39 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x300, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:39 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 18:29:39 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:29:39 executing program 2: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:39 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:39 executing program 3: unshare(0x8000000) 18:29:53 executing program 0: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x2, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:53 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:29:53 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) 18:29:53 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:29:53 executing program 2: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:53 executing program 3: unshare(0x8000000) 18:29:53 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) 18:29:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x3, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:53 executing program 3: unshare(0x8000000) 18:29:53 executing program 2: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x4, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:29:53 executing program 0: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:29:53 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:29:53 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:29:53 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:29:53 executing program 0: unshare(0x8000000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:07 executing program 5: unshare(0x8000000) 18:30:07 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:07 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:07 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:30:07 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x8, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:07 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x4, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:07 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:30:07 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:30:07 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:07 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:30:07 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 18:30:07 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x9, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:07 executing program 5: unshare(0x8000000) 18:30:07 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:07 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 18:30:07 executing program 3: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:07 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:30:07 executing program 5: unshare(0x8000000) 18:30:20 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:30:20 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:20 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:30:20 executing program 3: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:20 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) semget$private(0x0, 0x4, 0x0) 18:30:20 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:20 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) 18:30:20 executing program 3: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:20 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:20 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) 18:30:20 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x147, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:20 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:20 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:20 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) 18:30:20 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40d00, 0x0) unshare(0x8000000) 18:30:35 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x300, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:35 executing program 4: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:30:35 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:35 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:35 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:35 executing program 6: unshare(0x8000000) unshare(0x20000) 18:30:35 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:35 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:35 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:35 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x900, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:35 executing program 6: unshare(0x20000) 18:30:35 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x0, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:35 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:35 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:35 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:35 executing program 0: unshare(0x8000000) 18:30:35 executing program 6: unshare(0x0) [ 1472.502632] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. 18:30:50 executing program 4: unshare(0x8000000) unshare(0x20000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:30:50 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) 18:30:50 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:30:50 executing program 6: unshare(0x0) 18:30:50 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf00, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:50 executing program 0: unshare(0x8000000) 18:30:50 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:50 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:50 executing program 6: unshare(0x0) 18:30:50 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:30:50 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:30:50 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:30:50 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) 18:30:50 executing program 0: unshare(0x8000000) 18:30:50 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x2000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:30:50 executing program 6: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) [ 1472.665220] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. 18:31:02 executing program 4: unshare(0x8000000) unshare(0x20000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:02 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x234e, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:02 executing program 6: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:02 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:02 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:02 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) 18:31:02 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) [ 1485.218124] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. 18:31:02 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:03 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x8, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:03 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:03 executing program 4: unshare(0x8000000) unshare(0x20000) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:03 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x4701, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:03 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:16 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) futimesat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{r2, r3/1000+60000}}) 18:31:16 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:16 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:16 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:31:16 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents(r1, &(0x7f0000000440)=""/57, 0x39) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) futimesat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{r2, r3/1000+60000}}) 18:31:16 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) 18:31:16 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x4e23, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:16 executing program 4: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:16 executing program 1: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) 18:31:16 executing program 3: ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000300)='/dev/usbmon#\x00') setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000000)={0x4}, 0x4) getpeername(0xffffffffffffffff, &(0x7f0000000240)=@ethernet={0x0, @link_local}, &(0x7f00000002c0)=0x80) r0 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1ad5b4d03466f4fcb24efd0a33df82de6b66e958928126026f3d6cfadc7009c7dbe618e9b9437d656c60c73e4d1a2c30ad4632d93241377886f89ad686d82e223d39b435a26b2dd2f1af248b12620e6ddead3c3e2897e0b55aa742ea4b3b22e4e668e5d199ac00d7552ab3a1e99f529f2237e3a57f2269eb9435b3d9d99dc49f04b0330b901dbf669ebff94a9d561ee468a817674f40ca7735361d26c3ed881ae455ef1a143b18131371145fa9c7521cd044ee3167fb0e138e2afac58c37e8b114a9174f8d8d1c15b950b8fc095edb509ecae24710e0647399726a070b65a0877c4aaa3f473813a6303b1fd66dd715b1bbbad3e094c729", 0xf7}, {&(0x7f0000000040)="b4c49404cfeb67dddd4c1ba4538a0e0f58a48b3107356f6c08b86134d81c72cd7a65f885c9a90889362c0b87d5908be9f3efbbbb9bf542ba8ea91e992eb4446ec3924f7989529b8b0ec13b43d1dc28021ab7c076346c9b", 0x57}], 0x2, 0x1, 0x8000) r1 = socket$packet(0x11, 0x2, 0x300) recvmsg(r1, &(0x7f0000000580)={&(0x7f0000000340)=@un=@abs, 0x80, &(0x7f0000000540)=[{&(0x7f00000003c0)=""/208, 0xd0}, {&(0x7f00000004c0)=""/86, 0x56}], 0x2}, 0x1) ioctl$MON_IOCX_GETX(r0, 0x9208, &(0x7f0000000100)={0x0, 0x0}) r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000040)=0xfffffffffffffffc) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, 0x0, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x40}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40012) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000005c0)={0x5, 0x3, 0x7}) 18:31:16 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:16 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:31:16 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1499.208471] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'. 18:31:16 executing program 3: unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semget$private(0x0, 0x4, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:17 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x80000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:17 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:31:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x80000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:31 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:31 executing program 1: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:31 executing program 4: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:31 executing program 5: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:31 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) 18:31:31 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x1000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:31 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x2000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:31 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x3000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 6: unshare(0x8000000) unshare(0x20000) semget$private(0x0, 0x4000, 0x0) unshare(0x2010040) r0 = semget$private(0x0, 0x4, 0x0) semtimedop(r0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r0, &(0x7f0000000100)=[{0x1}, {0x0, 0x9}], 0x2, 0x0) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) 18:31:45 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:45 executing program 5: unshare(0x8000000) r0 = semget$private(0x0, 0x4000, 0x0) unshare(0x10000) unshare(0xa4010580) unshare(0x400) unshare(0x20000100) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) semctl$IPC_RMID(r0, 0x0, 0x0) unshare(0x6000000) unshare(0x800) r1 = semget$private(0x0, 0x4, 0x0) semtimedop(r1, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000000)=""/75) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x4}, {0x4, 0x6, 0x1800}, {0x2}, {0x2, 0xffe8, 0x1000}, {0x4, 0x3, 0x4c1f27471e17cd90}], 0x5, &(0x7f0000000040)) unshare(0x300) 18:31:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) 18:31:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:45 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x4000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 3: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:31:45 executing program 3: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x9000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:31:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x0) 18:31:59 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x20000000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 6: unshare(0x8000000) semget$private(0x0, 0x3, 0x16c) semtimedop(0x0, &(0x7f0000000100)=[{0x3}, {0x0, 0x9}], 0x2, 0x0) r0 = semget(0x3, 0x0, 0x400) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/74) semctl$IPC_STAT(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000140)=""/170) 18:31:59 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4701, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:59 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:31:59 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:31:59 executing program 3: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x47010000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmmsg$inet6(r0, &(0x7f0000002580)=[{{&(0x7f00000013c0)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000000)="d7061e52", 0x4}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="1800000000000000290000003700000000000000000000001000000000000000290000000b"], 0x30}}], 0x2, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000001e00), 0x0, 0x0) ioctl$MON_IOCX_GETX(r1, 0x9208, &(0x7f0000000100)={0x0, 0x0}) 18:31:59 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 1) 18:31:59 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 1) [ 1541.419786] FAULT_INJECTION: forcing a failure. [ 1541.419786] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.421154] CPU: 0 PID: 8377 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1541.422063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1541.423272] Call Trace: [ 1541.423548] [ 1541.423795] dump_stack_lvl+0x8b/0xb3 [ 1541.424208] should_fail.cold+0x5/0xa [ 1541.424611] ? create_new_namespaces+0x30/0xb30 [ 1541.425110] should_failslab+0x5/0x10 [ 1541.425550] kmem_cache_alloc+0x5b/0x480 [ 1541.425978] ? cap_capable+0x1eb/0x250 [ 1541.426401] create_new_namespaces+0x30/0xb30 [ 1541.426887] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1541.427417] ksys_unshare+0x445/0x8d0 [ 1541.427838] ? unshare_fd+0x1c0/0x1c0 [ 1541.428255] ? lock_is_held_type+0xd7/0x130 [ 1541.428720] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1541.429269] __x64_sys_unshare+0x2d/0x40 [ 1541.429709] do_syscall_64+0x3b/0x90 [ 1541.430109] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1541.430653] RIP: 0033:0x7fdbeab6ab19 [ 1541.431058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.432975] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1541.433800] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1541.434552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1541.435296] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.436041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.436814] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1541.437587] 18:31:59 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 1) [ 1541.460189] FAULT_INJECTION: forcing a failure. [ 1541.460189] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1541.462868] CPU: 1 PID: 8382 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1541.464653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1541.467142] Call Trace: [ 1541.467705] [ 1541.468195] dump_stack_lvl+0x8b/0xb3 [ 1541.469048] should_fail.cold+0x5/0xa [ 1541.469914] _copy_from_user+0x2a/0x170 [ 1541.470812] __copy_msghdr_from_user+0x91/0x4b0 [ 1541.471854] ? __ia32_sys_shutdown+0x70/0x70 [ 1541.472838] ? __lock_acquire+0xbac/0x6120 [ 1541.473809] sendmsg_copy_msghdr+0xa1/0x160 [ 1541.474767] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1541.475779] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1541.476938] ? lock_release+0x3b2/0x750 [ 1541.477849] ___sys_sendmsg+0xc6/0x170 [ 1541.478720] ? sendmsg_copy_msghdr+0x160/0x160 [ 1541.479768] ? lock_release+0x3b2/0x750 [ 1541.480649] ? __fget_files+0x265/0x470 [ 1541.481578] ? lock_downgrade+0x6d0/0x6d0 [ 1541.482500] ? lock_release+0x3b2/0x750 [ 1541.483399] ? ksys_write+0x20c/0x250 [ 1541.484247] ? lock_downgrade+0x6d0/0x6d0 [ 1541.485206] ? __fget_files+0x287/0x470 [ 1541.486135] ? __fget_light+0xea/0x270 [ 1541.487010] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1541.488268] __sys_sendmsg+0xe5/0x1b0 [ 1541.489125] ? __sys_sendmsg_sock+0x30/0x30 [ 1541.490118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1541.491348] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1541.492603] ? fput+0x2a/0x50 [ 1541.493317] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1541.494510] do_syscall_64+0x3b/0x90 [ 1541.495349] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1541.496486] RIP: 0033:0x7f2930c12b19 [ 1541.497301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.501316] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1541.502981] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1541.504542] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1541.506100] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.507642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.509187] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1541.510776] [ 1541.532160] FAULT_INJECTION: forcing a failure. [ 1541.532160] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.534792] CPU: 1 PID: 8385 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 18:31:59 executing program 3: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1541.536585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1541.539247] Call Trace: [ 1541.539821] [ 1541.540313] dump_stack_lvl+0x8b/0xb3 [ 1541.541164] should_fail.cold+0x5/0xa [ 1541.542035] ? create_new_namespaces+0x30/0xb30 [ 1541.543068] should_failslab+0x5/0x10 [ 1541.543919] kmem_cache_alloc+0x5b/0x480 [ 1541.544823] ? cap_capable+0x1eb/0x250 [ 1541.545722] create_new_namespaces+0x30/0xb30 [ 1541.546728] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1541.547820] ksys_unshare+0x445/0x8d0 [ 1541.548668] ? unshare_fd+0x1c0/0x1c0 [ 1541.549523] ? lock_is_held_type+0xd7/0x130 [ 1541.550498] ? syscall_enter_from_user_mode+0x1d/0x50 18:31:59 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 2) [ 1541.551632] __x64_sys_unshare+0x2d/0x40 [ 1541.552615] do_syscall_64+0x3b/0x90 [ 1541.553438] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1541.554604] RIP: 0033:0x7f4b4ea85b19 [ 1541.555417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.559423] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1541.561075] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1541.562633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1541.564192] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.565758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.567302] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1541.568875] 18:31:59 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x4e230000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1541.584070] FAULT_INJECTION: forcing a failure. [ 1541.584070] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.585467] CPU: 0 PID: 8389 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1541.586370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1541.587598] Call Trace: [ 1541.587877] [ 1541.588123] dump_stack_lvl+0x8b/0xb3 [ 1541.588554] should_fail.cold+0x5/0xa [ 1541.588981] ? create_object.isra.0+0x3a/0xa20 [ 1541.589499] should_failslab+0x5/0x10 [ 1541.589921] kmem_cache_alloc+0x5b/0x480 [ 1541.590382] create_object.isra.0+0x3a/0xa20 [ 1541.590876] ? kasan_unpoison+0x23/0x50 [ 1541.591319] kmem_cache_alloc+0x239/0x480 [ 1541.591782] create_new_namespaces+0x30/0xb30 [ 1541.592259] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1541.592813] ksys_unshare+0x445/0x8d0 [ 1541.593216] ? unshare_fd+0x1c0/0x1c0 [ 1541.593643] ? lock_is_held_type+0xd7/0x130 [ 1541.594142] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1541.594713] __x64_sys_unshare+0x2d/0x40 [ 1541.595144] do_syscall_64+0x3b/0x90 [ 1541.595564] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1541.596112] RIP: 0033:0x7fdbeab6ab19 [ 1541.596525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.598467] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1541.599304] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1541.600083] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1541.600873] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.601683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.602459] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1541.603258] 18:31:59 executing program 3: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 2) 18:31:59 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x9effffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:31:59 executing program 3: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1541.699792] FAULT_INJECTION: forcing a failure. [ 1541.699792] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.702382] CPU: 1 PID: 8396 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1541.704180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1541.706668] Call Trace: [ 1541.707232] [ 1541.707723] dump_stack_lvl+0x8b/0xb3 [ 1541.708573] should_fail.cold+0x5/0xa [ 1541.709421] ? create_object.isra.0+0x3a/0xa20 [ 1541.710450] should_failslab+0x5/0x10 [ 1541.711295] kmem_cache_alloc+0x5b/0x480 [ 1541.712208] create_object.isra.0+0x3a/0xa20 [ 1541.713174] ? kasan_unpoison+0x23/0x50 [ 1541.714066] kmem_cache_alloc+0x239/0x480 [ 1541.714996] create_new_namespaces+0x30/0xb30 [ 1541.716006] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1541.717090] ksys_unshare+0x445/0x8d0 [ 1541.717960] ? unshare_fd+0x1c0/0x1c0 [ 1541.718809] ? lock_is_held_type+0xd7/0x130 [ 1541.719789] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1541.720922] __x64_sys_unshare+0x2d/0x40 [ 1541.721838] do_syscall_64+0x3b/0x90 [ 1541.722667] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1541.723807] RIP: 0033:0x7f4b4ea85b19 [ 1541.724618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.728632] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1541.730305] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1541.731853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1541.733403] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.734964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.736515] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1541.738122] [ 1556.074445] FAULT_INJECTION: forcing a failure. [ 1556.074445] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1556.077218] CPU: 1 PID: 8403 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1556.079170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1556.081850] Call Trace: [ 1556.082464] [ 1556.082998] dump_stack_lvl+0x8b/0xb3 [ 1556.083920] should_fail.cold+0x5/0xa 18:32:13 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 2) 18:32:13 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 3) 18:32:13 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 18:32:13 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:32:13 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:32:13 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xf0ffffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:13 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 3) 18:32:13 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) [ 1556.084837] _copy_from_user+0x2a/0x170 [ 1556.085987] iovec_from_user+0x236/0x3c0 [ 1556.086791] ? _copy_from_user+0xf2/0x170 [ 1556.087793] __import_iovec+0x64/0x5c0 [ 1556.088569] import_iovec+0x83/0xb0 [ 1556.089447] sendmsg_copy_msghdr+0x12d/0x160 [ 1556.090331] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1556.091420] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1556.092447] ? lock_release+0x3b2/0x750 [ 1556.093398] ___sys_sendmsg+0xc6/0x170 [ 1556.094182] ? sendmsg_copy_msghdr+0x160/0x160 [ 1556.095268] ? lock_release+0x3b2/0x750 [ 1556.096043] ? __fget_files+0x265/0x470 [ 1556.096984] ? lock_downgrade+0x6d0/0x6d0 [ 1556.097817] ? lock_release+0x3b2/0x750 18:32:13 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) [ 1556.098758] ? ksys_write+0x20c/0x250 [ 1556.099587] ? lock_downgrade+0x6d0/0x6d0 [ 1556.100420] ? __fget_files+0x287/0x470 [ 1556.101216] ? __fget_light+0xea/0x270 [ 1556.102013] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1556.103111] __sys_sendmsg+0xe5/0x1b0 [ 1556.103875] ? __sys_sendmsg_sock+0x30/0x30 [ 1556.104730] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1556.105846] ? fput+0x2a/0x50 [ 1556.106478] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.107499] do_syscall_64+0x3b/0x90 [ 1556.108241] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.109281] RIP: 0033:0x7f2930c12b19 [ 1556.110027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.113561] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1556.115052] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1556.116425] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1556.117830] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.119201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.120563] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1556.121976] [ 1556.132920] FAULT_INJECTION: forcing a failure. [ 1556.132920] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.132973] FAULT_INJECTION: forcing a failure. [ 1556.132973] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.134241] CPU: 0 PID: 8416 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1556.137079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1556.138175] Call Trace: [ 1556.138429] [ 1556.138647] dump_stack_lvl+0x8b/0xb3 [ 1556.139031] should_fail.cold+0x5/0xa [ 1556.139410] ? copy_ipcs+0x184/0x5d0 [ 1556.139779] should_failslab+0x5/0x10 [ 1556.140155] kmem_cache_alloc_trace+0x55/0x3c0 [ 1556.140614] copy_ipcs+0x184/0x5d0 [ 1556.140963] ? copy_utsname+0xa9/0x4a0 [ 1556.141354] create_new_namespaces+0x210/0xb30 [ 1556.141884] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1556.142376] ksys_unshare+0x445/0x8d0 [ 1556.142770] ? unshare_fd+0x1c0/0x1c0 [ 1556.143159] ? lock_is_held_type+0xd7/0x130 [ 1556.143615] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.144142] __x64_sys_unshare+0x2d/0x40 [ 1556.144561] do_syscall_64+0x3b/0x90 [ 1556.144955] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.145497] RIP: 0033:0x7fdbeab6ab19 [ 1556.145887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.147723] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1556.148484] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1556.149204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1556.149938] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.150657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.151370] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1556.152093] [ 1556.152328] CPU: 1 PID: 8417 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 18:32:13 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) [ 1556.153993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1556.156351] Call Trace: [ 1556.156858] [ 1556.157301] dump_stack_lvl+0x8b/0xb3 [ 1556.158092] should_fail.cold+0x5/0xa [ 1556.158855] ? copy_ipcs+0x184/0x5d0 [ 1556.159597] should_failslab+0x5/0x10 [ 1556.160359] kmem_cache_alloc_trace+0x55/0x3c0 [ 1556.161285] copy_ipcs+0x184/0x5d0 [ 1556.162012] ? copy_utsname+0xa9/0x4a0 [ 1556.162801] create_new_namespaces+0x210/0xb30 [ 1556.163725] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1556.164707] ksys_unshare+0x445/0x8d0 [ 1556.165474] ? unshare_fd+0x1c0/0x1c0 [ 1556.166266] ? lock_is_held_type+0xd7/0x130 [ 1556.167153] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.168185] __x64_sys_unshare+0x2d/0x40 [ 1556.169001] do_syscall_64+0x3b/0x90 [ 1556.169777] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.170811] RIP: 0033:0x7f4b4ea85b19 [ 1556.171545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.175212] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1556.176715] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1556.178148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1556.179579] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.181007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.182517] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1556.183998] 18:32:13 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xfcffffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:14 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 4) 18:32:14 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 3) 18:32:14 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:32:14 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:32:14 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 4) [ 1556.358318] FAULT_INJECTION: forcing a failure. [ 1556.358318] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.361055] CPU: 1 PID: 8429 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1556.363013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1556.365271] Call Trace: [ 1556.365808] [ 1556.366264] dump_stack_lvl+0x8b/0xb3 [ 1556.367053] should_fail.cold+0x5/0xa [ 1556.367826] ? create_object.isra.0+0x3a/0xa20 [ 1556.368752] should_failslab+0x5/0x10 [ 1556.369524] kmem_cache_alloc+0x5b/0x480 [ 1556.370389] create_object.isra.0+0x3a/0xa20 [ 1556.371276] ? kasan_unpoison+0x23/0x50 [ 1556.372091] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1556.373045] copy_ipcs+0x184/0x5d0 [ 1556.373801] ? copy_utsname+0xa9/0x4a0 [ 1556.374606] create_new_namespaces+0x210/0xb30 [ 1556.375549] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1556.376550] ksys_unshare+0x445/0x8d0 [ 1556.377476] ? unshare_fd+0x1c0/0x1c0 [ 1556.378285] ? lock_is_held_type+0xd7/0x130 [ 1556.379356] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.380398] __x64_sys_unshare+0x2d/0x40 [ 1556.381375] do_syscall_64+0x3b/0x90 [ 1556.382174] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.383228] RIP: 0033:0x7f4b4ea85b19 [ 1556.383970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.387636] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1556.389150] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1556.390594] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1556.392023] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.393444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.394892] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1556.396345] [ 1556.398994] FAULT_INJECTION: forcing a failure. [ 1556.398994] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.401311] CPU: 1 PID: 8430 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1556.402968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1556.405218] Call Trace: [ 1556.405763] [ 1556.406222] dump_stack_lvl+0x8b/0xb3 [ 1556.407000] should_fail.cold+0x5/0xa [ 1556.407777] ? __alloc_skb+0x211/0x340 [ 1556.408572] should_failslab+0x5/0x10 [ 1556.408987] FAULT_INJECTION: forcing a failure. [ 1556.408987] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.409346] kmem_cache_alloc_node+0x55/0x490 [ 1556.409401] __alloc_skb+0x211/0x340 [ 1556.413481] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1556.414624] netlink_sendmsg+0x98d/0xe00 [ 1556.415461] ? netlink_unicast+0x800/0x800 [ 1556.416488] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1556.417592] ? netlink_unicast+0x800/0x800 [ 1556.418629] sock_sendmsg+0x150/0x190 [ 1556.419391] ____sys_sendmsg+0x703/0x870 [ 1556.420368] ? kernel_sendmsg+0x50/0x50 [ 1556.421164] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1556.422271] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1556.423328] ? lock_release+0x3b2/0x750 [ 1556.424284] ___sys_sendmsg+0xf3/0x170 [ 1556.425075] ? sendmsg_copy_msghdr+0x160/0x160 [ 1556.426097] ? lock_release+0x3b2/0x750 [ 1556.426893] ? lock_downgrade+0x6d0/0x6d0 [ 1556.427733] ? lock_release+0x3b2/0x750 [ 1556.428577] ? ksys_write+0x20c/0x250 [ 1556.429377] ? lock_downgrade+0x6d0/0x6d0 [ 1556.430271] ? __fget_files+0x287/0x470 [ 1556.431143] ? __fget_light+0xea/0x270 [ 1556.431980] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1556.433151] __sys_sendmsg+0xe5/0x1b0 [ 1556.433981] ? __sys_sendmsg_sock+0x30/0x30 [ 1556.434888] ? __traceiter_irq_enable+0xa0/0xa0 [ 1556.435895] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.437018] do_syscall_64+0x3b/0x90 [ 1556.437843] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.438898] RIP: 0033:0x7f2930c12b19 [ 1556.439634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.443261] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1556.444753] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1556.446186] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1556.447603] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.448994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.450414] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1556.451858] [ 1556.452317] CPU: 0 PID: 8432 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1556.454162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1556.456655] Call Trace: [ 1556.457223] [ 1556.457739] dump_stack_lvl+0x8b/0xb3 [ 1556.458603] should_fail.cold+0x5/0xa [ 1556.459453] ? create_object.isra.0+0x3a/0xa20 [ 1556.460478] should_failslab+0x5/0x10 [ 1556.461335] kmem_cache_alloc+0x5b/0x480 [ 1556.462224] create_object.isra.0+0x3a/0xa20 [ 1556.463097] ? kasan_unpoison+0x23/0x50 [ 1556.463899] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1556.464835] copy_ipcs+0x184/0x5d0 [ 1556.465531] ? copy_utsname+0xa9/0x4a0 [ 1556.466323] create_new_namespaces+0x210/0xb30 [ 1556.467240] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1556.468215] ksys_unshare+0x445/0x8d0 [ 1556.468978] ? unshare_fd+0x1c0/0x1c0 [ 1556.469753] ? lock_is_held_type+0xd7/0x130 [ 1556.470630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1556.471655] __x64_sys_unshare+0x2d/0x40 [ 1556.472463] do_syscall_64+0x3b/0x90 [ 1556.473206] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.474235] RIP: 0033:0x7fdbeab6ab19 [ 1556.474952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.478562] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1556.480042] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1556.481501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1556.483065] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.484614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.486169] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1556.487747] 18:32:28 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:32:28 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xfffff000, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:28 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 4) 18:32:28 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 5) 18:32:28 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:32:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:32:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 5) 18:32:28 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0xffffffffffffffff) 18:32:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 18:32:28 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xffffff7f, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1571.048264] FAULT_INJECTION: forcing a failure. [ 1571.048264] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.049531] CPU: 0 PID: 8456 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1571.050426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1571.051614] Call Trace: [ 1571.051880] [ 1571.052112] dump_stack_lvl+0x8b/0xb3 [ 1571.052513] should_fail.cold+0x5/0xa [ 1571.052908] ? alloc_fs_context+0x58/0x9d0 [ 1571.053349] should_failslab+0x5/0x10 [ 1571.053744] kmem_cache_alloc_trace+0x55/0x3c0 [ 1571.054233] alloc_fs_context+0x58/0x9d0 [ 1571.054667] mq_init_ns+0x16e/0x630 [ 1571.055046] copy_ipcs+0x35e/0x5d0 [ 1571.055423] ? copy_utsname+0xa9/0x4a0 [ 1571.055836] create_new_namespaces+0x210/0xb30 [ 1571.056318] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1571.056860] ksys_unshare+0x445/0x8d0 [ 1571.057071] FAULT_INJECTION: forcing a failure. [ 1571.057071] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.057259] ? unshare_fd+0x1c0/0x1c0 [ 1571.059862] ? lock_is_held_type+0xd7/0x130 [ 1571.060325] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.060882] __x64_sys_unshare+0x2d/0x40 [ 1571.061315] do_syscall_64+0x3b/0x90 [ 1571.061715] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1571.062272] RIP: 0033:0x7f4b4ea85b19 [ 1571.062668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.064592] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1571.065399] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1571.066163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1571.066915] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.067659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1571.068409] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1571.069178] [ 1571.069429] CPU: 1 PID: 8457 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1571.071289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1571.073526] Call Trace: [ 1571.074048] [ 1571.074494] dump_stack_lvl+0x8b/0xb3 [ 1571.075274] should_fail.cold+0x5/0xa [ 1571.076047] ? alloc_fs_context+0x58/0x9d0 [ 1571.076901] should_failslab+0x5/0x10 [ 1571.077671] kmem_cache_alloc_trace+0x55/0x3c0 [ 1571.078599] alloc_fs_context+0x58/0x9d0 [ 1571.079430] mq_init_ns+0x16e/0x630 [ 1571.080170] copy_ipcs+0x35e/0x5d0 [ 1571.080889] ? copy_utsname+0xa9/0x4a0 [ 1571.081688] create_new_namespaces+0x210/0xb30 [ 1571.082641] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1571.083639] ksys_unshare+0x445/0x8d0 [ 1571.084414] ? unshare_fd+0x1c0/0x1c0 [ 1571.085184] ? lock_is_held_type+0xd7/0x130 [ 1571.086082] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.087114] __x64_sys_unshare+0x2d/0x40 [ 1571.087936] do_syscall_64+0x3b/0x90 [ 1571.088688] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1571.089731] RIP: 0033:0x7fdbeab6ab19 [ 1571.090490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.094150] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1571.095663] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1571.097088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1571.098601] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.099972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1571.101342] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1571.102740] 18:32:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) [ 1571.116573] FAULT_INJECTION: forcing a failure. [ 1571.116573] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.117839] CPU: 0 PID: 8462 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1571.118675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1571.119830] Call Trace: [ 1571.120095] [ 1571.120321] dump_stack_lvl+0x8b/0xb3 [ 1571.120715] should_fail.cold+0x5/0xa [ 1571.121102] ? create_object.isra.0+0x3a/0xa20 [ 1571.121571] should_failslab+0x5/0x10 [ 1571.121975] kmem_cache_alloc+0x5b/0x480 [ 1571.122396] create_object.isra.0+0x3a/0xa20 [ 1571.122847] ? kasan_unpoison+0x23/0x50 [ 1571.123256] kmem_cache_alloc_node+0x248/0x490 [ 1571.123729] __alloc_skb+0x211/0x340 [ 1571.124113] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1571.124690] netlink_sendmsg+0x98d/0xe00 [ 1571.125122] ? netlink_unicast+0x800/0x800 [ 1571.125571] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1571.126143] ? netlink_unicast+0x800/0x800 [ 1571.126586] sock_sendmsg+0x150/0x190 [ 1571.126982] ____sys_sendmsg+0x703/0x870 [ 1571.127408] ? kernel_sendmsg+0x50/0x50 [ 1571.127817] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1571.128295] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1571.128836] ? lock_release+0x3b2/0x750 [ 1571.129255] ___sys_sendmsg+0xf3/0x170 [ 1571.129669] ? sendmsg_copy_msghdr+0x160/0x160 [ 1571.130154] ? lock_release+0x3b2/0x750 [ 1571.130568] ? lock_downgrade+0x6d0/0x6d0 [ 1571.130988] ? lock_release+0x3b2/0x750 [ 1571.131401] ? ksys_write+0x20c/0x250 [ 1571.131797] ? lock_downgrade+0x6d0/0x6d0 [ 1571.132233] ? __fget_files+0x287/0x470 [ 1571.132655] ? __fget_light+0xea/0x270 [ 1571.133062] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1571.133634] __sys_sendmsg+0xe5/0x1b0 [ 1571.134044] ? __sys_sendmsg_sock+0x30/0x30 [ 1571.134497] ? __traceiter_irq_enable+0xa0/0xa0 [ 1571.134984] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.135522] do_syscall_64+0x3b/0x90 [ 1571.135909] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1571.136446] RIP: 0033:0x7f2930c12b19 [ 1571.136827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.138721] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1571.139501] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1571.140235] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1571.140965] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.141705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1571.142445] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1571.143185] 18:32:28 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 6) 18:32:28 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) [ 1571.220159] FAULT_INJECTION: forcing a failure. [ 1571.220159] name failslab, interval 1, probability 0, space 0, times 0 [ 1571.221521] CPU: 0 PID: 8468 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1571.222388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1571.223554] Call Trace: [ 1571.223820] [ 1571.224048] dump_stack_lvl+0x8b/0xb3 [ 1571.224460] should_fail.cold+0x5/0xa [ 1571.224866] ? create_object.isra.0+0x3a/0xa20 [ 1571.225358] should_failslab+0x5/0x10 [ 1571.225761] kmem_cache_alloc+0x5b/0x480 [ 1571.226216] create_object.isra.0+0x3a/0xa20 [ 1571.226682] ? kasan_unpoison+0x23/0x50 [ 1571.227111] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1571.227610] alloc_fs_context+0x58/0x9d0 [ 1571.228046] mq_init_ns+0x16e/0x630 [ 1571.228435] copy_ipcs+0x35e/0x5d0 [ 1571.228815] ? copy_utsname+0xa9/0x4a0 [ 1571.229231] create_new_namespaces+0x210/0xb30 [ 1571.229723] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1571.230283] ksys_unshare+0x445/0x8d0 [ 1571.230705] ? unshare_fd+0x1c0/0x1c0 [ 1571.231131] ? lock_is_held_type+0xd7/0x130 [ 1571.231624] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1571.232189] __x64_sys_unshare+0x2d/0x40 [ 1571.232639] do_syscall_64+0x3b/0x90 [ 1571.233050] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1571.233618] RIP: 0033:0x7f4b4ea85b19 [ 1571.234036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1571.236047] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1571.236880] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1571.237656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1571.238446] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1571.239203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1571.239981] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1571.240766] [ 1571.249627] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:32:45 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:32:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:32:45 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:32:45 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 5) 18:32:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xffffff9e, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:45 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 6) 18:32:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 7) 18:32:45 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) [ 1587.389236] FAULT_INJECTION: forcing a failure. [ 1587.389236] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.392036] CPU: 0 PID: 8478 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1587.393986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1587.396697] Call Trace: [ 1587.397305] [ 1587.397841] dump_stack_lvl+0x8b/0xb3 [ 1587.398760] should_fail.cold+0x5/0xa [ 1587.399699] should_failslab+0x5/0x10 [ 1587.400634] __kmalloc_node_track_caller+0x7e/0x440 [ 1587.401861] ? netlink_sendmsg+0x98d/0xe00 [ 1587.402949] __alloc_skb+0xe3/0x340 [ 1587.403839] netlink_sendmsg+0x98d/0xe00 [ 1587.404835] ? netlink_unicast+0x800/0x800 [ 1587.405895] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1587.407236] ? netlink_unicast+0x800/0x800 [ 1587.408241] sock_sendmsg+0x150/0x190 [ 1587.409165] ____sys_sendmsg+0x703/0x870 [ 1587.410150] ? kernel_sendmsg+0x50/0x50 [ 1587.411108] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1587.412275] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1587.413674] ? lock_release+0x3b2/0x750 [ 1587.414674] ___sys_sendmsg+0xf3/0x170 [ 1587.415606] ? sendmsg_copy_msghdr+0x160/0x160 [ 1587.416691] ? lock_release+0x3b2/0x750 [ 1587.417652] ? lock_downgrade+0x6d0/0x6d0 [ 1587.418638] ? lock_release+0x3b2/0x750 [ 1587.419591] ? ksys_write+0x20c/0x250 [ 1587.420496] ? lock_downgrade+0x6d0/0x6d0 [ 1587.421488] ? __fget_files+0x287/0x470 [ 1587.422477] ? __fget_light+0xea/0x270 [ 1587.423416] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1587.424707] __sys_sendmsg+0xe5/0x1b0 [ 1587.425610] ? __sys_sendmsg_sock+0x30/0x30 [ 1587.426662] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1587.427999] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1587.429203] do_syscall_64+0x3b/0x90 [ 1587.430106] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1587.431334] RIP: 0033:0x7f2930c12b19 [ 1587.432195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1587.436444] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1587.438221] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1587.439887] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1587.441545] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1587.443318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1587.445260] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1587.447261] [ 1587.462531] FAULT_INJECTION: forcing a failure. [ 1587.462531] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.466511] CPU: 0 PID: 8484 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1587.468244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1587.470623] Call Trace: [ 1587.471158] [ 1587.471631] dump_stack_lvl+0x8b/0xb3 [ 1587.472451] should_fail.cold+0x5/0xa [ 1587.473248] ? create_object.isra.0+0x3a/0xa20 [ 1587.474217] should_failslab+0x5/0x10 [ 1587.475015] kmem_cache_alloc+0x5b/0x480 [ 1587.475878] create_object.isra.0+0x3a/0xa20 [ 1587.476791] ? kasan_unpoison+0x23/0x50 [ 1587.477624] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1587.478626] alloc_fs_context+0x58/0x9d0 [ 1587.479480] mq_init_ns+0x16e/0x630 [ 1587.480262] copy_ipcs+0x35e/0x5d0 18:32:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xfffffff0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1587.481028] ? copy_utsname+0xa9/0x4a0 [ 1587.481943] create_new_namespaces+0x210/0xb30 [ 1587.482943] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1587.483990] ksys_unshare+0x445/0x8d0 [ 1587.484804] ? unshare_fd+0x1c0/0x1c0 [ 1587.485599] ? lock_is_held_type+0xd7/0x130 [ 1587.486528] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1587.487600] __x64_sys_unshare+0x2d/0x40 [ 1587.488454] do_syscall_64+0x3b/0x90 [ 1587.489225] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1587.490309] RIP: 0033:0x7fdbeab6ab19 [ 1587.491068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1587.494822] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1587.496385] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1587.497848] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1587.499324] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1587.500777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1587.502238] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1587.503713] 18:32:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1587.516249] FAULT_INJECTION: forcing a failure. [ 1587.516249] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.518714] CPU: 0 PID: 8491 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1587.520375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1587.522671] Call Trace: [ 1587.523184] [ 1587.523641] dump_stack_lvl+0x8b/0xb3 [ 1587.524425] should_fail.cold+0x5/0xa [ 1587.525198] ? mqueue_init_fs_context+0x47/0x490 [ 1587.526158] should_failslab+0x5/0x10 [ 1587.526934] kmem_cache_alloc_trace+0x55/0x3c0 [ 1587.527878] mqueue_init_fs_context+0x47/0x490 [ 1587.528795] ? mqueue_create+0x20/0x20 [ 1587.529585] alloc_fs_context+0x563/0x9d0 [ 1587.530453] mq_init_ns+0x16e/0x630 [ 1587.531191] copy_ipcs+0x35e/0x5d0 [ 1587.531903] ? copy_utsname+0xa9/0x4a0 [ 1587.532715] create_new_namespaces+0x210/0xb30 [ 1587.533653] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1587.534669] ksys_unshare+0x445/0x8d0 [ 1587.535455] ? unshare_fd+0x1c0/0x1c0 [ 1587.536234] ? lock_is_held_type+0xd7/0x130 [ 1587.537125] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1587.538188] __x64_sys_unshare+0x2d/0x40 [ 1587.539015] do_syscall_64+0x3b/0x90 [ 1587.539768] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1587.540804] RIP: 0033:0x7f4b4ea85b19 [ 1587.541539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 18:32:45 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 7) [ 1587.545192] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1587.546822] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1587.548249] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1587.549660] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1587.551093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1587.552513] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1587.553953] 18:32:45 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 6) [ 1587.585144] FAULT_INJECTION: forcing a failure. [ 1587.585144] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.586412] CPU: 1 PID: 8497 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1587.587271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1587.588423] Call Trace: [ 1587.588687] [ 1587.588927] dump_stack_lvl+0x8b/0xb3 [ 1587.589338] should_fail.cold+0x5/0xa [ 1587.589742] ? mqueue_init_fs_context+0x47/0x490 [ 1587.590250] should_failslab+0x5/0x10 [ 1587.590653] kmem_cache_alloc_trace+0x55/0x3c0 [ 1587.591158] mqueue_init_fs_context+0x47/0x490 [ 1587.591640] ? mqueue_create+0x20/0x20 [ 1587.592064] alloc_fs_context+0x563/0x9d0 [ 1587.592507] mq_init_ns+0x16e/0x630 [ 1587.592898] copy_ipcs+0x35e/0x5d0 [ 1587.593267] ? copy_utsname+0xa9/0x4a0 [ 1587.593693] create_new_namespaces+0x210/0xb30 [ 1587.594199] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1587.594718] ksys_unshare+0x445/0x8d0 [ 1587.595127] ? unshare_fd+0x1c0/0x1c0 [ 1587.595532] ? lock_is_held_type+0xd7/0x130 [ 1587.596016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1587.596555] __x64_sys_unshare+0x2d/0x40 [ 1587.596981] do_syscall_64+0x3b/0x90 [ 1587.597375] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1587.597925] RIP: 0033:0x7fdbeab6ab19 [ 1587.598326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1587.600276] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1587.601068] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1587.601806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1587.602562] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1587.603303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1587.604041] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1587.604791] 18:32:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 18:32:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0xffffffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:45 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 8) [ 1587.675023] FAULT_INJECTION: forcing a failure. [ 1587.675023] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.676319] CPU: 1 PID: 8504 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1587.677164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1587.678328] Call Trace: [ 1587.678589] [ 1587.678829] dump_stack_lvl+0x8b/0xb3 [ 1587.679232] should_fail.cold+0x5/0xa [ 1587.679638] ? create_object.isra.0+0x3a/0xa20 [ 1587.680122] should_failslab+0x5/0x10 [ 1587.680524] kmem_cache_alloc+0x5b/0x480 [ 1587.680960] create_object.isra.0+0x3a/0xa20 [ 1587.681421] ? kasan_unpoison+0x23/0x50 [ 1587.681847] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1587.682348] mqueue_init_fs_context+0x47/0x490 [ 1587.682818] ? mqueue_create+0x20/0x20 [ 1587.683225] alloc_fs_context+0x563/0x9d0 [ 1587.683671] mq_init_ns+0x16e/0x630 [ 1587.684049] copy_ipcs+0x35e/0x5d0 [ 1587.684422] ? copy_utsname+0xa9/0x4a0 [ 1587.684835] create_new_namespaces+0x210/0xb30 [ 1587.685318] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1587.685829] ksys_unshare+0x445/0x8d0 [ 1587.686242] ? unshare_fd+0x1c0/0x1c0 [ 1587.686649] ? lock_is_held_type+0xd7/0x130 [ 1587.687113] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1587.687649] __x64_sys_unshare+0x2d/0x40 [ 1587.688072] do_syscall_64+0x3b/0x90 [ 1587.688466] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1587.689009] RIP: 0033:0x7fdbeab6ab19 [ 1587.689398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1587.691311] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1587.692062] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1587.692802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1587.693547] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1587.694314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1587.695060] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1587.695824] 18:32:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x0, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1587.781215] FAULT_INJECTION: forcing a failure. [ 1587.781215] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.782549] CPU: 1 PID: 8508 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1587.783410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1587.784503] Call Trace: [ 1587.784770] [ 1587.784995] dump_stack_lvl+0x8b/0xb3 [ 1587.785402] should_fail.cold+0x5/0xa [ 1587.785804] ? create_object.isra.0+0x3a/0xa20 [ 1587.786297] should_failslab+0x5/0x10 [ 1587.786699] kmem_cache_alloc+0x5b/0x480 [ 1587.787146] create_object.isra.0+0x3a/0xa20 [ 1587.787605] ? kasan_unpoison+0x23/0x50 [ 1587.788026] __kmalloc_node_track_caller+0x269/0x440 [ 1587.788558] ? netlink_sendmsg+0x98d/0xe00 [ 1587.789017] __alloc_skb+0xe3/0x340 [ 1587.789407] netlink_sendmsg+0x98d/0xe00 [ 1587.789841] ? netlink_unicast+0x800/0x800 [ 1587.790316] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1587.790861] ? netlink_unicast+0x800/0x800 [ 1587.791313] sock_sendmsg+0x150/0x190 [ 1587.791720] ____sys_sendmsg+0x703/0x870 [ 1587.792149] ? kernel_sendmsg+0x50/0x50 [ 1587.792566] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1587.793043] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1587.793598] ? lock_release+0x3b2/0x750 [ 1587.794034] ___sys_sendmsg+0xf3/0x170 [ 1587.794460] ? sendmsg_copy_msghdr+0x160/0x160 [ 1587.794949] ? lock_release+0x3b2/0x750 [ 1587.795341] ? lock_downgrade+0x6d0/0x6d0 [ 1587.795783] ? lock_release+0x3b2/0x750 [ 1587.796202] ? ksys_write+0x20c/0x250 [ 1587.796604] ? lock_downgrade+0x6d0/0x6d0 [ 1587.797051] ? __fget_files+0x287/0x470 [ 1587.797488] ? __fget_light+0xea/0x270 [ 1587.797906] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1587.798498] __sys_sendmsg+0xe5/0x1b0 [ 1587.798905] ? __sys_sendmsg_sock+0x30/0x30 [ 1587.799357] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1587.799913] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1587.800464] do_syscall_64+0x3b/0x90 [ 1587.800860] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1587.801404] RIP: 0033:0x7f2930c12b19 [ 1587.801801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1587.803700] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1587.804452] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1587.805186] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1587.805927] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1587.806687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1587.807390] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1587.808137] [ 1587.840524] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:32:59 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:32:59 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:59 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 9) 18:32:59 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 8) 18:32:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x0, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:59 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 7) 18:32:59 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:32:59 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) [ 1601.437122] FAULT_INJECTION: forcing a failure. [ 1601.437122] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.438304] CPU: 0 PID: 8521 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.439297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.440818] Call Trace: [ 1601.441176] [ 1601.441488] dump_stack_lvl+0x8b/0xb3 [ 1601.442022] should_fail.cold+0x5/0xa [ 1601.442239] FAULT_INJECTION: forcing a failure. [ 1601.442239] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1601.442559] ? alloc_super+0x54/0x9d0 [ 1601.442587] should_failslab+0x5/0x10 [ 1601.445874] kmem_cache_alloc_trace+0x55/0x3c0 [ 1601.446586] ? do_raw_spin_lock+0x121/0x260 [ 1601.447237] alloc_super+0x54/0x9d0 [ 1601.447807] sget_fc+0x13e/0x7a0 [ 1601.448311] ? refcount_dec_not_one+0x13b/0x1e0 [ 1601.449019] ? set_anon_super+0xb0/0xb0 [ 1601.449623] ? mqueue_get_tree+0x130/0x130 [ 1601.450265] get_tree_nodev+0x24/0x1d0 [ 1601.450814] mqueue_get_tree+0xee/0x130 [ 1601.451234] vfs_get_tree+0x8e/0x2f0 [ 1601.451630] fc_mount+0x13/0xc0 [ 1601.451982] mq_init_ns+0x43e/0x630 [ 1601.452371] copy_ipcs+0x35e/0x5d0 [ 1601.452728] ? copy_utsname+0xa9/0x4a0 [ 1601.453144] create_new_namespaces+0x210/0xb30 [ 1601.453624] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1601.454157] ksys_unshare+0x445/0x8d0 [ 1601.454582] ? unshare_fd+0x1c0/0x1c0 [ 1601.454993] ? lock_is_held_type+0xd7/0x130 [ 1601.455462] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.456017] __x64_sys_unshare+0x2d/0x40 [ 1601.456458] do_syscall_64+0x3b/0x90 [ 1601.456865] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.457430] RIP: 0033:0x7fdbeab6ab19 [ 1601.457834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.459820] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1601.460645] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1601.461420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1601.462189] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.462976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1601.463749] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1601.464527] [ 1601.464780] CPU: 1 PID: 8523 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.466439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.468662] Call Trace: [ 1601.469167] [ 1601.469610] dump_stack_lvl+0x8b/0xb3 [ 1601.470390] should_fail.cold+0x5/0xa [ 1601.471151] _copy_from_iter+0x37d/0x14d0 [ 1601.471995] ? _copy_from_iter_nocache+0x14a0/0x14a0 [ 1601.472999] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1601.473959] ? memset+0x20/0x40 [ 1601.474634] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1601.475728] ? __virt_addr_valid+0xe9/0x350 [ 1601.476588] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1601.477580] ? is_vmalloc_addr+0x7b/0xb0 [ 1601.478394] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1601.479489] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1601.480487] ? __check_object_size+0x1b5/0x890 [ 1601.481415] netlink_sendmsg+0x86b/0xe00 [ 1601.482237] ? netlink_unicast+0x800/0x800 [ 1601.483099] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1601.484194] ? netlink_unicast+0x800/0x800 [ 1601.485041] sock_sendmsg+0x150/0x190 [ 1601.485802] ____sys_sendmsg+0x703/0x870 [ 1601.486627] ? kernel_sendmsg+0x50/0x50 [ 1601.487416] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1601.488329] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1601.489377] ? lock_release+0x3b2/0x750 [ 1601.490184] ___sys_sendmsg+0xf3/0x170 [ 1601.490962] ? sendmsg_copy_msghdr+0x160/0x160 [ 1601.491878] ? lock_release+0x3b2/0x750 [ 1601.492656] ? lock_downgrade+0x6d0/0x6d0 [ 1601.493487] ? lock_release+0x3b2/0x750 [ 1601.494262] ? ksys_write+0x20c/0x250 [ 1601.495044] ? lock_downgrade+0x6d0/0x6d0 [ 1601.495870] ? __fget_files+0x287/0x470 [ 1601.496692] ? __fget_light+0xea/0x270 [ 1601.497463] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1601.498564] __sys_sendmsg+0xe5/0x1b0 [ 1601.499334] ? __sys_sendmsg_sock+0x30/0x30 [ 1601.500203] ? __traceiter_irq_enable+0xa0/0xa0 [ 1601.501148] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.502174] do_syscall_64+0x3b/0x90 [ 1601.502931] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.503948] RIP: 0033:0x7f2930c12b19 [ 1601.504676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.508275] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1601.509778] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1601.511189] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1601.512590] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.514002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1601.515429] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1601.516859] [ 1601.534179] FAULT_INJECTION: forcing a failure. [ 1601.534179] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.535330] CPU: 0 PID: 8526 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.536123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.537223] Call Trace: [ 1601.537498] [ 1601.537721] dump_stack_lvl+0x8b/0xb3 [ 1601.538099] should_fail.cold+0x5/0xa [ 1601.538490] ? create_object.isra.0+0x3a/0xa20 [ 1601.538940] should_failslab+0x5/0x10 [ 1601.539338] kmem_cache_alloc+0x5b/0x480 [ 1601.539750] create_object.isra.0+0x3a/0xa20 [ 1601.540226] ? kasan_unpoison+0x23/0x50 [ 1601.540627] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1601.541130] mqueue_init_fs_context+0x47/0x490 [ 1601.541616] ? mqueue_create+0x20/0x20 [ 1601.542026] alloc_fs_context+0x563/0x9d0 [ 1601.542486] mq_init_ns+0x16e/0x630 [ 1601.542867] copy_ipcs+0x35e/0x5d0 [ 1601.543259] ? copy_utsname+0xa9/0x4a0 [ 1601.543699] create_new_namespaces+0x210/0xb30 [ 1601.544192] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1601.544711] ksys_unshare+0x445/0x8d0 [ 1601.545117] ? unshare_fd+0x1c0/0x1c0 [ 1601.545522] ? lock_is_held_type+0xd7/0x130 [ 1601.545988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.546544] __x64_sys_unshare+0x2d/0x40 [ 1601.546980] do_syscall_64+0x3b/0x90 [ 1601.547385] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.547957] RIP: 0033:0x7f4b4ea85b19 [ 1601.548344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.550260] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1601.551065] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1601.551807] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1601.552547] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.553286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1601.554025] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1601.554785] 18:32:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x0, 0xf0ffff, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:59 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 8) 18:32:59 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 10) 18:32:59 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 9) [ 1601.619402] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1601.623522] FAULT_INJECTION: forcing a failure. [ 1601.623522] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.624701] CPU: 0 PID: 8530 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.625508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.626604] Call Trace: [ 1601.626856] [ 1601.627074] dump_stack_lvl+0x8b/0xb3 [ 1601.627465] should_fail.cold+0x5/0xa [ 1601.627843] ? __alloc_skb+0x211/0x340 [ 1601.628264] should_failslab+0x5/0x10 [ 1601.628669] kmem_cache_alloc_node+0x55/0x490 [ 1601.629153] __alloc_skb+0x211/0x340 [ 1601.629555] netlink_ack+0x1f0/0xa80 [ 1601.629961] ? netlink_sendmsg+0xe00/0xe00 [ 1601.630419] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1601.630932] ? trace_contention_end+0xd8/0x130 [ 1601.631412] ? __mutex_lock+0x231/0x14c0 [ 1601.631847] netlink_rcv_skb+0x348/0x430 [ 1601.632286] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1601.632817] ? netlink_ack+0xa80/0xa80 [ 1601.633232] ? lock_release+0x3b2/0x750 [ 1601.633661] ? netlink_deliver_tap+0x1b2/0xc30 [ 1601.634147] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1601.634699] xfrm_netlink_rcv+0x6b/0x90 [ 1601.635120] netlink_unicast+0x54a/0x800 [ 1601.635559] ? netlink_attachskb+0x880/0x880 [ 1601.636025] ? is_vmalloc_addr+0x7b/0xb0 [ 1601.636468] netlink_sendmsg+0x904/0xe00 [ 1601.636907] ? netlink_unicast+0x800/0x800 [ 1601.637359] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1601.637940] ? netlink_unicast+0x800/0x800 [ 1601.638419] sock_sendmsg+0x150/0x190 [ 1601.638829] ____sys_sendmsg+0x703/0x870 [ 1601.639263] ? kernel_sendmsg+0x50/0x50 [ 1601.639685] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1601.640169] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1601.640726] ? lock_release+0x3b2/0x750 [ 1601.641156] ___sys_sendmsg+0xf3/0x170 [ 1601.641571] ? sendmsg_copy_msghdr+0x160/0x160 [ 1601.642060] ? lock_release+0x3b2/0x750 [ 1601.642498] ? lock_downgrade+0x6d0/0x6d0 [ 1601.642940] ? lock_release+0x3b2/0x750 [ 1601.643363] ? ksys_write+0x20c/0x250 [ 1601.643769] ? lock_downgrade+0x6d0/0x6d0 [ 1601.644213] ? __fget_files+0x287/0x470 [ 1601.644646] ? __fget_light+0xea/0x270 [ 1601.645064] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1601.645673] __sys_sendmsg+0xe5/0x1b0 [ 1601.646081] ? __sys_sendmsg_sock+0x30/0x30 [ 1601.646553] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1601.647146] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.647692] do_syscall_64+0x3b/0x90 [ 1601.648095] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.648644] RIP: 0033:0x7f2930c12b19 [ 1601.649032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.650973] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1601.651771] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1601.652516] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1601.653255] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.654000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1601.654755] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1601.655514] 18:32:59 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x2, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1601.659300] FAULT_INJECTION: forcing a failure. [ 1601.659300] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.660614] CPU: 0 PID: 8535 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.661515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.662696] Call Trace: [ 1601.662961] [ 1601.663192] dump_stack_lvl+0x8b/0xb3 [ 1601.663597] should_fail.cold+0x5/0xa [ 1601.663998] ? alloc_super+0x54/0x9d0 [ 1601.664397] should_failslab+0x5/0x10 [ 1601.664797] kmem_cache_alloc_trace+0x55/0x3c0 [ 1601.665279] ? do_raw_spin_lock+0x121/0x260 [ 1601.665736] alloc_super+0x54/0x9d0 [ 1601.666126] sget_fc+0x13e/0x7a0 [ 1601.666496] ? refcount_dec_not_one+0x13b/0x1e0 [ 1601.666993] ? set_anon_super+0xb0/0xb0 [ 1601.667416] ? mqueue_get_tree+0x130/0x130 [ 1601.667861] get_tree_nodev+0x24/0x1d0 [ 1601.668277] mqueue_get_tree+0xee/0x130 [ 1601.668692] vfs_get_tree+0x8e/0x2f0 [ 1601.669087] fc_mount+0x13/0xc0 [ 1601.669436] mq_init_ns+0x43e/0x630 [ 1601.669820] copy_ipcs+0x35e/0x5d0 [ 1601.670193] ? copy_utsname+0xa9/0x4a0 [ 1601.670643] create_new_namespaces+0x210/0xb30 [ 1601.671130] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1601.671651] ksys_unshare+0x445/0x8d0 [ 1601.672058] ? unshare_fd+0x1c0/0x1c0 [ 1601.672462] ? lock_is_held_type+0xd7/0x130 [ 1601.672930] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.673468] __x64_sys_unshare+0x2d/0x40 [ 1601.673898] do_syscall_64+0x3b/0x90 [ 1601.674296] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.674842] RIP: 0033:0x7f4b4ea85b19 [ 1601.675228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.677136] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1601.677925] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1601.678683] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1601.679423] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.680161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1601.680905] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1601.681217] FAULT_INJECTION: forcing a failure. [ 1601.681217] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.681656] [ 1601.684473] CPU: 1 PID: 8536 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.686095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.688333] Call Trace: [ 1601.688840] [ 1601.689284] dump_stack_lvl+0x8b/0xb3 [ 1601.690059] should_fail.cold+0x5/0xa [ 1601.690842] ? create_object.isra.0+0x3a/0xa20 [ 1601.691763] should_failslab+0x5/0x10 [ 1601.692532] kmem_cache_alloc+0x5b/0x480 [ 1601.693361] create_object.isra.0+0x3a/0xa20 [ 1601.694234] ? kasan_unpoison+0x23/0x50 [ 1601.695044] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1601.695989] alloc_super+0x54/0x9d0 [ 1601.696730] sget_fc+0x13e/0x7a0 [ 1601.697412] ? refcount_dec_not_one+0x13b/0x1e0 [ 1601.698364] ? set_anon_super+0xb0/0xb0 [ 1601.699166] ? mqueue_get_tree+0x130/0x130 [ 1601.699999] get_tree_nodev+0x24/0x1d0 [ 1601.700852] mqueue_get_tree+0xee/0x130 [ 1601.701643] vfs_get_tree+0x8e/0x2f0 [ 1601.702404] fc_mount+0x13/0xc0 [ 1601.703068] mq_init_ns+0x43e/0x630 [ 1601.703799] copy_ipcs+0x35e/0x5d0 [ 1601.704503] ? copy_utsname+0xa9/0x4a0 [ 1601.705291] create_new_namespaces+0x210/0xb30 [ 1601.706219] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1601.707226] ksys_unshare+0x445/0x8d0 [ 1601.708010] ? unshare_fd+0x1c0/0x1c0 [ 1601.708785] ? lock_is_held_type+0xd7/0x130 [ 1601.709682] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.710727] __x64_sys_unshare+0x2d/0x40 [ 1601.711555] do_syscall_64+0x3b/0x90 [ 1601.712307] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.713345] RIP: 0033:0x7fdbeab6ab19 [ 1601.714081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.717741] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1601.719262] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1601.720674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1601.722092] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.723508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1601.724921] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1601.726381] 18:32:59 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 9) 18:32:59 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:32:59 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 10) [ 1601.756264] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1601.759149] FAULT_INJECTION: forcing a failure. [ 1601.759149] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.760292] CPU: 0 PID: 8542 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.761088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.762174] Call Trace: [ 1601.762442] [ 1601.762659] dump_stack_lvl+0x8b/0xb3 [ 1601.763045] should_fail.cold+0x5/0xa [ 1601.763419] ? create_object.isra.0+0x3a/0xa20 [ 1601.763875] should_failslab+0x5/0x10 [ 1601.764257] kmem_cache_alloc+0x5b/0x480 [ 1601.764669] create_object.isra.0+0x3a/0xa20 [ 1601.765141] ? kasan_unpoison+0x23/0x50 [ 1601.765539] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1601.766054] alloc_super+0x54/0x9d0 [ 1601.766431] sget_fc+0x13e/0x7a0 [ 1601.766764] ? refcount_dec_not_one+0x13b/0x1e0 [ 1601.767231] ? set_anon_super+0xb0/0xb0 [ 1601.767655] ? mqueue_get_tree+0x130/0x130 [ 1601.768097] get_tree_nodev+0x24/0x1d0 [ 1601.768513] mqueue_get_tree+0xee/0x130 [ 1601.768930] vfs_get_tree+0x8e/0x2f0 [ 1601.769327] fc_mount+0x13/0xc0 [ 1601.769681] mq_init_ns+0x43e/0x630 [ 1601.770068] copy_ipcs+0x35e/0x5d0 [ 1601.770458] ? copy_utsname+0xa9/0x4a0 [ 1601.770885] create_new_namespaces+0x210/0xb30 [ 1601.771379] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1601.771901] ksys_unshare+0x445/0x8d0 [ 1601.772306] ? unshare_fd+0x1c0/0x1c0 [ 1601.772710] ? lock_is_held_type+0xd7/0x130 [ 1601.773183] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.773730] __x64_sys_unshare+0x2d/0x40 [ 1601.774161] do_syscall_64+0x3b/0x90 [ 1601.774563] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.775110] RIP: 0033:0x7f4b4ea85b19 [ 1601.775495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.777402] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1601.778191] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1601.778950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1601.779690] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.780429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1601.781165] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1601.781917] [ 1601.784447] FAULT_INJECTION: forcing a failure. [ 1601.784447] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.785697] CPU: 0 PID: 8541 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1601.786585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1601.787768] Call Trace: [ 1601.788036] [ 1601.788274] dump_stack_lvl+0x8b/0xb3 [ 1601.788682] should_fail.cold+0x5/0xa [ 1601.789086] ? create_object.isra.0+0x3a/0xa20 [ 1601.789569] should_failslab+0x5/0x10 [ 1601.789975] kmem_cache_alloc+0x5b/0x480 [ 1601.790432] create_object.isra.0+0x3a/0xa20 [ 1601.790900] ? kasan_unpoison+0x23/0x50 [ 1601.791322] kmem_cache_alloc_node+0x248/0x490 [ 1601.791814] __alloc_skb+0x211/0x340 [ 1601.792214] netlink_ack+0x1f0/0xa80 [ 1601.792623] ? netlink_sendmsg+0xe00/0xe00 [ 1601.793073] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1601.793586] ? trace_contention_end+0xd8/0x130 [ 1601.794071] ? __mutex_lock+0x231/0x14c0 [ 1601.794514] netlink_rcv_skb+0x348/0x430 [ 1601.794951] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1601.795481] ? netlink_ack+0xa80/0xa80 [ 1601.795897] ? lock_release+0x3b2/0x750 [ 1601.796326] ? netlink_deliver_tap+0x1b2/0xc30 [ 1601.796814] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1601.797348] xfrm_netlink_rcv+0x6b/0x90 [ 1601.797768] netlink_unicast+0x54a/0x800 [ 1601.798209] ? netlink_attachskb+0x880/0x880 [ 1601.798693] ? is_vmalloc_addr+0x7b/0xb0 [ 1601.799133] netlink_sendmsg+0x904/0xe00 [ 1601.799571] ? netlink_unicast+0x800/0x800 [ 1601.800027] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1601.800615] ? netlink_unicast+0x800/0x800 [ 1601.801065] sock_sendmsg+0x150/0x190 [ 1601.801474] ____sys_sendmsg+0x703/0x870 [ 1601.801904] ? kernel_sendmsg+0x50/0x50 [ 1601.802332] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1601.802820] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1601.803375] ? lock_release+0x3b2/0x750 [ 1601.803800] ___sys_sendmsg+0xf3/0x170 [ 1601.804220] ? sendmsg_copy_msghdr+0x160/0x160 [ 1601.804720] ? lock_release+0x3b2/0x750 [ 1601.805156] ? lock_downgrade+0x6d0/0x6d0 [ 1601.805596] ? lock_release+0x3b2/0x750 [ 1601.806013] ? ksys_write+0x20c/0x250 [ 1601.806432] ? lock_downgrade+0x6d0/0x6d0 [ 1601.806875] ? __fget_files+0x287/0x470 [ 1601.807308] ? __fget_light+0xea/0x270 [ 1601.807724] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1601.808310] __sys_sendmsg+0xe5/0x1b0 [ 1601.808720] ? __sys_sendmsg_sock+0x30/0x30 [ 1601.809180] ? __traceiter_irq_enable+0xa0/0xa0 [ 1601.809686] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1601.810231] do_syscall_64+0x3b/0x90 [ 1601.810639] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1601.811192] RIP: 0033:0x7f2930c12b19 [ 1601.811584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1601.813510] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1601.814312] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1601.815062] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1601.815812] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1601.816555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1601.817300] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1601.818057] 18:33:15 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 10) 18:33:15 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semctl$GETPID(0x0, 0x2, 0xb, 0xffffffffffffffff) 18:33:15 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 11) 18:33:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x3, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:15 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 11) 18:33:15 executing program 1: semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:33:15 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:33:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) [ 1617.779564] FAULT_INJECTION: forcing a failure. [ 1617.779564] name failslab, interval 1, probability 0, space 0, times 0 [ 1617.782274] CPU: 1 PID: 8555 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1617.783997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1617.786267] Call Trace: [ 1617.786795] [ 1617.787238] dump_stack_lvl+0x8b/0xb3 [ 1617.788021] should_fail.cold+0x5/0xa [ 1617.788789] ? security_sb_alloc+0x107/0x250 [ 1617.789688] should_failslab+0x5/0x10 [ 1617.790454] __kmalloc+0x72/0x440 [ 1617.791170] ? _down_write_nest_lock+0x150/0x150 [ 1617.792130] security_sb_alloc+0x107/0x250 [ 1617.792989] alloc_super+0x1dd/0x9d0 [ 1617.793756] sget_fc+0x13e/0x7a0 [ 1617.794444] ? refcount_dec_not_one+0x13b/0x1e0 [ 1617.795407] ? set_anon_super+0xb0/0xb0 [ 1617.796211] ? mqueue_get_tree+0x130/0x130 [ 1617.797064] get_tree_nodev+0x24/0x1d0 [ 1617.797849] mqueue_get_tree+0xee/0x130 [ 1617.798678] vfs_get_tree+0x8e/0x2f0 [ 1617.799434] fc_mount+0x13/0xc0 [ 1617.800107] mq_init_ns+0x43e/0x630 [ 1617.800845] copy_ipcs+0x35e/0x5d0 [ 1617.801550] ? copy_utsname+0xa9/0x4a0 [ 1617.802344] create_new_namespaces+0x210/0xb30 [ 1617.803304] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1617.804305] ksys_unshare+0x445/0x8d0 [ 1617.805097] ? unshare_fd+0x1c0/0x1c0 [ 1617.805870] ? lock_is_held_type+0xd7/0x130 [ 1617.806782] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1617.807824] __x64_sys_unshare+0x2d/0x40 [ 1617.808659] do_syscall_64+0x3b/0x90 [ 1617.808940] FAULT_INJECTION: forcing a failure. [ 1617.808940] name failslab, interval 1, probability 0, space 0, times 0 [ 1617.809418] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1617.809456] RIP: 0033:0x7fdbeab6ab19 [ 1617.812899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1617.816578] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1617.818087] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1617.819527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1617.820944] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1617.822358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1617.823779] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1617.825218] [ 1617.825679] CPU: 0 PID: 8558 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1617.826598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1617.827828] Call Trace: [ 1617.828093] [ 1617.828333] dump_stack_lvl+0x8b/0xb3 [ 1617.828758] should_fail.cold+0x5/0xa [ 1617.829174] ? security_sb_alloc+0x107/0x250 [ 1617.829662] should_failslab+0x5/0x10 [ 1617.830087] __kmalloc+0x72/0x440 [ 1617.830472] ? _down_write_nest_lock+0x150/0x150 [ 1617.831011] security_sb_alloc+0x107/0x250 [ 1617.831473] alloc_super+0x1dd/0x9d0 [ 1617.831890] sget_fc+0x13e/0x7a0 [ 1617.832257] ? refcount_dec_not_one+0x13b/0x1e0 [ 1617.832741] ? set_anon_super+0xb0/0xb0 [ 1617.833174] ? mqueue_get_tree+0x130/0x130 [ 1617.833630] get_tree_nodev+0x24/0x1d0 [ 1617.834064] mqueue_get_tree+0xee/0x130 [ 1617.834503] vfs_get_tree+0x8e/0x2f0 [ 1617.834923] fc_mount+0x13/0xc0 [ 1617.835286] mq_init_ns+0x43e/0x630 [ 1617.835697] copy_ipcs+0x35e/0x5d0 [ 1617.836079] ? copy_utsname+0xa9/0x4a0 [ 1617.836517] create_new_namespaces+0x210/0xb30 [ 1617.836997] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1617.837538] ksys_unshare+0x445/0x8d0 [ 1617.837961] ? unshare_fd+0x1c0/0x1c0 [ 1617.838375] ? lock_is_held_type+0xd7/0x130 [ 1617.838869] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1617.839436] __x64_sys_unshare+0x2d/0x40 [ 1617.839890] do_syscall_64+0x3b/0x90 [ 1617.840305] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1617.840544] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1617.840873] RIP: 0033:0x7f4b4ea85b19 [ 1617.843002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1617.845001] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1617.845840] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1617.846621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1617.847406] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1617.848182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1617.848962] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1617.849723] [ 1617.851117] FAULT_INJECTION: forcing a failure. [ 1617.851117] name failslab, interval 1, probability 0, space 0, times 0 [ 1617.853600] CPU: 1 PID: 8560 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1617.855281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1617.857534] Call Trace: [ 1617.858042] [ 1617.858486] dump_stack_lvl+0x8b/0xb3 [ 1617.859282] should_fail.cold+0x5/0xa [ 1617.860051] should_failslab+0x5/0x10 [ 1617.860815] __kmalloc_node_track_caller+0x7e/0x440 [ 1617.861820] ? netlink_ack+0x1f0/0xa80 [ 1617.862644] __alloc_skb+0xe3/0x340 [ 1617.863384] netlink_ack+0x1f0/0xa80 [ 1617.864146] ? netlink_sendmsg+0xe00/0xe00 [ 1617.865004] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1617.865963] ? trace_contention_end+0xd8/0x130 [ 1617.866887] ? __mutex_lock+0x231/0x14c0 [ 1617.867704] netlink_rcv_skb+0x348/0x430 [ 1617.868527] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1617.869530] ? netlink_ack+0xa80/0xa80 [ 1617.870318] ? lock_release+0x3b2/0x750 18:33:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) [ 1617.871150] ? netlink_deliver_tap+0x1b2/0xc30 [ 1617.872272] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1617.873297] xfrm_netlink_rcv+0x6b/0x90 [ 1617.874103] netlink_unicast+0x54a/0x800 [ 1617.874950] ? netlink_attachskb+0x880/0x880 [ 1617.875837] ? is_vmalloc_addr+0x7b/0xb0 [ 1617.876666] netlink_sendmsg+0x904/0xe00 [ 1617.877489] ? netlink_unicast+0x800/0x800 [ 1617.878354] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1617.879490] ? netlink_unicast+0x800/0x800 [ 1617.880344] sock_sendmsg+0x150/0x190 [ 1617.881110] ____sys_sendmsg+0x703/0x870 [ 1617.881928] ? kernel_sendmsg+0x50/0x50 [ 1617.882735] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1617.883660] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1617.884716] ? lock_release+0x3b2/0x750 [ 1617.885528] ___sys_sendmsg+0xf3/0x170 [ 1617.886314] ? sendmsg_copy_msghdr+0x160/0x160 [ 1617.887259] ? lock_release+0x3b2/0x750 [ 1617.888057] ? lock_downgrade+0x6d0/0x6d0 [ 1617.888893] ? lock_release+0x3b2/0x750 [ 1617.889685] ? ksys_write+0x20c/0x250 [ 1617.890445] ? lock_downgrade+0x6d0/0x6d0 [ 1617.891301] ? __fget_files+0x287/0x470 [ 1617.892126] ? __fget_light+0xea/0x270 [ 1617.892915] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1617.894029] __sys_sendmsg+0xe5/0x1b0 [ 1617.894807] ? __sys_sendmsg_sock+0x30/0x30 [ 1617.895675] ? __traceiter_irq_enable+0xa0/0xa0 [ 1617.896617] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1617.897647] do_syscall_64+0x3b/0x90 [ 1617.898399] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1617.899453] RIP: 0033:0x7f2930c12b19 [ 1617.900188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1617.903854] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1617.905358] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1617.906790] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1617.908200] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1617.909622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1617.911040] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1617.912485] 18:33:15 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 12) 18:33:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) 18:33:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x4, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:15 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) [ 1617.976228] FAULT_INJECTION: forcing a failure. [ 1617.976228] name failslab, interval 1, probability 0, space 0, times 0 [ 1617.978633] CPU: 1 PID: 8569 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1617.980317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1617.982676] Call Trace: [ 1617.983196] [ 1617.983644] dump_stack_lvl+0x8b/0xb3 [ 1617.984430] should_fail.cold+0x5/0xa [ 1617.985205] ? create_object.isra.0+0x3a/0xa20 [ 1617.986142] should_failslab+0x5/0x10 [ 1617.986925] kmem_cache_alloc+0x5b/0x480 [ 1617.987760] create_object.isra.0+0x3a/0xa20 [ 1617.988643] ? kasan_unpoison+0x23/0x50 [ 1617.989448] __kmalloc+0x25b/0x440 [ 1617.990177] security_sb_alloc+0x107/0x250 [ 1617.991051] alloc_super+0x1dd/0x9d0 [ 1617.991813] sget_fc+0x13e/0x7a0 [ 1617.992495] ? refcount_dec_not_one+0x13b/0x1e0 [ 1617.993459] ? set_anon_super+0xb0/0xb0 [ 1617.994273] ? mqueue_get_tree+0x130/0x130 [ 1617.995136] get_tree_nodev+0x24/0x1d0 [ 1617.995923] mqueue_get_tree+0xee/0x130 [ 1617.996716] vfs_get_tree+0x8e/0x2f0 [ 1617.997460] fc_mount+0x13/0xc0 [ 1617.998126] mq_init_ns+0x43e/0x630 [ 1617.998845] copy_ipcs+0x35e/0x5d0 [ 1617.999551] ? copy_utsname+0xa9/0x4a0 [ 1618.000336] create_new_namespaces+0x210/0xb30 [ 1618.001259] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1618.002240] ksys_unshare+0x445/0x8d0 [ 1618.003031] ? unshare_fd+0x1c0/0x1c0 [ 1618.003792] ? lock_is_held_type+0xd7/0x130 [ 1618.004674] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1618.005705] __x64_sys_unshare+0x2d/0x40 [ 1618.006530] do_syscall_64+0x3b/0x90 [ 1618.007262] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1618.008273] RIP: 0033:0x7f4b4ea85b19 [ 1618.009002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1618.012568] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1618.014090] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1618.015542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1618.016942] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1618.018336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1618.019761] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1618.021186] 18:33:15 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 11) 18:33:15 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:33:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x8, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1618.064077] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1618.065967] FAULT_INJECTION: forcing a failure. [ 1618.065967] name failslab, interval 1, probability 0, space 0, times 0 [ 1618.068241] CPU: 1 PID: 8579 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1618.069862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1618.072058] Call Trace: [ 1618.072545] 18:33:15 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 12) [ 1618.072970] dump_stack_lvl+0x8b/0xb3 [ 1618.073840] should_fail.cold+0x5/0xa [ 1618.074597] ? create_object.isra.0+0x3a/0xa20 [ 1618.075491] should_failslab+0x5/0x10 [ 1618.076225] kmem_cache_alloc+0x5b/0x480 [ 1618.077005] create_object.isra.0+0x3a/0xa20 [ 1618.077862] ? kasan_unpoison+0x23/0x50 [ 1618.078670] __kmalloc_node_track_caller+0x269/0x440 [ 1618.079673] ? netlink_ack+0x1f0/0xa80 [ 1618.080457] __alloc_skb+0xe3/0x340 [ 1618.081182] netlink_ack+0x1f0/0xa80 [ 1618.081939] ? netlink_sendmsg+0xe00/0xe00 [ 1618.082778] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1618.083713] ? trace_contention_end+0xd8/0x130 [ 1618.084600] ? __mutex_lock+0x231/0x14c0 [ 1618.085388] netlink_rcv_skb+0x348/0x430 [ 1618.086192] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1618.087187] ? netlink_ack+0xa80/0xa80 [ 1618.087945] ? lock_release+0x3b2/0x750 [ 1618.088733] ? netlink_deliver_tap+0x1b2/0xc30 [ 1618.089622] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1618.090616] xfrm_netlink_rcv+0x6b/0x90 [ 1618.091397] netlink_unicast+0x54a/0x800 [ 1618.092202] ? netlink_attachskb+0x880/0x880 [ 1618.093066] ? is_vmalloc_addr+0x7b/0xb0 [ 1618.093876] netlink_sendmsg+0x904/0xe00 [ 1618.094683] ? netlink_unicast+0x800/0x800 [ 1618.095531] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1618.096590] ? netlink_unicast+0x800/0x800 [ 1618.097429] sock_sendmsg+0x150/0x190 [ 1618.098178] ____sys_sendmsg+0x703/0x870 [ 1618.098983] ? kernel_sendmsg+0x50/0x50 [ 1618.099760] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1618.100659] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1618.101691] ? lock_release+0x3b2/0x750 [ 1618.102462] ___sys_sendmsg+0xf3/0x170 [ 1618.103251] ? sendmsg_copy_msghdr+0x160/0x160 [ 1618.104139] ? lock_release+0x3b2/0x750 [ 1618.104900] ? lock_downgrade+0x6d0/0x6d0 [ 1618.105695] ? lock_release+0x3b2/0x750 [ 1618.106454] ? ksys_write+0x20c/0x250 [ 1618.107188] ? lock_downgrade+0x6d0/0x6d0 [ 1618.107985] ? __fget_files+0x287/0x470 [ 1618.108761] ? __fget_light+0xea/0x270 [ 1618.109508] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1618.110571] __sys_sendmsg+0xe5/0x1b0 [ 1618.111298] ? __sys_sendmsg_sock+0x30/0x30 [ 1618.112122] ? __traceiter_irq_enable+0xa0/0xa0 [ 1618.113015] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1618.113988] do_syscall_64+0x3b/0x90 [ 1618.114709] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1618.115687] RIP: 0033:0x7f2930c12b19 [ 1618.116380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1618.119888] RSP: 002b:00007f292e188188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1618.121325] RAX: ffffffffffffffda RBX: 00007f2930d25f60 RCX: 00007f2930c12b19 [ 1618.122679] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1618.124040] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1618.125393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1618.126743] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1618.128098] 18:33:15 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x9, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1618.178328] FAULT_INJECTION: forcing a failure. [ 1618.178328] name failslab, interval 1, probability 0, space 0, times 0 [ 1618.180498] CPU: 1 PID: 8583 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1618.181965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1618.183978] Call Trace: [ 1618.184453] [ 1618.184866] dump_stack_lvl+0x8b/0xb3 [ 1618.185593] should_fail.cold+0x5/0xa [ 1618.186306] ? create_object.isra.0+0x3a/0xa20 [ 1618.187159] should_failslab+0x5/0x10 [ 1618.187870] kmem_cache_alloc+0x5b/0x480 [ 1618.188647] create_object.isra.0+0x3a/0xa20 [ 1618.189453] ? kasan_unpoison+0x23/0x50 [ 1618.190193] __kmalloc+0x25b/0x440 [ 1618.190894] security_sb_alloc+0x107/0x250 [ 1618.191675] alloc_super+0x1dd/0x9d0 [ 1618.192410] sget_fc+0x13e/0x7a0 [ 1618.193059] ? refcount_dec_not_one+0x13b/0x1e0 [ 1618.193945] ? set_anon_super+0xb0/0xb0 [ 1618.194700] ? mqueue_get_tree+0x130/0x130 [ 1618.195486] get_tree_nodev+0x24/0x1d0 [ 1618.196224] mqueue_get_tree+0xee/0x130 [ 1618.196967] vfs_get_tree+0x8e/0x2f0 [ 1618.197666] fc_mount+0x13/0xc0 [ 1618.198292] mq_init_ns+0x43e/0x630 [ 1618.198987] copy_ipcs+0x35e/0x5d0 [ 1618.199639] ? copy_utsname+0xa9/0x4a0 [ 1618.200355] create_new_namespaces+0x210/0xb30 [ 1618.201200] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1618.202096] ksys_unshare+0x445/0x8d0 [ 1618.202819] ? unshare_fd+0x1c0/0x1c0 [ 1618.203512] ? lock_is_held_type+0xd7/0x130 [ 1618.204317] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1618.205251] __x64_sys_unshare+0x2d/0x40 [ 1618.205990] do_syscall_64+0x3b/0x90 [ 1618.206685] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1618.207624] RIP: 0033:0x7fdbeab6ab19 [ 1618.208300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1618.211621] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1618.212995] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1618.214265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1618.215545] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1618.216891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1618.218180] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1618.219496] 18:33:31 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 12) 18:33:31 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:33:31 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) 18:33:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback}}}, 0xb8}}, 0x0) 18:33:31 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 13) 18:33:31 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:33:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:31 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 13) [ 1633.844991] FAULT_INJECTION: forcing a failure. [ 1633.844991] name failslab, interval 1, probability 0, space 0, times 0 [ 1633.846302] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1633.847387] CPU: 0 PID: 8603 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1633.850595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1633.852828] Call Trace: [ 1633.853330] [ 1633.853770] dump_stack_lvl+0x8b/0xb3 [ 1633.854536] should_fail.cold+0x5/0xa [ 1633.855300] ? create_object.isra.0+0x3a/0xa20 [ 1633.855505] FAULT_INJECTION: forcing a failure. [ 1633.855505] name failslab, interval 1, probability 0, space 0, times 0 [ 1633.856207] should_failslab+0x5/0x10 [ 1633.856241] kmem_cache_alloc+0x5b/0x480 [ 1633.859914] create_object.isra.0+0x3a/0xa20 [ 1633.860797] kmemleak_alloc_percpu+0xa0/0x100 [ 1633.861686] pcpu_alloc+0x7bf/0x1060 [ 1633.862445] __percpu_init_rwsem+0x22/0x150 [ 1633.863317] alloc_super+0x222/0x9d0 [ 1633.864072] sget_fc+0x13e/0x7a0 [ 1633.864748] ? refcount_dec_not_one+0x13b/0x1e0 [ 1633.865673] ? set_anon_super+0xb0/0xb0 [ 1633.866461] ? mqueue_get_tree+0x130/0x130 [ 1633.867295] get_tree_nodev+0x24/0x1d0 [ 1633.868069] mqueue_get_tree+0xee/0x130 [ 1633.868851] vfs_get_tree+0x8e/0x2f0 [ 1633.869589] fc_mount+0x13/0xc0 [ 1633.870237] mq_init_ns+0x43e/0x630 [ 1633.870979] copy_ipcs+0x35e/0x5d0 [ 1633.871676] ? copy_utsname+0xa9/0x4a0 [ 1633.872457] create_new_namespaces+0x210/0xb30 [ 1633.873376] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1633.874353] ksys_unshare+0x445/0x8d0 [ 1633.875123] ? unshare_fd+0x1c0/0x1c0 [ 1633.875880] ? lock_is_held_type+0xd7/0x130 [ 1633.876758] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1633.877773] __x64_sys_unshare+0x2d/0x40 [ 1633.878580] do_syscall_64+0x3b/0x90 [ 1633.879325] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1633.880350] RIP: 0033:0x7fdbeab6ab19 [ 1633.881076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1633.884689] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1633.886179] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1633.887577] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1633.888973] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1633.890374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1633.891788] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1633.893207] [ 1633.893663] CPU: 1 PID: 8605 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1633.895334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1633.897591] Call Trace: [ 1633.898134] [ 1633.898575] dump_stack_lvl+0x8b/0xb3 [ 1633.899365] should_fail.cold+0x5/0xa [ 1633.900129] ? create_object.isra.0+0x3a/0xa20 [ 1633.901061] should_failslab+0x5/0x10 [ 1633.901529] FAULT_INJECTION: forcing a failure. [ 1633.901529] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1633.901823] kmem_cache_alloc+0x5b/0x480 [ 1633.904892] create_object.isra.0+0x3a/0xa20 [ 1633.905780] kmemleak_alloc_percpu+0xa0/0x100 [ 1633.906693] pcpu_alloc+0x7bf/0x1060 [ 1633.907487] __percpu_init_rwsem+0x22/0x150 [ 1633.908352] alloc_super+0x222/0x9d0 [ 1633.909124] sget_fc+0x13e/0x7a0 [ 1633.909808] ? refcount_dec_not_one+0x13b/0x1e0 [ 1633.910741] ? set_anon_super+0xb0/0xb0 [ 1633.911546] ? mqueue_get_tree+0x130/0x130 [ 1633.912383] get_tree_nodev+0x24/0x1d0 [ 1633.913185] mqueue_get_tree+0xee/0x130 [ 1633.913980] vfs_get_tree+0x8e/0x2f0 [ 1633.914718] fc_mount+0x13/0xc0 [ 1633.915413] mq_init_ns+0x43e/0x630 [ 1633.916147] copy_ipcs+0x35e/0x5d0 [ 1633.916865] ? copy_utsname+0xa9/0x4a0 [ 1633.917651] create_new_namespaces+0x210/0xb30 [ 1633.918579] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1633.919577] ksys_unshare+0x445/0x8d0 [ 1633.920351] ? unshare_fd+0x1c0/0x1c0 [ 1633.921133] ? lock_is_held_type+0xd7/0x130 [ 1633.922030] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1633.923081] __x64_sys_unshare+0x2d/0x40 [ 1633.923926] do_syscall_64+0x3b/0x90 [ 1633.924895] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1633.925955] RIP: 0033:0x7f4b4ea85b19 [ 1633.926681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1633.930338] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1633.931867] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1633.933594] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1633.935399] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1633.937136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1633.938881] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1633.940663] [ 1633.941236] CPU: 0 PID: 8606 Comm: syz-executor.5 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1633.942881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1633.945109] Call Trace: [ 1633.945620] [ 1633.946063] dump_stack_lvl+0x8b/0xb3 [ 1633.946834] should_fail.cold+0x5/0xa [ 1633.947598] _copy_to_user+0x2a/0x140 [ 1633.948364] simple_read_from_buffer+0xcc/0x160 [ 1633.949295] proc_fail_nth_read+0x194/0x220 [ 1633.950161] ? proc_exe_link+0x1d0/0x1d0 [ 1633.950990] ? security_file_permission+0xb1/0xd0 [ 1633.951947] ? proc_exe_link+0x1d0/0x1d0 [ 1633.952755] vfs_read+0x1ea/0x5d0 [ 1633.953444] ksys_read+0x127/0x250 [ 1633.954145] ? __ia32_sys_pwrite64+0x220/0x220 [ 1633.955065] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1633.956112] do_syscall_64+0x3b/0x90 [ 1633.956854] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1633.957882] RIP: 0033:0x7f2930bc569c [ 1633.958612] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1633.962229] RSP: 002b:00007f292e188170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1633.963739] RAX: ffffffffffffffda RBX: 00000000000000b8 RCX: 00007f2930bc569c [ 1633.965145] RDX: 000000000000000f RSI: 00007f292e1881e0 RDI: 0000000000000004 [ 1633.966547] RBP: 00007f292e1881d0 R08: 0000000000000000 R09: 0000000000000000 [ 1633.967966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1633.969368] R13: 00007ffefeafe84f R14: 00007f292e188300 R15: 0000000000022000 [ 1633.970812] 18:33:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x2, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:31 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:33:31 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 14) 18:33:31 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}, {0x0, 0xffff, 0x800}], 0x5, &(0x7f0000000180)) 18:33:31 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x147, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:31 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 14) 18:33:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1634.220117] FAULT_INJECTION: forcing a failure. [ 1634.220117] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.222430] CPU: 0 PID: 8619 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1634.224111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1634.226365] Call Trace: [ 1634.226903] [ 1634.227358] dump_stack_lvl+0x8b/0xb3 [ 1634.228145] should_fail.cold+0x5/0xa [ 1634.228912] ? create_object.isra.0+0x3a/0xa20 [ 1634.229834] should_failslab+0x5/0x10 [ 1634.230591] kmem_cache_alloc+0x5b/0x480 [ 1634.231423] ? mark_held_locks+0x9e/0xe0 [ 1634.232242] create_object.isra.0+0x3a/0xa20 [ 1634.233120] kmemleak_alloc_percpu+0xa0/0x100 [ 1634.234011] pcpu_alloc+0x7bf/0x1060 [ 1634.234780] __percpu_init_rwsem+0x22/0x150 [ 1634.235648] alloc_super+0x222/0x9d0 [ 1634.236396] sget_fc+0x13e/0x7a0 [ 1634.237077] ? refcount_dec_not_one+0x13b/0x1e0 [ 1634.238001] ? set_anon_super+0xb0/0xb0 [ 1634.238806] ? mqueue_get_tree+0x130/0x130 [ 1634.239634] get_tree_nodev+0x24/0x1d0 [ 1634.240420] mqueue_get_tree+0xee/0x130 [ 1634.241206] vfs_get_tree+0x8e/0x2f0 [ 1634.241431] FAULT_INJECTION: forcing a failure. [ 1634.241431] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.241952] fc_mount+0x13/0xc0 [ 1634.244761] mq_init_ns+0x43e/0x630 [ 1634.245485] copy_ipcs+0x35e/0x5d0 [ 1634.246189] ? copy_utsname+0xa9/0x4a0 [ 1634.246986] create_new_namespaces+0x210/0xb30 [ 1634.247916] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1634.248895] ksys_unshare+0x445/0x8d0 [ 1634.249666] ? unshare_fd+0x1c0/0x1c0 [ 1634.250426] ? lock_is_held_type+0xd7/0x130 [ 1634.251328] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1634.252356] __x64_sys_unshare+0x2d/0x40 [ 1634.253167] do_syscall_64+0x3b/0x90 [ 1634.253920] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1634.254971] RIP: 0033:0x7f4b4ea85b19 [ 1634.255701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1634.259334] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1634.260831] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1634.262236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1634.263643] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1634.265043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1634.266446] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1634.267891] [ 1634.268353] CPU: 1 PID: 8623 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1634.269988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1634.272215] Call Trace: [ 1634.272723] [ 1634.273166] dump_stack_lvl+0x8b/0xb3 [ 1634.273936] should_fail.cold+0x5/0xa [ 1634.274693] ? create_object.isra.0+0x3a/0xa20 [ 1634.275618] should_failslab+0x5/0x10 [ 1634.276379] kmem_cache_alloc+0x5b/0x480 [ 1634.277201] ? mark_held_locks+0x9e/0xe0 [ 1634.278018] create_object.isra.0+0x3a/0xa20 [ 1634.278917] kmemleak_alloc_percpu+0xa0/0x100 [ 1634.279807] pcpu_alloc+0x7bf/0x1060 [ 1634.280560] __percpu_init_rwsem+0x22/0x150 [ 1634.281434] alloc_super+0x222/0x9d0 [ 1634.282181] sget_fc+0x13e/0x7a0 [ 1634.282866] ? refcount_dec_not_one+0x13b/0x1e0 [ 1634.283796] ? set_anon_super+0xb0/0xb0 [ 1634.284583] ? mqueue_get_tree+0x130/0x130 [ 1634.285413] get_tree_nodev+0x24/0x1d0 [ 1634.286181] mqueue_get_tree+0xee/0x130 [ 1634.286985] vfs_get_tree+0x8e/0x2f0 [ 1634.287723] fc_mount+0x13/0xc0 [ 1634.288375] mq_init_ns+0x43e/0x630 [ 1634.289092] copy_ipcs+0x35e/0x5d0 [ 1634.289787] ? copy_utsname+0xa9/0x4a0 [ 1634.290569] create_new_namespaces+0x210/0xb30 [ 1634.291497] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1634.292479] ksys_unshare+0x445/0x8d0 [ 1634.293236] ? unshare_fd+0x1c0/0x1c0 [ 1634.293995] ? lock_is_held_type+0xd7/0x130 [ 1634.294891] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1634.295909] __x64_sys_unshare+0x2d/0x40 [ 1634.296713] do_syscall_64+0x3b/0x90 [ 1634.297455] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1634.298471] RIP: 0033:0x7fdbeab6ab19 [ 1634.299204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1634.302786] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1634.304274] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1634.305667] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1634.307082] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1634.308471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1634.309857] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1634.311280] 18:33:32 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1634.420529] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:33:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 15) 18:33:45 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180)) 18:33:45 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) 18:33:45 executing program 1: semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:33:45 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x300, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x147, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1647.347436] FAULT_INJECTION: forcing a failure. [ 1647.347436] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.348776] CPU: 1 PID: 8634 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1647.349672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1647.350914] Call Trace: [ 1647.351184] [ 1647.351433] dump_stack_lvl+0x8b/0xb3 [ 1647.351862] should_fail.cold+0x5/0xa [ 1647.352282] ? create_object.isra.0+0x3a/0xa20 [ 1647.352792] should_failslab+0x5/0x10 [ 1647.353208] kmem_cache_alloc+0x5b/0x480 [ 1647.353669] create_object.isra.0+0x3a/0xa20 [ 1647.354158] kmemleak_alloc_percpu+0xa0/0x100 [ 1647.354662] pcpu_alloc+0x7bf/0x1060 [ 1647.355112] __percpu_init_rwsem+0x22/0x150 [ 1647.355593] alloc_super+0x222/0x9d0 [ 1647.356014] sget_fc+0x13e/0x7a0 [ 1647.356096] FAULT_INJECTION: forcing a failure. [ 1647.356096] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.356388] ? refcount_dec_not_one+0x13b/0x1e0 [ 1647.356411] ? set_anon_super+0xb0/0xb0 [ 1647.358962] ? mqueue_get_tree+0x130/0x130 [ 1647.359422] get_tree_nodev+0x24/0x1d0 [ 1647.359856] mqueue_get_tree+0xee/0x130 [ 1647.360277] vfs_get_tree+0x8e/0x2f0 [ 1647.360694] fc_mount+0x13/0xc0 [ 1647.361037] mq_init_ns+0x43e/0x630 [ 1647.361457] copy_ipcs+0x35e/0x5d0 [ 1647.361845] ? copy_utsname+0xa9/0x4a0 [ 1647.362281] create_new_namespaces+0x210/0xb30 [ 1647.362806] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1647.363380] ksys_unshare+0x445/0x8d0 [ 1647.363812] ? unshare_fd+0x1c0/0x1c0 [ 1647.364235] ? lock_is_held_type+0xd7/0x130 [ 1647.364728] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.365295] __x64_sys_unshare+0x2d/0x40 [ 1647.365741] do_syscall_64+0x3b/0x90 [ 1647.366147] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1647.366707] RIP: 0033:0x7fdbeab6ab19 [ 1647.367119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.369100] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1647.369912] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1647.370688] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1647.371463] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.372224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.372979] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1647.373758] [ 1647.374011] CPU: 0 PID: 8635 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1647.375198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1647.376774] Call Trace: [ 1647.377123] [ 1647.377435] dump_stack_lvl+0x8b/0xb3 [ 1647.377980] should_fail.cold+0x5/0xa [ 1647.378521] ? create_object.isra.0+0x3a/0xa20 18:33:45 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 15) [ 1647.379185] should_failslab+0x5/0x10 [ 1647.379803] kmem_cache_alloc+0x5b/0x480 [ 1647.380374] create_object.isra.0+0x3a/0xa20 [ 1647.380980] kmemleak_alloc_percpu+0xa0/0x100 [ 1647.381597] pcpu_alloc+0x7bf/0x1060 [ 1647.382114] __percpu_init_rwsem+0x22/0x150 [ 1647.382710] alloc_super+0x222/0x9d0 [ 1647.383233] sget_fc+0x13e/0x7a0 [ 1647.383708] ? refcount_dec_not_one+0x13b/0x1e0 [ 1647.384351] ? set_anon_super+0xb0/0xb0 [ 1647.384908] ? mqueue_get_tree+0x130/0x130 [ 1647.385487] get_tree_nodev+0x24/0x1d0 [ 1647.386016] mqueue_get_tree+0xee/0x130 [ 1647.386553] vfs_get_tree+0x8e/0x2f0 [ 1647.387067] fc_mount+0x13/0xc0 [ 1647.387524] mq_init_ns+0x43e/0x630 [ 1647.388023] copy_ipcs+0x35e/0x5d0 [ 1647.388504] ? copy_utsname+0xa9/0x4a0 [ 1647.389044] create_new_namespaces+0x210/0xb30 [ 1647.389681] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1647.390345] ksys_unshare+0x445/0x8d0 [ 1647.390866] ? unshare_fd+0x1c0/0x1c0 [ 1647.391411] ? lock_is_held_type+0xd7/0x130 [ 1647.392033] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.392747] __x64_sys_unshare+0x2d/0x40 [ 1647.393326] do_syscall_64+0x3b/0x90 [ 1647.393851] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1647.394577] RIP: 0033:0x7f4b4ea85b19 [ 1647.395095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.397627] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1647.398661] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1647.399660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1647.400634] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.401619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.402584] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1647.403564] 18:33:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) [ 1647.416845] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:33:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x900, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x300, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf00, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 16) [ 1647.494142] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1647.528805] FAULT_INJECTION: forcing a failure. [ 1647.528805] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.530021] CPU: 1 PID: 8658 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1647.530866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1647.532042] Call Trace: [ 1647.532308] [ 1647.532545] dump_stack_lvl+0x8b/0xb3 [ 1647.532952] should_fail.cold+0x5/0xa [ 1647.533356] ? create_object.isra.0+0x3a/0xa20 [ 1647.533843] should_failslab+0x5/0x10 [ 1647.534244] kmem_cache_alloc+0x5b/0x480 [ 1647.534680] ? mark_held_locks+0x9e/0xe0 [ 1647.535118] create_object.isra.0+0x3a/0xa20 [ 1647.535587] kmemleak_alloc_percpu+0xa0/0x100 [ 1647.536059] pcpu_alloc+0x7bf/0x1060 [ 1647.536462] __percpu_init_rwsem+0x22/0x150 [ 1647.536917] alloc_super+0x222/0x9d0 [ 1647.537316] sget_fc+0x13e/0x7a0 [ 1647.537673] ? refcount_dec_not_one+0x13b/0x1e0 [ 1647.538169] ? set_anon_super+0xb0/0xb0 [ 1647.538591] ? mqueue_get_tree+0x130/0x130 [ 1647.539038] get_tree_nodev+0x24/0x1d0 [ 1647.539451] mqueue_get_tree+0xee/0x130 [ 1647.539865] vfs_get_tree+0x8e/0x2f0 [ 1647.540260] fc_mount+0x13/0xc0 [ 1647.540612] mq_init_ns+0x43e/0x630 [ 1647.540997] copy_ipcs+0x35e/0x5d0 [ 1647.541370] ? copy_utsname+0xa9/0x4a0 [ 1647.541788] create_new_namespaces+0x210/0xb30 [ 1647.542280] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1647.542799] ksys_unshare+0x445/0x8d0 [ 1647.543215] ? unshare_fd+0x1c0/0x1c0 [ 1647.543615] ? lock_is_held_type+0xd7/0x130 [ 1647.544080] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.544616] __x64_sys_unshare+0x2d/0x40 [ 1647.545044] do_syscall_64+0x3b/0x90 [ 1647.545438] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1647.545987] RIP: 0033:0x7fdbeab6ab19 [ 1647.546368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.548353] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1647.549137] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1647.549910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1647.550680] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.551482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.552267] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1647.553054] 18:33:45 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 1) 18:33:45 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x2000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:33:45 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 16) [ 1647.572207] FAULT_INJECTION: forcing a failure. [ 1647.572207] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1647.574519] CPU: 0 PID: 8662 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1647.575575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1647.576983] Call Trace: [ 1647.577309] [ 1647.577598] dump_stack_lvl+0x8b/0xb3 [ 1647.578093] should_fail.cold+0x5/0xa [ 1647.578584] _copy_from_user+0x2a/0x170 [ 1647.579112] __copy_msghdr_from_user+0x91/0x4b0 [ 1647.579717] ? __ia32_sys_shutdown+0x70/0x70 [ 1647.580288] ? __lock_acquire+0xbac/0x6120 [ 1647.580836] sendmsg_copy_msghdr+0xa1/0x160 [ 1647.581390] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1647.582004] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1647.582731] ? lock_release+0x3b2/0x750 [ 1647.583299] ___sys_sendmsg+0xc6/0x170 [ 1647.583844] ? sendmsg_copy_msghdr+0x160/0x160 [ 1647.584483] ? lock_release+0x3b2/0x750 [ 1647.585028] ? __fget_files+0x265/0x470 [ 1647.585586] ? lock_downgrade+0x6d0/0x6d0 [ 1647.586165] ? lock_release+0x3b2/0x750 [ 1647.586717] ? ksys_write+0x20c/0x250 [ 1647.587250] ? lock_downgrade+0x6d0/0x6d0 [ 1647.587834] ? __fget_files+0x287/0x470 [ 1647.588396] ? __fget_light+0xea/0x270 [ 1647.588940] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1647.589714] __sys_sendmsg+0xe5/0x1b0 [ 1647.590249] ? __sys_sendmsg_sock+0x30/0x30 [ 1647.590846] ? __traceiter_irq_enable+0xa0/0xa0 [ 1647.591497] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.592199] do_syscall_64+0x3b/0x90 [ 1647.592727] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1647.593450] RIP: 0033:0x7fb278d14b19 [ 1647.593955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.596513] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1647.597565] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1647.598537] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1647.599529] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.600501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1647.601481] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1647.602473] [ 1647.623525] FAULT_INJECTION: forcing a failure. [ 1647.623525] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.624839] CPU: 1 PID: 8664 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1647.625779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1647.627065] Call Trace: [ 1647.627358] [ 1647.627619] dump_stack_lvl+0x8b/0xb3 [ 1647.628091] should_fail.cold+0x5/0xa [ 1647.628520] ? create_object.isra.0+0x3a/0xa20 [ 1647.629037] should_failslab+0x5/0x10 [ 1647.629454] kmem_cache_alloc+0x5b/0x480 [ 1647.629906] ? mark_held_locks+0x9e/0xe0 [ 1647.630364] create_object.isra.0+0x3a/0xa20 [ 1647.630852] kmemleak_alloc_percpu+0xa0/0x100 [ 1647.631357] pcpu_alloc+0x7bf/0x1060 [ 1647.631773] __percpu_init_rwsem+0x22/0x150 [ 1647.632249] alloc_super+0x222/0x9d0 [ 1647.632665] sget_fc+0x13e/0x7a0 [ 1647.633041] ? refcount_dec_not_one+0x13b/0x1e0 [ 1647.633559] ? set_anon_super+0xb0/0xb0 [ 1647.633996] ? mqueue_get_tree+0x130/0x130 [ 1647.634459] get_tree_nodev+0x24/0x1d0 [ 1647.634884] mqueue_get_tree+0xee/0x130 [ 1647.635336] vfs_get_tree+0x8e/0x2f0 [ 1647.635750] fc_mount+0x13/0xc0 [ 1647.636113] mq_init_ns+0x43e/0x630 [ 1647.636519] copy_ipcs+0x35e/0x5d0 [ 1647.636912] ? copy_utsname+0xa9/0x4a0 [ 1647.637353] create_new_namespaces+0x210/0xb30 [ 1647.637869] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1647.638413] ksys_unshare+0x445/0x8d0 [ 1647.638849] ? unshare_fd+0x1c0/0x1c0 [ 1647.639279] ? lock_is_held_type+0xd7/0x130 [ 1647.639763] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1647.640328] __x64_sys_unshare+0x2d/0x40 [ 1647.640791] do_syscall_64+0x3b/0x90 [ 1647.641198] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1647.641759] RIP: 0033:0x7f4b4ea85b19 [ 1647.642164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.644187] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1647.645033] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1647.645806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1647.646582] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.647370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.648146] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1647.648936] 18:34:01 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) 18:34:01 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:01 executing program 1: semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:34:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 17) 18:34:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 2) 18:34:01 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x234e, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:01 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180)) 18:34:01 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 17) [ 1663.429976] FAULT_INJECTION: forcing a failure. [ 1663.429976] name failslab, interval 1, probability 0, space 0, times 0 [ 1663.432080] CPU: 1 PID: 8681 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1663.433558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1663.435584] Call Trace: [ 1663.436039] [ 1663.436446] dump_stack_lvl+0x8b/0xb3 [ 1663.437141] should_fail.cold+0x5/0xa [ 1663.437831] ? create_object.isra.0+0x3a/0xa20 [ 1663.438657] should_failslab+0x5/0x10 [ 1663.439375] kmem_cache_alloc+0x5b/0x480 [ 1663.439920] create_object.isra.0+0x3a/0xa20 [ 1663.440448] kmemleak_alloc_percpu+0xa0/0x100 [ 1663.440984] pcpu_alloc+0x7bf/0x1060 [ 1663.441438] __percpu_init_rwsem+0x22/0x150 [ 1663.441956] alloc_super+0x222/0x9d0 [ 1663.442420] sget_fc+0x13e/0x7a0 [ 1663.442840] ? refcount_dec_not_one+0x13b/0x1e0 [ 1663.443135] FAULT_INJECTION: forcing a failure. [ 1663.443135] name failslab, interval 1, probability 0, space 0, times 0 [ 1663.443382] ? set_anon_super+0xb0/0xb0 [ 1663.443403] ? mqueue_get_tree+0x130/0x130 [ 1663.443416] get_tree_nodev+0x24/0x1d0 [ 1663.443438] mqueue_get_tree+0xee/0x130 [ 1663.448128] vfs_get_tree+0x8e/0x2f0 [ 1663.448577] fc_mount+0x13/0xc0 [ 1663.448973] mq_init_ns+0x43e/0x630 [ 1663.449416] copy_ipcs+0x35e/0x5d0 [ 1663.449847] ? copy_utsname+0xa9/0x4a0 [ 1663.450328] create_new_namespaces+0x210/0xb30 [ 1663.450898] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1663.451480] ksys_unshare+0x445/0x8d0 [ 1663.451944] ? unshare_fd+0x1c0/0x1c0 [ 1663.452400] ? lock_is_held_type+0xd7/0x130 [ 1663.452951] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1663.453580] __x64_sys_unshare+0x2d/0x40 [ 1663.454044] do_syscall_64+0x3b/0x90 [ 1663.454491] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1663.455082] RIP: 0033:0x7fdbeab6ab19 [ 1663.455538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1663.457619] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1663.458522] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1663.459352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1663.460195] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1663.461042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1663.461880] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1663.462738] [ 1663.463017] CPU: 0 PID: 8684 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1663.465034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1663.467652] Call Trace: [ 1663.468254] [ 1663.468699] dump_stack_lvl+0x8b/0xb3 [ 1663.469579] should_fail.cold+0x5/0xa [ 1663.470358] ? create_object.isra.0+0x3a/0xa20 [ 1663.471305] should_failslab+0x5/0x10 [ 1663.472088] kmem_cache_alloc+0x5b/0x480 [ 1663.472918] create_object.isra.0+0x3a/0xa20 [ 1663.473832] kmemleak_alloc_percpu+0xa0/0x100 [ 1663.474743] pcpu_alloc+0x7bf/0x1060 [ 1663.475528] __percpu_init_rwsem+0x22/0x150 [ 1663.476405] alloc_super+0x222/0x9d0 [ 1663.477181] sget_fc+0x13e/0x7a0 [ 1663.477861] ? refcount_dec_not_one+0x13b/0x1e0 [ 1663.478825] ? set_anon_super+0xb0/0xb0 [ 1663.479644] ? mqueue_get_tree+0x130/0x130 [ 1663.480489] get_tree_nodev+0x24/0x1d0 18:34:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 18) [ 1663.481291] mqueue_get_tree+0xee/0x130 [ 1663.482278] vfs_get_tree+0x8e/0x2f0 [ 1663.483049] fc_mount+0x13/0xc0 [ 1663.483719] mq_init_ns+0x43e/0x630 [ 1663.484457] copy_ipcs+0x35e/0x5d0 [ 1663.485165] ? copy_utsname+0xa9/0x4a0 [ 1663.485960] create_new_namespaces+0x210/0xb30 [ 1663.486888] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1663.487959] ksys_unshare+0x445/0x8d0 [ 1663.488866] ? unshare_fd+0x1c0/0x1c0 [ 1663.489777] ? lock_is_held_type+0xd7/0x130 [ 1663.490777] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1663.491986] __x64_sys_unshare+0x2d/0x40 [ 1663.492926] do_syscall_64+0x3b/0x90 [ 1663.493790] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1663.494962] RIP: 0033:0x7f4b4ea85b19 [ 1663.495324] FAULT_INJECTION: forcing a failure. [ 1663.495324] name failslab, interval 1, probability 0, space 0, times 0 [ 1663.495801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1663.501263] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1663.502975] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1663.504569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1663.506161] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1663.507779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1663.509361] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1663.510976] [ 1663.511501] CPU: 1 PID: 8686 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1663.512586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1663.513947] Call Trace: [ 1663.514253] [ 1663.514524] dump_stack_lvl+0x8b/0xb3 [ 1663.514994] should_fail.cold+0x5/0xa [ 1663.515471] ? create_object.isra.0+0x3a/0xa20 [ 1663.516030] should_failslab+0x5/0x10 [ 1663.516489] kmem_cache_alloc+0x5b/0x480 [ 1663.516984] ? mark_held_locks+0x9e/0xe0 [ 1663.517105] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1663.517471] create_object.isra.0+0x3a/0xa20 [ 1663.517496] kmemleak_alloc_percpu+0xa0/0x100 [ 1663.520440] pcpu_alloc+0x7bf/0x1060 [ 1663.520903] __percpu_init_rwsem+0x22/0x150 [ 1663.521423] alloc_super+0x222/0x9d0 [ 1663.521883] sget_fc+0x13e/0x7a0 [ 1663.522295] ? refcount_dec_not_one+0x13b/0x1e0 [ 1663.522864] ? set_anon_super+0xb0/0xb0 [ 1663.523351] ? mqueue_get_tree+0x130/0x130 [ 1663.523853] get_tree_nodev+0x24/0x1d0 [ 1663.524322] mqueue_get_tree+0xee/0x130 [ 1663.524799] vfs_get_tree+0x8e/0x2f0 [ 1663.525243] fc_mount+0x13/0xc0 [ 1663.525645] mq_init_ns+0x43e/0x630 [ 1663.526087] copy_ipcs+0x35e/0x5d0 [ 1663.526245] FAULT_INJECTION: forcing a failure. [ 1663.526245] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1663.526512] ? copy_utsname+0xa9/0x4a0 [ 1663.526538] create_new_namespaces+0x210/0xb30 [ 1663.526565] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1663.526588] ksys_unshare+0x445/0x8d0 [ 1663.531081] ? unshare_fd+0x1c0/0x1c0 [ 1663.531554] ? lock_is_held_type+0xd7/0x130 [ 1663.532089] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1663.532705] __x64_sys_unshare+0x2d/0x40 [ 1663.533206] do_syscall_64+0x3b/0x90 [ 1663.533657] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1663.534280] RIP: 0033:0x7fdbeab6ab19 [ 1663.534721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1663.536902] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1663.537803] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1663.538650] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1663.539518] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1663.540377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1663.541243] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1663.542109] [ 1663.542389] CPU: 0 PID: 8683 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1663.544212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1663.546652] Call Trace: [ 1663.547236] [ 1663.547718] dump_stack_lvl+0x8b/0xb3 [ 1663.548558] should_fail.cold+0x5/0xa [ 1663.549414] _copy_from_user+0x2a/0x170 [ 1663.550296] iovec_from_user+0x236/0x3c0 [ 1663.551190] ? _copy_from_user+0xf2/0x170 [ 1663.552106] __import_iovec+0x64/0x5c0 [ 1663.552975] import_iovec+0x83/0xb0 [ 1663.553798] sendmsg_copy_msghdr+0x12d/0x160 [ 1663.554763] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1663.555778] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1663.556919] ? lock_release+0x3b2/0x750 [ 1663.557819] ___sys_sendmsg+0xc6/0x170 [ 1663.558674] ? sendmsg_copy_msghdr+0x160/0x160 [ 1663.559678] ? lock_release+0x3b2/0x750 [ 1663.560612] ? __fget_files+0x265/0x470 [ 1663.561682] ? lock_downgrade+0x6d0/0x6d0 [ 1663.562755] ? lock_release+0x3b2/0x750 [ 1663.563805] ? ksys_write+0x20c/0x250 [ 1663.564792] ? lock_downgrade+0x6d0/0x6d0 [ 1663.565877] ? __fget_files+0x287/0x470 [ 1663.566926] ? __fget_light+0xea/0x270 [ 1663.567972] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1663.569446] __sys_sendmsg+0xe5/0x1b0 [ 1663.570446] ? __sys_sendmsg_sock+0x30/0x30 18:34:01 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x4701, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1663.571597] ? __traceiter_irq_enable+0xa0/0xa0 [ 1663.573016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1663.574276] do_syscall_64+0x3b/0x90 [ 1663.575174] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1663.576328] RIP: 0033:0x7fb278d14b19 [ 1663.577154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1663.581115] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1663.582736] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1663.584293] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1663.585831] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1663.587386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1663.588925] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1663.590493] 18:34:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 19) [ 1663.620230] FAULT_INJECTION: forcing a failure. [ 1663.620230] name failslab, interval 1, probability 0, space 0, times 0 [ 1663.621746] CPU: 1 PID: 8692 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1663.622746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1663.624126] Call Trace: [ 1663.624440] [ 1663.624713] dump_stack_lvl+0x8b/0xb3 [ 1663.625188] should_fail.cold+0x5/0xa [ 1663.625662] ? __list_lru_init+0xc7/0x590 [ 1663.626167] should_failslab+0x5/0x10 [ 1663.626635] __kmalloc+0x72/0x440 [ 1663.627068] __list_lru_init+0xc7/0x590 [ 1663.627563] alloc_super+0x814/0x9d0 [ 1663.628024] sget_fc+0x13e/0x7a0 [ 1663.628429] ? refcount_dec_not_one+0x13b/0x1e0 [ 1663.628965] ? set_anon_super+0xb0/0xb0 [ 1663.629457] ? mqueue_get_tree+0x130/0x130 [ 1663.629972] get_tree_nodev+0x24/0x1d0 [ 1663.630431] mqueue_get_tree+0xee/0x130 [ 1663.630914] vfs_get_tree+0x8e/0x2f0 [ 1663.631358] fc_mount+0x13/0xc0 [ 1663.631762] mq_init_ns+0x43e/0x630 [ 1663.632186] copy_ipcs+0x35e/0x5d0 [ 1663.632624] ? copy_utsname+0xa9/0x4a0 [ 1663.633085] create_new_namespaces+0x210/0xb30 [ 1663.633665] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1663.634235] ksys_unshare+0x445/0x8d0 [ 1663.634710] ? unshare_fd+0x1c0/0x1c0 [ 1663.635162] ? lock_is_held_type+0xd7/0x130 [ 1663.635711] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1663.636306] __x64_sys_unshare+0x2d/0x40 [ 1663.636812] do_syscall_64+0x3b/0x90 [ 1663.637248] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1663.637887] RIP: 0033:0x7fdbeab6ab19 [ 1663.638342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1663.640519] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1663.641443] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1663.642297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1663.643175] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1663.644048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1663.644923] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1663.645797] 18:34:01 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1663.682888] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:34:18 executing program 1: semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:34:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x4e23, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:18 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180)) 18:34:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 3) 18:34:18 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 20) 18:34:18 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:18 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 18) 18:34:18 executing program 2: semtimedop(0x0, 0x0, 0x0, 0x0) [ 1681.023696] FAULT_INJECTION: forcing a failure. [ 1681.023696] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.026060] CPU: 0 PID: 8707 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1681.027707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1681.029932] Call Trace: [ 1681.030441] [ 1681.030877] dump_stack_lvl+0x8b/0xb3 [ 1681.031682] should_fail.cold+0x5/0xa [ 1681.032442] ? __alloc_skb+0x211/0x340 [ 1681.033247] should_failslab+0x5/0x10 [ 1681.034015] kmem_cache_alloc_node+0x55/0x490 [ 1681.034532] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1681.034925] __alloc_skb+0x211/0x340 [ 1681.034957] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1681.038956] netlink_sendmsg+0x98d/0xe00 [ 1681.039789] ? netlink_unicast+0x800/0x800 [ 1681.040672] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1681.041773] ? netlink_unicast+0x800/0x800 [ 1681.042626] sock_sendmsg+0x150/0x190 [ 1681.043412] ____sys_sendmsg+0x703/0x870 [ 1681.044229] ? kernel_sendmsg+0x50/0x50 [ 1681.045016] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1681.045935] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1681.046977] ? lock_release+0x3b2/0x750 [ 1681.047797] ___sys_sendmsg+0xf3/0x170 [ 1681.048587] ? sendmsg_copy_msghdr+0x160/0x160 [ 1681.049507] ? lock_release+0x3b2/0x750 [ 1681.050311] ? lock_downgrade+0x6d0/0x6d0 [ 1681.051142] ? lock_release+0x3b2/0x750 [ 1681.051950] ? ksys_write+0x20c/0x250 [ 1681.052711] ? lock_downgrade+0x6d0/0x6d0 [ 1681.053554] ? __fget_files+0x287/0x470 [ 1681.054373] ? __fget_light+0xea/0x270 [ 1681.055167] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1681.056301] __sys_sendmsg+0xe5/0x1b0 [ 1681.057071] ? __sys_sendmsg_sock+0x30/0x30 [ 1681.057944] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1681.059061] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.060106] do_syscall_64+0x3b/0x90 [ 1681.060863] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1681.061900] RIP: 0033:0x7fb278d14b19 [ 1681.062642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.066293] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1681.067815] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1681.069229] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1681.070639] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.072073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1681.073487] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1681.074925] [ 1681.083770] FAULT_INJECTION: forcing a failure. [ 1681.083770] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.086212] CPU: 1 PID: 8714 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1681.086413] FAULT_INJECTION: forcing a failure. [ 1681.086413] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.087966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1681.087985] Call Trace: [ 1681.087994] [ 1681.088003] dump_stack_lvl+0x8b/0xb3 [ 1681.094258] should_fail.cold+0x5/0xa [ 1681.095052] ? create_object.isra.0+0x3a/0xa20 [ 1681.096011] should_failslab+0x5/0x10 [ 1681.096808] kmem_cache_alloc+0x5b/0x480 [ 1681.097672] create_object.isra.0+0x3a/0xa20 [ 1681.098586] ? kasan_unpoison+0x23/0x50 [ 1681.099439] __kmalloc+0x25b/0x440 [ 1681.100196] __list_lru_init+0xc7/0x590 [ 1681.101036] alloc_super+0x814/0x9d0 [ 1681.101827] sget_fc+0x13e/0x7a0 [ 1681.102537] ? refcount_dec_not_one+0x13b/0x1e0 [ 1681.103519] ? set_anon_super+0xb0/0xb0 [ 1681.104352] ? mqueue_get_tree+0x130/0x130 [ 1681.105224] get_tree_nodev+0x24/0x1d0 [ 1681.106036] mqueue_get_tree+0xee/0x130 [ 1681.106855] vfs_get_tree+0x8e/0x2f0 [ 1681.107635] fc_mount+0x13/0xc0 [ 1681.108318] mq_init_ns+0x43e/0x630 [ 1681.109078] copy_ipcs+0x35e/0x5d0 [ 1681.109813] ? copy_utsname+0xa9/0x4a0 [ 1681.110634] create_new_namespaces+0x210/0xb30 [ 1681.111621] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1681.112652] ksys_unshare+0x445/0x8d0 [ 1681.113462] ? unshare_fd+0x1c0/0x1c0 [ 1681.114259] ? lock_is_held_type+0xd7/0x130 [ 1681.115181] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.116263] __x64_sys_unshare+0x2d/0x40 [ 1681.117118] do_syscall_64+0x3b/0x90 [ 1681.117899] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1681.118980] RIP: 0033:0x7fdbeab6ab19 [ 1681.119757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.123569] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1681.125143] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1681.126617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1681.128096] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.129615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.131099] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1681.132620] [ 1681.133118] CPU: 0 PID: 8716 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1681.134763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1681.137000] Call Trace: [ 1681.137509] [ 1681.137950] dump_stack_lvl+0x8b/0xb3 [ 1681.138717] should_fail.cold+0x5/0xa [ 1681.139487] ? create_object.isra.0+0x3a/0xa20 [ 1681.140414] should_failslab+0x5/0x10 [ 1681.141184] kmem_cache_alloc+0x5b/0x480 [ 1681.142002] ? mark_held_locks+0x9e/0xe0 [ 1681.142824] create_object.isra.0+0x3a/0xa20 [ 1681.143738] kmemleak_alloc_percpu+0xa0/0x100 [ 1681.144629] pcpu_alloc+0x7bf/0x1060 [ 1681.145389] __percpu_init_rwsem+0x22/0x150 [ 1681.146245] alloc_super+0x222/0x9d0 [ 1681.147000] sget_fc+0x13e/0x7a0 [ 1681.147687] ? refcount_dec_not_one+0x13b/0x1e0 [ 1681.148621] ? set_anon_super+0xb0/0xb0 [ 1681.149409] ? mqueue_get_tree+0x130/0x130 [ 1681.150245] get_tree_nodev+0x24/0x1d0 [ 1681.151034] mqueue_get_tree+0xee/0x130 [ 1681.151828] vfs_get_tree+0x8e/0x2f0 [ 1681.152577] fc_mount+0x13/0xc0 [ 1681.153231] mq_init_ns+0x43e/0x630 [ 1681.153961] copy_ipcs+0x35e/0x5d0 [ 1681.154673] ? copy_utsname+0xa9/0x4a0 [ 1681.155486] create_new_namespaces+0x210/0xb30 [ 1681.156422] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1681.157416] ksys_unshare+0x445/0x8d0 [ 1681.158184] ? unshare_fd+0x1c0/0x1c0 [ 1681.158947] ? lock_is_held_type+0xd7/0x130 [ 1681.159845] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.160888] __x64_sys_unshare+0x2d/0x40 [ 1681.161706] do_syscall_64+0x3b/0x90 [ 1681.162451] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1681.163495] RIP: 0033:0x7f4b4ea85b19 [ 1681.164226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.167869] RSP: 002b:00007f4b4bfda188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1681.169368] RAX: ffffffffffffffda RBX: 00007f4b4eb99020 RCX: 00007f4b4ea85b19 [ 1681.170779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1681.172185] RBP: 00007f4b4bfda1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.173596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.174998] R13: 00007fffc9bf7f7f R14: 00007f4b4bfda300 R15: 0000000000022000 [ 1681.176442] 18:34:18 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x6, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:18 executing program 2: semtimedop(0x0, 0x0, 0x0, 0x0) 18:34:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1681.241053] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:34:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 4) 18:34:19 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 19) 18:34:19 executing program 2: semtimedop(0x0, 0x0, 0x0, 0x0) 18:34:19 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x80000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:19 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x7, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1681.359812] FAULT_INJECTION: forcing a failure. [ 1681.359812] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.362259] CPU: 0 PID: 8724 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1681.363942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1681.366192] Call Trace: [ 1681.366702] [ 1681.367140] dump_stack_lvl+0x8b/0xb3 [ 1681.367931] should_fail.cold+0x5/0xa [ 1681.368698] ? __list_lru_init+0xc7/0x590 [ 1681.369533] should_failslab+0x5/0x10 [ 1681.370298] __kmalloc+0x72/0x440 [ 1681.371012] __list_lru_init+0xc7/0x590 [ 1681.371832] alloc_super+0x814/0x9d0 [ 1681.372588] sget_fc+0x13e/0x7a0 [ 1681.373265] ? refcount_dec_not_one+0x13b/0x1e0 [ 1681.374200] ? set_anon_super+0xb0/0xb0 [ 1681.375002] ? mqueue_get_tree+0x130/0x130 [ 1681.375858] get_tree_nodev+0x24/0x1d0 [ 1681.376651] mqueue_get_tree+0xee/0x130 [ 1681.377455] vfs_get_tree+0x8e/0x2f0 [ 1681.378218] fc_mount+0x13/0xc0 [ 1681.378869] mq_init_ns+0x43e/0x630 [ 1681.379632] copy_ipcs+0x35e/0x5d0 [ 1681.380350] ? copy_utsname+0xa9/0x4a0 [ 1681.381168] create_new_namespaces+0x210/0xb30 [ 1681.382101] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1681.383228] ksys_unshare+0x445/0x8d0 [ 1681.384121] ? unshare_fd+0x1c0/0x1c0 [ 1681.384894] ? lock_is_held_type+0xd7/0x130 [ 1681.385794] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.386820] __x64_sys_unshare+0x2d/0x40 [ 1681.387661] do_syscall_64+0x3b/0x90 [ 1681.388416] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1681.389466] RIP: 0033:0x7f4b4ea85b19 [ 1681.390205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.393823] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1681.395318] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1681.396729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1681.398131] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.399540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.400942] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1681.402374] [ 1681.408198] FAULT_INJECTION: forcing a failure. [ 1681.408198] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.410562] CPU: 0 PID: 8727 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1681.412188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1681.414422] Call Trace: [ 1681.414928] [ 1681.415369] dump_stack_lvl+0x8b/0xb3 [ 1681.416168] should_fail.cold+0x5/0xa [ 1681.416933] ? create_object.isra.0+0x3a/0xa20 [ 1681.417860] should_failslab+0x5/0x10 [ 1681.418623] kmem_cache_alloc+0x5b/0x480 [ 1681.419461] create_object.isra.0+0x3a/0xa20 [ 1681.420344] ? kasan_unpoison+0x23/0x50 [ 1681.421142] kmem_cache_alloc_node+0x248/0x490 [ 1681.422068] __alloc_skb+0x211/0x340 [ 1681.422815] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1681.423931] netlink_sendmsg+0x98d/0xe00 [ 1681.424767] ? netlink_unicast+0x800/0x800 [ 1681.425633] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1681.426739] ? netlink_unicast+0x800/0x800 [ 1681.427622] sock_sendmsg+0x150/0x190 [ 1681.428394] ____sys_sendmsg+0x703/0x870 [ 1681.429208] ? kernel_sendmsg+0x50/0x50 [ 1681.430001] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1681.430918] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1681.431986] ? lock_release+0x3b2/0x750 [ 1681.432795] ___sys_sendmsg+0xf3/0x170 [ 1681.433580] ? sendmsg_copy_msghdr+0x160/0x160 [ 1681.434499] ? lock_release+0x3b2/0x750 [ 1681.435291] ? lock_downgrade+0x6d0/0x6d0 [ 1681.436139] ? lock_release+0x3b2/0x750 [ 1681.436933] ? ksys_write+0x20c/0x250 [ 1681.437693] ? lock_downgrade+0x6d0/0x6d0 [ 1681.438557] ? __fget_files+0x287/0x470 [ 1681.439372] ? __fget_light+0xea/0x270 [ 1681.440186] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1681.441310] __sys_sendmsg+0xe5/0x1b0 [ 1681.442080] ? __sys_sendmsg_sock+0x30/0x30 [ 1681.442957] ? __traceiter_irq_enable+0xa0/0xa0 [ 1681.443908] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.444938] do_syscall_64+0x3b/0x90 [ 1681.445703] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1681.446744] RIP: 0033:0x7fb278d14b19 [ 1681.447487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.451113] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1681.452631] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1681.453642] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1681.454034] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1681.454052] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.454067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1681.454081] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1681.454122] 18:34:32 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:34:32 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 20) 18:34:32 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 21) 18:34:32 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}, {0x2, 0x401}], 0x4, &(0x7f0000000180)) 18:34:32 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:34:32 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x8, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf0ffff, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 5) 18:34:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x1000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1695.131067] FAULT_INJECTION: forcing a failure. [ 1695.131067] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.132362] CPU: 0 PID: 8747 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1695.133223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1695.134417] Call Trace: [ 1695.134690] [ 1695.134933] dump_stack_lvl+0x8b/0xb3 [ 1695.135345] should_fail.cold+0x5/0xa [ 1695.135764] should_failslab+0x5/0x10 [ 1695.136170] __kmalloc_node_track_caller+0x7e/0x440 [ 1695.136703] ? netlink_sendmsg+0x98d/0xe00 [ 1695.137161] __alloc_skb+0xe3/0x340 [ 1695.137559] netlink_sendmsg+0x98d/0xe00 [ 1695.138007] ? netlink_unicast+0x800/0x800 [ 1695.138472] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1695.139066] ? netlink_unicast+0x800/0x800 [ 1695.139526] sock_sendmsg+0x150/0x190 [ 1695.139946] ____sys_sendmsg+0x703/0x870 [ 1695.140388] ? kernel_sendmsg+0x50/0x50 [ 1695.140809] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1695.141311] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1695.141869] ? lock_release+0x3b2/0x750 [ 1695.142314] ___sys_sendmsg+0xf3/0x170 [ 1695.142744] ? sendmsg_copy_msghdr+0x160/0x160 [ 1695.143243] ? lock_release+0x3b2/0x750 [ 1695.143682] ? lock_downgrade+0x6d0/0x6d0 [ 1695.144131] ? lock_release+0x3b2/0x750 [ 1695.144364] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1695.144571] ? ksys_write+0x20c/0x250 [ 1695.144589] ? lock_downgrade+0x6d0/0x6d0 [ 1695.147157] ? __fget_files+0x287/0x470 [ 1695.147631] ? __fget_light+0xea/0x270 [ 1695.148062] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1695.148667] __sys_sendmsg+0xe5/0x1b0 [ 1695.149079] ? __sys_sendmsg_sock+0x30/0x30 [ 1695.149545] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1695.150163] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.150745] do_syscall_64+0x3b/0x90 [ 1695.151169] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1695.151750] RIP: 0033:0x7fb278d14b19 [ 1695.152146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.154135] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1695.154955] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1695.155731] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1695.156488] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.157239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1695.157995] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1695.158761] [ 1695.169983] FAULT_INJECTION: forcing a failure. [ 1695.169983] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.172230] CPU: 1 PID: 8753 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1695.173845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1695.176076] Call Trace: [ 1695.176579] [ 1695.177025] dump_stack_lvl+0x8b/0xb3 [ 1695.177787] should_fail.cold+0x5/0xa [ 1695.178550] ? create_object.isra.0+0x3a/0xa20 [ 1695.179460] should_failslab+0x5/0x10 [ 1695.180242] kmem_cache_alloc+0x5b/0x480 [ 1695.181057] create_object.isra.0+0x3a/0xa20 [ 1695.181919] ? kasan_unpoison+0x23/0x50 [ 1695.182701] __kmalloc+0x25b/0x440 [ 1695.183417] __list_lru_init+0xc7/0x590 [ 1695.184207] alloc_super+0x814/0x9d0 [ 1695.184945] sget_fc+0x13e/0x7a0 18:34:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x2000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1695.185612] ? refcount_dec_not_one+0x13b/0x1e0 [ 1695.186677] ? set_anon_super+0xb0/0xb0 [ 1695.187472] ? mqueue_get_tree+0x130/0x130 [ 1695.188513] get_tree_nodev+0x24/0x1d0 [ 1695.189301] mqueue_get_tree+0xee/0x130 [ 1695.190251] vfs_get_tree+0x8e/0x2f0 [ 1695.190996] fc_mount+0x13/0xc0 [ 1695.191797] mq_init_ns+0x43e/0x630 [ 1695.192529] copy_ipcs+0x35e/0x5d0 [ 1695.193372] ? copy_utsname+0xa9/0x4a0 [ 1695.194160] create_new_namespaces+0x210/0xb30 [ 1695.195141] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1695.196127] ksys_unshare+0x445/0x8d0 [ 1695.196894] ? unshare_fd+0x1c0/0x1c0 [ 1695.197649] ? lock_is_held_type+0xd7/0x130 [ 1695.198520] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.199534] __x64_sys_unshare+0x2d/0x40 [ 1695.200374] do_syscall_64+0x3b/0x90 [ 1695.201117] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1695.202159] RIP: 0033:0x7f4b4ea85b19 [ 1695.202878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.206497] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1695.208002] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1695.209396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1695.210799] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.212194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1695.213585] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1695.214995] [ 1695.226000] FAULT_INJECTION: forcing a failure. [ 1695.226000] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.227392] CPU: 0 PID: 8750 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1695.228333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1695.229580] Call Trace: [ 1695.229867] [ 1695.230135] dump_stack_lvl+0x8b/0xb3 [ 1695.230601] should_fail.cold+0x5/0xa [ 1695.231055] ? __list_lru_init+0xc7/0x590 [ 1695.231535] should_failslab+0x5/0x10 [ 1695.232008] __kmalloc+0x72/0x440 [ 1695.232454] __list_lru_init+0xc7/0x590 [ 1695.232934] alloc_super+0x83e/0x9d0 [ 1695.233395] sget_fc+0x13e/0x7a0 [ 1695.233816] ? refcount_dec_not_one+0x13b/0x1e0 [ 1695.234379] ? set_anon_super+0xb0/0xb0 [ 1695.234854] ? mqueue_get_tree+0x130/0x130 [ 1695.235350] get_tree_nodev+0x24/0x1d0 [ 1695.235839] mqueue_get_tree+0xee/0x130 [ 1695.236317] vfs_get_tree+0x8e/0x2f0 [ 1695.236774] fc_mount+0x13/0xc0 [ 1695.237181] mq_init_ns+0x43e/0x630 [ 1695.237626] copy_ipcs+0x35e/0x5d0 [ 1695.238049] ? copy_utsname+0xa9/0x4a0 [ 1695.238554] create_new_namespaces+0x210/0xb30 [ 1695.239127] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1695.239725] ksys_unshare+0x445/0x8d0 [ 1695.240190] ? unshare_fd+0x1c0/0x1c0 [ 1695.240679] ? lock_is_held_type+0xd7/0x130 [ 1695.241240] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.241848] __x64_sys_unshare+0x2d/0x40 [ 1695.242359] do_syscall_64+0x3b/0x90 [ 1695.242823] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1695.243444] RIP: 0033:0x7fdbeab6ab19 [ 1695.243935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.246005] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1695.246839] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1695.247584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1695.248358] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.249119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1695.249860] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1695.250636] 18:34:32 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:32 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x3000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1695.287633] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:34:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 6) 18:34:33 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 21) 18:34:33 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1695.370787] FAULT_INJECTION: forcing a failure. [ 1695.370787] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.372124] CPU: 0 PID: 8765 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1695.372988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1695.374176] Call Trace: [ 1695.374452] [ 1695.374688] dump_stack_lvl+0x8b/0xb3 [ 1695.375103] should_fail.cold+0x5/0xa [ 1695.375519] ? create_object.isra.0+0x3a/0xa20 [ 1695.376029] should_failslab+0x5/0x10 [ 1695.376434] kmem_cache_alloc+0x5b/0x480 [ 1695.376876] create_object.isra.0+0x3a/0xa20 [ 1695.377347] ? kasan_unpoison+0x23/0x50 [ 1695.377775] __kmalloc_node_track_caller+0x269/0x440 [ 1695.378317] ? netlink_sendmsg+0x98d/0xe00 [ 1695.378779] __alloc_skb+0xe3/0x340 [ 1695.379176] netlink_sendmsg+0x98d/0xe00 [ 1695.379626] ? netlink_unicast+0x800/0x800 [ 1695.380085] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1695.380673] ? netlink_unicast+0x800/0x800 [ 1695.381126] sock_sendmsg+0x150/0x190 [ 1695.381535] ____sys_sendmsg+0x703/0x870 [ 1695.381966] ? kernel_sendmsg+0x50/0x50 [ 1695.382388] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1695.382877] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1695.383432] ? lock_release+0x3b2/0x750 [ 1695.383869] ___sys_sendmsg+0xf3/0x170 [ 1695.384285] ? sendmsg_copy_msghdr+0x160/0x160 [ 1695.384773] ? lock_release+0x3b2/0x750 [ 1695.385196] ? lock_downgrade+0x6d0/0x6d0 [ 1695.385636] ? lock_release+0x3b2/0x750 [ 1695.386059] ? ksys_write+0x20c/0x250 [ 1695.386467] ? lock_downgrade+0x6d0/0x6d0 [ 1695.386911] ? __fget_files+0x287/0x470 [ 1695.387342] ? __fget_light+0xea/0x270 [ 1695.387766] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1695.388351] __sys_sendmsg+0xe5/0x1b0 [ 1695.388758] ? __sys_sendmsg_sock+0x30/0x30 [ 1695.389214] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1695.389808] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.390355] do_syscall_64+0x3b/0x90 [ 1695.390758] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1695.391308] RIP: 0033:0x7fb278d14b19 [ 1695.391713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.393630] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1695.394427] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1695.395173] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1695.395925] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.396658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1695.397393] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1695.398144] 18:34:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 22) [ 1695.414590] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1695.433736] FAULT_INJECTION: forcing a failure. [ 1695.433736] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.436132] CPU: 1 PID: 8767 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1695.437783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1695.440068] Call Trace: [ 1695.440594] [ 1695.441053] dump_stack_lvl+0x8b/0xb3 [ 1695.441846] should_fail.cold+0x5/0xa [ 1695.442631] ? __list_lru_init+0xc7/0x590 [ 1695.443466] should_failslab+0x5/0x10 [ 1695.444259] __kmalloc+0x72/0x440 [ 1695.444981] __list_lru_init+0xc7/0x590 [ 1695.445786] alloc_super+0x83e/0x9d0 [ 1695.446553] sget_fc+0x13e/0x7a0 [ 1695.447241] ? refcount_dec_not_one+0x13b/0x1e0 [ 1695.448193] ? set_anon_super+0xb0/0xb0 [ 1695.448999] ? mqueue_get_tree+0x130/0x130 [ 1695.449840] get_tree_nodev+0x24/0x1d0 [ 1695.450788] mqueue_get_tree+0xee/0x130 [ 1695.451612] vfs_get_tree+0x8e/0x2f0 [ 1695.452365] fc_mount+0x13/0xc0 [ 1695.453029] mq_init_ns+0x43e/0x630 [ 1695.453767] copy_ipcs+0x35e/0x5d0 [ 1695.454481] ? copy_utsname+0xa9/0x4a0 [ 1695.455277] create_new_namespaces+0x210/0xb30 [ 1695.456233] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1695.457223] ksys_unshare+0x445/0x8d0 [ 1695.458001] ? unshare_fd+0x1c0/0x1c0 [ 1695.458773] ? lock_is_held_type+0xd7/0x130 [ 1695.459702] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.460735] __x64_sys_unshare+0x2d/0x40 [ 1695.461561] do_syscall_64+0x3b/0x90 [ 1695.462316] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1695.463357] RIP: 0033:0x7f4b4ea85b19 [ 1695.464106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.467756] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1695.469569] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1695.470996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1695.472451] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.473874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1695.475299] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1695.476765] [ 1695.496243] FAULT_INJECTION: forcing a failure. [ 1695.496243] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.499766] CPU: 1 PID: 8771 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1695.501450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1695.503770] Call Trace: [ 1695.504304] [ 1695.504766] dump_stack_lvl+0x8b/0xb3 [ 1695.505553] should_fail.cold+0x5/0xa [ 1695.506347] ? __list_lru_init+0xc7/0x590 [ 1695.507180] should_failslab+0x5/0x10 [ 1695.507970] __kmalloc+0x72/0x440 [ 1695.508697] __list_lru_init+0xc7/0x590 [ 1695.509525] alloc_super+0x814/0x9d0 [ 1695.510301] sget_fc+0x13e/0x7a0 [ 1695.510998] ? refcount_dec_not_one+0x13b/0x1e0 [ 1695.511955] ? set_anon_super+0xb0/0xb0 [ 1695.512773] ? mqueue_get_tree+0x130/0x130 [ 1695.513629] get_tree_nodev+0x24/0x1d0 [ 1695.514436] mqueue_get_tree+0xee/0x130 [ 1695.515244] vfs_get_tree+0x8e/0x2f0 [ 1695.516022] fc_mount+0x13/0xc0 [ 1695.516701] mq_init_ns+0x43e/0x630 [ 1695.517452] copy_ipcs+0x35e/0x5d0 [ 1695.518172] ? copy_utsname+0xa9/0x4a0 [ 1695.518989] create_new_namespaces+0x210/0xb30 [ 1695.519956] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1695.520970] ksys_unshare+0x445/0x8d0 [ 1695.521758] ? unshare_fd+0x1c0/0x1c0 [ 1695.522563] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.523608] __x64_sys_unshare+0x2d/0x40 [ 1695.524436] do_syscall_64+0x3b/0x90 [ 1695.525193] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1695.526228] RIP: 0033:0x7fdbeab6ab19 [ 1695.526966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.530637] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1695.532166] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1695.533593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1695.535013] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.536433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1695.537846] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1695.539311] [ 1710.240575] FAULT_INJECTION: forcing a failure. [ 1710.240575] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.241725] CPU: 1 PID: 8778 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1710.242527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1710.243616] Call Trace: [ 1710.243884] [ 1710.244105] dump_stack_lvl+0x8b/0xb3 18:34:47 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 22) 18:34:47 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:34:47 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 7) 18:34:47 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}, {0x2, 0x5, 0x1000}], 0x3, &(0x7f0000000180)) 18:34:47 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x4000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:47 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x48, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:47 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 23) 18:34:47 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) [ 1710.244487] should_fail.cold+0x5/0xa [ 1710.245043] should_failslab+0x5/0x10 [ 1710.245769] kmem_cache_alloc_lru+0x60/0x7c0 [ 1710.246834] ? mqueue_alloc_inode+0x23/0x40 [ 1710.248099] mqueue_alloc_inode+0x23/0x40 [ 1710.249072] ? mqueue_free_inode+0x20/0x20 [ 1710.250234] alloc_inode+0x63/0x240 [ 1710.251107] new_inode+0x23/0x240 [ 1710.251963] mqueue_get_inode+0x31/0xe20 [ 1710.252931] ? sget_fc+0x156/0x7a0 [ 1710.253719] ? mqueue_get_tree+0x130/0x130 [ 1710.254641] mqueue_fill_super+0x10f/0x200 [ 1710.255566] get_tree_nodev+0xce/0x1d0 [ 1710.256441] mqueue_get_tree+0xee/0x130 [ 1710.257313] vfs_get_tree+0x8e/0x2f0 [ 1710.258133] fc_mount+0x13/0xc0 [ 1710.258856] mq_init_ns+0x43e/0x630 [ 1710.259655] copy_ipcs+0x35e/0x5d0 [ 1710.260436] ? copy_utsname+0xa9/0x4a0 [ 1710.261307] create_new_namespaces+0x210/0xb30 [ 1710.262330] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1710.263414] ksys_unshare+0x445/0x8d0 [ 1710.264282] ? unshare_fd+0x1c0/0x1c0 [ 1710.265120] ? lock_is_held_type+0xd7/0x130 [ 1710.266091] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.267216] __x64_sys_unshare+0x2d/0x40 [ 1710.267849] FAULT_INJECTION: forcing a failure. [ 1710.267849] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.268116] do_syscall_64+0x3b/0x90 [ 1710.271307] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1710.272460] RIP: 0033:0x7fdbeab6ab19 [ 1710.273264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.277251] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1710.278898] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1710.280452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1710.281994] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1710.283530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1710.285090] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1710.286661] [ 1710.287168] CPU: 0 PID: 8782 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1710.288984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1710.291458] Call Trace: [ 1710.292051] [ 1710.292551] dump_stack_lvl+0x8b/0xb3 [ 1710.293407] should_fail.cold+0x5/0xa [ 1710.294262] ? create_object.isra.0+0x3a/0xa20 [ 1710.295275] should_failslab+0x5/0x10 [ 1710.296153] kmem_cache_alloc+0x5b/0x480 [ 1710.297076] create_object.isra.0+0x3a/0xa20 [ 1710.298051] ? kasan_unpoison+0x23/0x50 [ 1710.298942] __kmalloc+0x25b/0x440 [ 1710.299750] __list_lru_init+0xc7/0x590 [ 1710.300649] alloc_super+0x83e/0x9d0 [ 1710.301491] sget_fc+0x13e/0x7a0 [ 1710.302243] ? refcount_dec_not_one+0x13b/0x1e0 [ 1710.303283] ? set_anon_super+0xb0/0xb0 [ 1710.304186] ? mqueue_get_tree+0x130/0x130 [ 1710.305122] get_tree_nodev+0x24/0x1d0 [ 1710.305995] mqueue_get_tree+0xee/0x130 [ 1710.306869] vfs_get_tree+0x8e/0x2f0 [ 1710.306924] FAULT_INJECTION: forcing a failure. [ 1710.306924] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1710.307693] fc_mount+0x13/0xc0 [ 1710.307730] mq_init_ns+0x43e/0x630 [ 1710.311779] copy_ipcs+0x35e/0x5d0 [ 1710.312577] ? copy_utsname+0xa9/0x4a0 [ 1710.313463] create_new_namespaces+0x210/0xb30 [ 1710.314495] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1710.315588] ksys_unshare+0x445/0x8d0 [ 1710.316457] ? unshare_fd+0x1c0/0x1c0 [ 1710.317309] ? lock_is_held_type+0xd7/0x130 [ 1710.318297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.319428] __x64_sys_unshare+0x2d/0x40 [ 1710.320363] do_syscall_64+0x3b/0x90 [ 1710.321197] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1710.322343] RIP: 0033:0x7f4b4ea85b19 [ 1710.323160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.327177] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1710.328859] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1710.330416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1710.331980] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1710.333544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1710.335109] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1710.336711] [ 1710.337226] CPU: 1 PID: 8789 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1710.339014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1710.341482] Call Trace: [ 1710.342037] [ 1710.342525] dump_stack_lvl+0x8b/0xb3 [ 1710.343365] should_fail.cold+0x5/0xa [ 1710.344226] _copy_from_iter+0x37d/0x14d0 [ 1710.345149] ? _copy_from_iter_nocache+0x14a0/0x14a0 [ 1710.346250] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1710.347304] ? memset+0x20/0x40 [ 1710.348032] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1710.349237] ? __virt_addr_valid+0xe9/0x350 [ 1710.350183] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1710.351271] ? is_vmalloc_addr+0x7b/0xb0 [ 1710.352175] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1710.353380] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1710.353876] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1710.354474] ? __check_object_size+0x1b5/0x890 [ 1710.354525] netlink_sendmsg+0x86b/0xe00 [ 1710.358220] ? netlink_unicast+0x800/0x800 [ 1710.359167] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1710.360381] ? netlink_unicast+0x800/0x800 [ 1710.361311] sock_sendmsg+0x150/0x190 [ 1710.362148] ____sys_sendmsg+0x703/0x870 [ 1710.363042] ? kernel_sendmsg+0x50/0x50 [ 1710.363928] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1710.364930] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1710.366076] ? lock_release+0x3b2/0x750 [ 1710.366958] ___sys_sendmsg+0xf3/0x170 [ 1710.367826] ? sendmsg_copy_msghdr+0x160/0x160 [ 1710.368830] ? lock_release+0x3b2/0x750 [ 1710.369702] ? lock_downgrade+0x6d0/0x6d0 [ 1710.370608] ? lock_release+0x3b2/0x750 [ 1710.371475] ? ksys_write+0x20c/0x250 [ 1710.372330] ? lock_downgrade+0x6d0/0x6d0 [ 1710.373296] ? __fget_files+0x287/0x470 [ 1710.374190] ? __fget_light+0xea/0x270 [ 1710.375049] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1710.376269] __sys_sendmsg+0xe5/0x1b0 [ 1710.377109] ? __sys_sendmsg_sock+0x30/0x30 [ 1710.378065] ? __traceiter_irq_enable+0xa0/0xa0 [ 1710.379103] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.380238] do_syscall_64+0x3b/0x90 [ 1710.381056] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1710.382191] RIP: 0033:0x7fb278d14b19 18:34:48 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4c, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1710.382994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.386637] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1710.387753] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1710.388816] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1710.389857] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1710.390895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1710.391943] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1710.393003] 18:34:48 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x9000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1710.462070] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:34:48 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:48 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 8) 18:34:48 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 24) [ 1710.530397] FAULT_INJECTION: forcing a failure. [ 1710.530397] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.531659] CPU: 1 PID: 8801 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1710.532514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1710.533664] Call Trace: [ 1710.533923] [ 1710.534151] dump_stack_lvl+0x8b/0xb3 [ 1710.534551] should_fail.cold+0x5/0xa [ 1710.534936] ? xfrm_policy_alloc+0x91/0x460 [ 1710.535387] should_failslab+0x5/0x10 [ 1710.535780] kmem_cache_alloc_trace+0x55/0x3c0 [ 1710.536268] xfrm_policy_alloc+0x91/0x460 [ 1710.536701] xfrm_policy_construct+0x28/0x520 [ 1710.537169] xfrm_add_policy+0x391/0x7a0 [ 1710.537593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1710.538165] ? xfrm_policy_construct+0x520/0x520 [ 1710.538657] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1710.539227] ? security_capable+0x95/0xc0 [ 1710.539659] ? __nla_parse+0x3e/0x50 [ 1710.540058] ? xfrm_policy_construct+0x520/0x520 [ 1710.540546] xfrm_user_rcv_msg+0x412/0x830 [ 1710.540986] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1710.541499] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1710.542072] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1710.542568] ? trace_contention_end+0xd8/0x130 [ 1710.543036] ? __mutex_lock+0x231/0x14c0 [ 1710.543459] netlink_rcv_skb+0x14b/0x430 [ 1710.543894] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1710.544411] ? netlink_ack+0xa80/0xa80 [ 1710.544802] ? lock_release+0x3b2/0x750 [ 1710.545220] ? netlink_deliver_tap+0x1b2/0xc30 [ 1710.545696] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1710.546213] xfrm_netlink_rcv+0x6b/0x90 [ 1710.546624] netlink_unicast+0x54a/0x800 [ 1710.547054] ? netlink_attachskb+0x880/0x880 [ 1710.547511] ? is_vmalloc_addr+0x7b/0xb0 [ 1710.547941] netlink_sendmsg+0x904/0xe00 [ 1710.548372] ? netlink_unicast+0x800/0x800 [ 1710.548822] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1710.549390] ? netlink_unicast+0x800/0x800 [ 1710.549830] sock_sendmsg+0x150/0x190 [ 1710.550230] ____sys_sendmsg+0x703/0x870 [ 1710.550653] ? kernel_sendmsg+0x50/0x50 [ 1710.551067] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1710.551539] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1710.552082] ? lock_release+0x3b2/0x750 [ 1710.552497] ___sys_sendmsg+0xf3/0x170 [ 1710.552895] ? sendmsg_copy_msghdr+0x160/0x160 [ 1710.553363] ? lock_release+0x3b2/0x750 [ 1710.553774] ? lock_downgrade+0x6d0/0x6d0 [ 1710.554197] ? lock_release+0x3b2/0x750 [ 1710.554604] ? ksys_write+0x20c/0x250 [ 1710.554991] ? lock_downgrade+0x6d0/0x6d0 [ 1710.555407] ? __fget_files+0x287/0x470 [ 1710.555834] ? __fget_light+0xea/0x270 [ 1710.556238] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1710.556806] __sys_sendmsg+0xe5/0x1b0 [ 1710.557202] ? __sys_sendmsg_sock+0x30/0x30 [ 1710.557631] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1710.558192] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.558716] do_syscall_64+0x3b/0x90 [ 1710.559101] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1710.559634] RIP: 0033:0x7fb278d14b19 [ 1710.560021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.561878] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1710.562658] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1710.563384] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1710.564115] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1710.564833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1710.565554] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1710.566286] 18:34:48 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x68, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:34:48 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 23) 18:34:48 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x20000000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1710.603842] FAULT_INJECTION: forcing a failure. [ 1710.603842] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.603995] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:34:48 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x47010000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1710.606274] CPU: 0 PID: 8803 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1710.609240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1710.611605] Call Trace: [ 1710.612158] [ 1710.612633] dump_stack_lvl+0x8b/0xb3 [ 1710.613455] should_fail.cold+0x5/0xa [ 1710.614265] ? memcg_list_lru_alloc+0x23f/0xb10 [ 1710.615247] should_failslab+0x5/0x10 [ 1710.616083] __kmalloc+0x72/0x440 [ 1710.616842] memcg_list_lru_alloc+0x23f/0xb10 [ 1710.617781] ? lock_is_held_type+0xd7/0x130 [ 1710.618716] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1710.619761] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1710.620778] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1710.621734] ? mqueue_alloc_inode+0x23/0x40 [ 1710.622651] mqueue_alloc_inode+0x23/0x40 [ 1710.623515] ? mqueue_free_inode+0x20/0x20 [ 1710.624411] alloc_inode+0x63/0x240 [ 1710.625189] new_inode+0x23/0x240 [ 1710.625934] mqueue_get_inode+0x31/0xe20 [ 1710.627001] ? sget_fc+0x156/0x7a0 [ 1710.627767] ? mqueue_get_tree+0x130/0x130 [ 1710.628856] mqueue_fill_super+0x10f/0x200 [ 1710.629753] get_tree_nodev+0xce/0x1d0 [ 1710.630753] mqueue_get_tree+0xee/0x130 [ 1710.631589] vfs_get_tree+0x8e/0x2f0 [ 1710.632557] fc_mount+0x13/0xc0 [ 1710.633259] mq_init_ns+0x43e/0x630 [ 1710.634192] copy_ipcs+0x35e/0x5d0 [ 1710.634941] ? copy_utsname+0xa9/0x4a0 [ 1710.635976] create_new_namespaces+0x210/0xb30 [ 1710.636963] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1710.638230] ksys_unshare+0x445/0x8d0 [ 1710.639053] ? unshare_fd+0x1c0/0x1c0 [ 1710.640071] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.641171] __x64_sys_unshare+0x2d/0x40 [ 1710.642225] do_syscall_64+0x3b/0x90 [ 1710.643030] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1710.644378] RIP: 0033:0x7fdbeab6ab19 [ 1710.645165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.649845] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1710.651446] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1710.653268] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1710.654768] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1710.656454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1710.657943] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1710.659456] [ 1710.681980] FAULT_INJECTION: forcing a failure. [ 1710.681980] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.684467] CPU: 0 PID: 8811 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1710.686186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1710.688538] Call Trace: [ 1710.689073] [ 1710.689541] dump_stack_lvl+0x8b/0xb3 [ 1710.690353] should_fail.cold+0x5/0xa [ 1710.691158] should_failslab+0x5/0x10 [ 1710.691979] kmem_cache_alloc_lru+0x60/0x7c0 [ 1710.692910] ? mqueue_alloc_inode+0x23/0x40 [ 1710.693909] mqueue_alloc_inode+0x23/0x40 [ 1710.694782] ? mqueue_free_inode+0x20/0x20 [ 1710.695887] alloc_inode+0x63/0x240 [ 1710.696657] new_inode+0x23/0x240 [ 1710.697401] mqueue_get_inode+0x31/0xe20 [ 1710.698260] ? sget_fc+0x156/0x7a0 [ 1710.699013] ? mqueue_get_tree+0x130/0x130 [ 1710.699909] mqueue_fill_super+0x10f/0x200 [ 1710.700788] get_tree_nodev+0xce/0x1d0 [ 1710.701610] mqueue_get_tree+0xee/0x130 [ 1710.702443] vfs_get_tree+0x8e/0x2f0 [ 1710.703222] fc_mount+0x13/0xc0 [ 1710.703915] mq_init_ns+0x43e/0x630 [ 1710.704676] copy_ipcs+0x35e/0x5d0 [ 1710.705414] ? copy_utsname+0xa9/0x4a0 [ 1710.706242] create_new_namespaces+0x210/0xb30 [ 1710.707216] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1710.708257] ksys_unshare+0x445/0x8d0 [ 1710.709067] ? unshare_fd+0x1c0/0x1c0 [ 1710.709870] ? lock_is_held_type+0xd7/0x130 [ 1710.710805] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.711894] __x64_sys_unshare+0x2d/0x40 [ 1710.712753] do_syscall_64+0x3b/0x90 [ 1710.713530] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1710.714612] RIP: 0033:0x7f4b4ea85b19 [ 1710.715378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.719175] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1710.720760] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1710.722234] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1710.723704] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1710.725191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1710.726666] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1710.728190] 18:35:02 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x6c, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:02 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x1, 0xffaf, 0x1800}], 0x2, &(0x7f0000000180)) 18:35:02 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) [ 1724.707804] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:02 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 25) 18:35:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x4e230000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1724.724841] FAULT_INJECTION: forcing a failure. [ 1724.724841] name failslab, interval 1, probability 0, space 0, times 0 [ 1724.726155] CPU: 0 PID: 8823 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1724.727031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1724.728277] Call Trace: [ 1724.728555] [ 1724.728796] dump_stack_lvl+0x8b/0xb3 [ 1724.729224] should_fail.cold+0x5/0xa [ 1724.729643] ? create_object.isra.0+0x3a/0xa20 [ 1724.730140] should_failslab+0x5/0x10 [ 1724.730561] kmem_cache_alloc+0x5b/0x480 [ 1724.731012] create_object.isra.0+0x3a/0xa20 [ 1724.731491] ? kasan_unpoison+0x23/0x50 [ 1724.731929] __kmalloc+0x25b/0x440 18:35:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 9) [ 1724.732354] memcg_list_lru_alloc+0x23f/0xb10 18:35:02 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 24) [ 1724.732922] ? lock_is_held_type+0xd7/0x130 [ 1724.733411] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1724.733943] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1724.734507] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1724.735053] ? mqueue_alloc_inode+0x23/0x40 [ 1724.735574] mqueue_alloc_inode+0x23/0x40 [ 1724.736090] ? mqueue_free_inode+0x20/0x20 [ 1724.736603] alloc_inode+0x63/0x240 [ 1724.737049] new_inode+0x23/0x240 [ 1724.737474] mqueue_get_inode+0x31/0xe20 [ 1724.737972] ? sget_fc+0x156/0x7a0 [ 1724.738395] ? mqueue_get_tree+0x130/0x130 [ 1724.738901] mqueue_fill_super+0x10f/0x200 [ 1724.739406] get_tree_nodev+0xce/0x1d0 [ 1724.739878] mqueue_get_tree+0xee/0x130 [ 1724.740378] vfs_get_tree+0x8e/0x2f0 [ 1724.740833] fc_mount+0x13/0xc0 [ 1724.741232] mq_init_ns+0x43e/0x630 [ 1724.741674] copy_ipcs+0x35e/0x5d0 [ 1724.742103] ? copy_utsname+0xa9/0x4a0 [ 1724.742580] create_new_namespaces+0x210/0xb30 [ 1724.743146] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1724.743743] ksys_unshare+0x445/0x8d0 [ 1724.744216] ? unshare_fd+0x1c0/0x1c0 [ 1724.744684] ? lock_is_held_type+0xd7/0x130 [ 1724.745218] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1724.745844] __x64_sys_unshare+0x2d/0x40 [ 1724.746338] do_syscall_64+0x3b/0x90 [ 1724.746786] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1724.747416] RIP: 0033:0x7fdbeab6ab19 [ 1724.747860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1724.748070] FAULT_INJECTION: forcing a failure. [ 1724.748070] name failslab, interval 1, probability 0, space 0, times 0 [ 1724.750074] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1724.750092] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1724.750102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1724.753770] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1724.754581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1724.755390] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1724.756229] [ 1724.756494] CPU: 1 PID: 8826 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1724.757393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1724.758558] Call Trace: [ 1724.758835] [ 1724.759065] dump_stack_lvl+0x8b/0xb3 [ 1724.759470] should_fail.cold+0x5/0xa [ 1724.759873] ? create_object.isra.0+0x3a/0xa20 [ 1724.760370] should_failslab+0x5/0x10 [ 1724.760765] kmem_cache_alloc+0x5b/0x480 [ 1724.761202] create_object.isra.0+0x3a/0xa20 [ 1724.761660] ? kasan_unpoison+0x23/0x50 [ 1724.762074] kmem_cache_alloc_trace+0x22e/0x3c0 [ 1724.762562] xfrm_policy_alloc+0x91/0x460 [ 1724.763001] xfrm_policy_construct+0x28/0x520 18:35:02 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) [ 1724.763472] xfrm_add_policy+0x391/0x7a0 [ 1724.764105] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1724.764688] ? xfrm_policy_construct+0x520/0x520 [ 1724.765184] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1724.765751] ? security_capable+0x95/0xc0 [ 1724.766188] ? __nla_parse+0x3e/0x50 [ 1724.766589] ? xfrm_policy_construct+0x520/0x520 [ 1724.767089] xfrm_user_rcv_msg+0x412/0x830 [ 1724.767525] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1724.768055] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1724.768632] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1724.769155] ? trace_contention_end+0xd8/0x130 [ 1724.769639] ? __mutex_lock+0x231/0x14c0 [ 1724.770072] netlink_rcv_skb+0x14b/0x430 [ 1724.770505] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1724.771035] ? netlink_ack+0xa80/0xa80 [ 1724.771449] ? lock_release+0x3b2/0x750 [ 1724.771873] ? netlink_deliver_tap+0x1b2/0xc30 [ 1724.772363] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1724.772893] xfrm_netlink_rcv+0x6b/0x90 [ 1724.773315] netlink_unicast+0x54a/0x800 [ 1724.773742] ? netlink_attachskb+0x880/0x880 [ 1724.774199] ? is_vmalloc_addr+0x7b/0xb0 [ 1724.774626] netlink_sendmsg+0x904/0xe00 [ 1724.775060] ? netlink_unicast+0x800/0x800 [ 1724.775508] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1724.776086] ? netlink_unicast+0x800/0x800 [ 1724.776535] sock_sendmsg+0x150/0x190 [ 1724.776937] ____sys_sendmsg+0x703/0x870 [ 1724.777367] ? kernel_sendmsg+0x50/0x50 [ 1724.777776] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1724.778260] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1724.778802] ? lock_release+0x3b2/0x750 [ 1724.779226] ___sys_sendmsg+0xf3/0x170 [ 1724.779641] ? sendmsg_copy_msghdr+0x160/0x160 [ 1724.780129] ? lock_release+0x3b2/0x750 [ 1724.780553] ? lock_downgrade+0x6d0/0x6d0 [ 1724.780989] ? lock_release+0x3b2/0x750 [ 1724.781399] ? ksys_write+0x20c/0x250 [ 1724.781796] ? lock_downgrade+0x6d0/0x6d0 [ 1724.782227] ? __fget_files+0x287/0x470 [ 1724.782651] ? __fget_light+0xea/0x270 [ 1724.783058] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1724.783650] __sys_sendmsg+0xe5/0x1b0 [ 1724.784053] ? __sys_sendmsg_sock+0x30/0x30 [ 1724.784509] ? __traceiter_irq_enable+0xa0/0xa0 [ 1724.784995] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1724.785529] do_syscall_64+0x3b/0x90 [ 1724.785918] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1724.786469] RIP: 0033:0x7fb278d14b19 [ 1724.786847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1724.788745] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1724.789521] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1724.790252] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1724.790989] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1724.791722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1724.792461] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1724.793200] 18:35:02 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x74, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1724.812540] FAULT_INJECTION: forcing a failure. [ 1724.812540] name failslab, interval 1, probability 0, space 0, times 0 [ 1724.813793] CPU: 1 PID: 8829 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1724.814692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1724.815899] Call Trace: [ 1724.816198] [ 1724.816454] dump_stack_lvl+0x8b/0xb3 [ 1724.816889] should_fail.cold+0x5/0xa [ 1724.817292] ? memcg_list_lru_alloc+0x23f/0xb10 [ 1724.817782] should_failslab+0x5/0x10 [ 1724.818183] __kmalloc+0x72/0x440 [ 1724.818562] memcg_list_lru_alloc+0x23f/0xb10 [ 1724.819042] ? lock_is_held_type+0xd7/0x130 [ 1724.819514] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1724.820042] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1724.820539] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1724.821019] ? mqueue_alloc_inode+0x23/0x40 [ 1724.821494] mqueue_alloc_inode+0x23/0x40 [ 1724.821935] ? mqueue_free_inode+0x20/0x20 [ 1724.822378] alloc_inode+0x63/0x240 [ 1724.822762] new_inode+0x23/0x240 [ 1724.823129] mqueue_get_inode+0x31/0xe20 [ 1724.823566] ? sget_fc+0x156/0x7a0 [ 1724.823945] ? mqueue_get_tree+0x130/0x130 [ 1724.824405] mqueue_fill_super+0x10f/0x200 [ 1724.824851] get_tree_nodev+0xce/0x1d0 [ 1724.825274] mqueue_get_tree+0xee/0x130 [ 1724.825701] vfs_get_tree+0x8e/0x2f0 [ 1724.826098] fc_mount+0x13/0xc0 [ 1724.826448] mq_init_ns+0x43e/0x630 [ 1724.826849] copy_ipcs+0x35e/0x5d0 [ 1724.827219] ? copy_utsname+0xa9/0x4a0 [ 1724.827645] create_new_namespaces+0x210/0xb30 [ 1724.828151] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1724.828670] ksys_unshare+0x445/0x8d0 [ 1724.829073] ? unshare_fd+0x1c0/0x1c0 [ 1724.829477] ? lock_is_held_type+0xd7/0x130 [ 1724.829942] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1724.830484] __x64_sys_unshare+0x2d/0x40 [ 1724.830916] do_syscall_64+0x3b/0x90 [ 1724.831306] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1724.831852] RIP: 0033:0x7f4b4ea85b19 [ 1724.832243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1724.834174] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1724.834964] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1724.835704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1724.836452] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1724.837183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1724.837923] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1724.838670] 18:35:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x9effffff, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:02 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 26) [ 1724.840444] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1724.881473] FAULT_INJECTION: forcing a failure. [ 1724.881473] name failslab, interval 1, probability 0, space 0, times 0 [ 1724.882857] CPU: 0 PID: 8837 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1724.883793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1724.885078] Call Trace: [ 1724.885374] [ 1724.885626] dump_stack_lvl+0x8b/0xb3 [ 1724.886077] should_fail.cold+0x5/0xa [ 1724.886523] ? memcg_list_lru_alloc+0x514/0xb10 [ 1724.887063] should_failslab+0x5/0x10 [ 1724.887505] __kmalloc+0x72/0x440 [ 1724.887911] memcg_list_lru_alloc+0x514/0xb10 [ 1724.888421] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1724.888996] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1724.889552] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1724.890069] ? mqueue_alloc_inode+0x23/0x40 [ 1724.890568] mqueue_alloc_inode+0x23/0x40 [ 1724.891036] ? mqueue_free_inode+0x20/0x20 [ 1724.891518] alloc_inode+0x63/0x240 [ 1724.891944] new_inode+0x23/0x240 [ 1724.892345] mqueue_get_inode+0x31/0xe20 [ 1724.892824] ? sget_fc+0x156/0x7a0 [ 1724.893201] ? mqueue_get_tree+0x130/0x130 [ 1724.893681] mqueue_fill_super+0x10f/0x200 [ 1724.894120] get_tree_nodev+0xce/0x1d0 [ 1724.894570] mqueue_get_tree+0xee/0x130 [ 1724.894983] vfs_get_tree+0x8e/0x2f0 [ 1724.895407] fc_mount+0x13/0xc0 [ 1724.895759] mq_init_ns+0x43e/0x630 [ 1724.896198] copy_ipcs+0x35e/0x5d0 [ 1724.896596] ? copy_utsname+0xa9/0x4a0 [ 1724.897053] create_new_namespaces+0x210/0xb30 [ 1724.897590] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1724.898156] ksys_unshare+0x445/0x8d0 [ 1724.898599] ? unshare_fd+0x1c0/0x1c0 [ 1724.899037] ? lock_is_held_type+0xd7/0x130 [ 1724.899546] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1724.900155] __x64_sys_unshare+0x2d/0x40 [ 1724.900587] do_syscall_64+0x3b/0x90 [ 1724.901014] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1724.901605] RIP: 0033:0x7fdbeab6ab19 [ 1724.902022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1724.904084] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1724.904950] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1724.905757] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1724.906564] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1724.907383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1724.908210] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1724.909029] 18:35:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 10) 18:35:02 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 25) [ 1724.922344] FAULT_INJECTION: forcing a failure. [ 1724.922344] name failslab, interval 1, probability 0, space 0, times 0 [ 1724.923610] CPU: 1 PID: 8839 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1724.924475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1724.925647] Call Trace: [ 1724.925910] [ 1724.926148] dump_stack_lvl+0x8b/0xb3 [ 1724.926568] should_fail.cold+0x5/0xa [ 1724.926968] ? __alloc_skb+0x211/0x340 [ 1724.927378] should_failslab+0x5/0x10 [ 1724.927785] kmem_cache_alloc_node+0x55/0x490 [ 1724.928277] __alloc_skb+0x211/0x340 [ 1724.928682] xfrm_send_policy_notify+0x4de/0x1630 [ 1724.929183] ? lockdep_hardirqs_on+0x79/0x100 [ 1724.929657] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1724.930124] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1724.930590] km_policy_notify+0xb1/0x200 [ 1724.931019] xfrm_add_policy+0x535/0x7a0 [ 1724.931445] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1724.932041] ? xfrm_policy_construct+0x520/0x520 [ 1724.932550] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1724.933129] ? __nla_parse+0x3e/0x50 [ 1724.933528] ? xfrm_policy_construct+0x520/0x520 [ 1724.934019] xfrm_user_rcv_msg+0x412/0x830 [ 1724.934468] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1724.934987] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1724.935578] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1724.936084] ? trace_contention_end+0xd8/0x130 [ 1724.936563] ? __mutex_lock+0x231/0x14c0 [ 1724.936991] netlink_rcv_skb+0x14b/0x430 [ 1724.937420] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1724.937943] ? netlink_ack+0xa80/0xa80 [ 1724.938352] ? lock_release+0x3b2/0x750 [ 1724.938796] ? netlink_deliver_tap+0x1b2/0xc30 [ 1724.939287] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1724.939820] xfrm_netlink_rcv+0x6b/0x90 [ 1724.940268] netlink_unicast+0x54a/0x800 [ 1724.940711] ? netlink_attachskb+0x880/0x880 [ 1724.941172] ? is_vmalloc_addr+0x7b/0xb0 [ 1724.941608] netlink_sendmsg+0x904/0xe00 [ 1724.942057] ? netlink_unicast+0x800/0x800 [ 1724.942515] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1724.943096] ? netlink_unicast+0x800/0x800 [ 1724.943558] sock_sendmsg+0x150/0x190 [ 1724.943968] ____sys_sendmsg+0x703/0x870 [ 1724.944409] ? kernel_sendmsg+0x50/0x50 [ 1724.944831] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1724.945320] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1724.945872] ? lock_release+0x3b2/0x750 [ 1724.946294] ___sys_sendmsg+0xf3/0x170 [ 1724.946712] ? sendmsg_copy_msghdr+0x160/0x160 [ 1724.947200] ? lock_release+0x3b2/0x750 [ 1724.947628] ? lock_downgrade+0x6d0/0x6d0 [ 1724.948082] ? lock_release+0x3b2/0x750 [ 1724.948497] ? ksys_write+0x20c/0x250 [ 1724.948896] ? lock_downgrade+0x6d0/0x6d0 [ 1724.949334] ? __fget_files+0x287/0x470 [ 1724.949768] ? __fget_light+0xea/0x270 [ 1724.950172] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1724.950752] __sys_sendmsg+0xe5/0x1b0 [ 1724.951151] ? __sys_sendmsg_sock+0x30/0x30 [ 1724.951607] ? __traceiter_irq_enable+0xa0/0xa0 [ 1724.952120] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1724.952661] do_syscall_64+0x3b/0x90 [ 1724.953051] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1724.953598] RIP: 0033:0x7fb278d14b19 [ 1724.953984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1724.955865] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1724.956664] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1724.957403] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1724.958161] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1724.958891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1724.959626] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1724.960378] 18:35:02 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xf0ffffff, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:02 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x7a, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1724.989699] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:02 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1725.016631] FAULT_INJECTION: forcing a failure. [ 1725.016631] name failslab, interval 1, probability 0, space 0, times 0 [ 1725.019283] CPU: 0 PID: 8842 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1725.021076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1725.023451] Call Trace: [ 1725.023996] [ 1725.024513] dump_stack_lvl+0x8b/0xb3 [ 1725.025368] should_fail.cold+0x5/0xa [ 1725.026219] ? create_object.isra.0+0x3a/0xa20 [ 1725.027246] should_failslab+0x5/0x10 [ 1725.028117] kmem_cache_alloc+0x5b/0x480 [ 1725.029032] create_object.isra.0+0x3a/0xa20 [ 1725.030011] ? kasan_unpoison+0x23/0x50 [ 1725.030905] __kmalloc+0x25b/0x440 [ 1725.031714] memcg_list_lru_alloc+0x23f/0xb10 [ 1725.032613] ? lock_is_held_type+0xd7/0x130 [ 1725.033606] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1725.034703] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1725.035765] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1725.036791] ? mqueue_alloc_inode+0x23/0x40 [ 1725.037763] mqueue_alloc_inode+0x23/0x40 [ 1725.038686] ? mqueue_free_inode+0x20/0x20 [ 1725.039624] alloc_inode+0x63/0x240 [ 1725.040374] new_inode+0x23/0x240 [ 1725.041131] mqueue_get_inode+0x31/0xe20 [ 1725.042052] ? sget_fc+0x156/0x7a0 [ 1725.042863] ? mqueue_get_tree+0x130/0x130 [ 1725.043807] mqueue_fill_super+0x10f/0x200 [ 1725.044777] get_tree_nodev+0xce/0x1d0 [ 1725.045658] mqueue_get_tree+0xee/0x130 [ 1725.046575] vfs_get_tree+0x8e/0x2f0 [ 1725.047412] fc_mount+0x13/0xc0 [ 1725.048162] mq_init_ns+0x43e/0x630 [ 1725.048995] copy_ipcs+0x35e/0x5d0 [ 1725.049795] ? copy_utsname+0xa9/0x4a0 [ 1725.050691] create_new_namespaces+0x210/0xb30 [ 1725.051747] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1725.052880] ksys_unshare+0x445/0x8d0 [ 1725.053754] ? unshare_fd+0x1c0/0x1c0 [ 1725.054623] ? lock_is_held_type+0xd7/0x130 [ 1725.055630] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1725.056826] __x64_sys_unshare+0x2d/0x40 [ 1725.057768] do_syscall_64+0x3b/0x90 [ 1725.058621] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1725.059797] RIP: 0033:0x7f4b4ea85b19 [ 1725.060642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1725.064424] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1725.065917] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1725.067320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1725.068736] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1725.070140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1725.071564] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1725.073015] [ 1725.092558] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1738.525536] FAULT_INJECTION: forcing a failure. [ 1738.525536] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.526819] CPU: 0 PID: 8852 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1738.527692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1738.528887] Call Trace: [ 1738.529164] [ 1738.529407] dump_stack_lvl+0x8b/0xb3 [ 1738.529812] should_fail.cold+0x5/0xa [ 1738.530216] ? memcg_list_lru_alloc+0x514/0xb10 [ 1738.530709] should_failslab+0x5/0x10 [ 1738.531121] __kmalloc+0x72/0x440 [ 1738.531503] memcg_list_lru_alloc+0x514/0xb10 [ 1738.531981] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1738.532521] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1738.533022] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1738.533500] ? mqueue_alloc_inode+0x23/0x40 [ 1738.533964] mqueue_alloc_inode+0x23/0x40 [ 1738.534397] ? mqueue_free_inode+0x20/0x20 [ 1738.534838] alloc_inode+0x63/0x240 [ 1738.535221] new_inode+0x23/0x240 [ 1738.535594] mqueue_get_inode+0x31/0xe20 [ 1738.536023] ? sget_fc+0x156/0x7a0 [ 1738.536405] ? mqueue_get_tree+0x130/0x130 [ 1738.536838] mqueue_fill_super+0x10f/0x200 [ 1738.537276] get_tree_nodev+0xce/0x1d0 [ 1738.537688] mqueue_get_tree+0xee/0x130 [ 1738.538105] vfs_get_tree+0x8e/0x2f0 [ 1738.538503] fc_mount+0x13/0xc0 [ 1738.538850] mq_init_ns+0x43e/0x630 [ 1738.539234] copy_ipcs+0x35e/0x5d0 [ 1738.539605] ? copy_utsname+0xa9/0x4a0 [ 1738.540019] create_new_namespaces+0x210/0xb30 [ 1738.540520] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1738.541036] ksys_unshare+0x445/0x8d0 18:35:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 11) 18:35:16 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}], 0x1, &(0x7f0000000180)) 18:35:16 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:35:16 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:35:16 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 26) 18:35:16 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xfcffffff, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:16 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x184, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1738.541446] ? unshare_fd+0x1c0/0x1c0 [ 1738.542068] ? lock_is_held_type+0xd7/0x130 [ 1738.542550] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.543099] __x64_sys_unshare+0x2d/0x40 [ 1738.543542] do_syscall_64+0x3b/0x90 [ 1738.543931] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1738.544498] RIP: 0033:0x7f4b4ea85b19 [ 1738.544893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.546796] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1738.547587] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1738.548349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1738.549080] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1738.549854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1738.550602] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1738.551361] 18:35:16 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 27) [ 1738.561564] FAULT_INJECTION: forcing a failure. [ 1738.561564] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.562826] CPU: 0 PID: 8854 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1738.563692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1738.564913] Call Trace: [ 1738.565181] [ 1738.565423] dump_stack_lvl+0x8b/0xb3 [ 1738.565826] should_fail.cold+0x5/0xa [ 1738.566233] ? create_object.isra.0+0x3a/0xa20 [ 1738.566731] should_failslab+0x5/0x10 [ 1738.567138] kmem_cache_alloc+0x5b/0x480 [ 1738.567578] create_object.isra.0+0x3a/0xa20 [ 1738.568044] ? kasan_unpoison+0x23/0x50 [ 1738.568482] __kmalloc+0x25b/0x440 [ 1738.568867] memcg_list_lru_alloc+0x514/0xb10 [ 1738.569345] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1738.569863] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1738.570365] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1738.570841] ? mqueue_alloc_inode+0x23/0x40 [ 1738.571302] mqueue_alloc_inode+0x23/0x40 [ 1738.571737] ? mqueue_free_inode+0x20/0x20 [ 1738.572188] alloc_inode+0x63/0x240 [ 1738.572601] new_inode+0x23/0x240 [ 1738.572982] mqueue_get_inode+0x31/0xe20 [ 1738.573421] ? sget_fc+0x156/0x7a0 [ 1738.573808] ? mqueue_get_tree+0x130/0x130 [ 1738.574249] mqueue_fill_super+0x10f/0x200 [ 1738.574701] get_tree_nodev+0xce/0x1d0 [ 1738.575115] mqueue_get_tree+0xee/0x130 [ 1738.575538] vfs_get_tree+0x8e/0x2f0 [ 1738.575932] fc_mount+0x13/0xc0 [ 1738.576299] mq_init_ns+0x43e/0x630 [ 1738.576696] copy_ipcs+0x35e/0x5d0 [ 1738.577069] ? copy_utsname+0xa9/0x4a0 [ 1738.577493] create_new_namespaces+0x210/0xb30 [ 1738.577977] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1738.578503] ksys_unshare+0x445/0x8d0 [ 1738.578911] ? unshare_fd+0x1c0/0x1c0 [ 1738.579317] ? lock_is_held_type+0xd7/0x130 [ 1738.579796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.580352] __x64_sys_unshare+0x2d/0x40 [ 1738.580786] do_syscall_64+0x3b/0x90 [ 1738.581184] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1738.581727] RIP: 0033:0x7fdbeab6ab19 [ 1738.582110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.584013] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1738.584816] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1738.585558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1738.586296] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1738.587087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1738.587833] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1738.588601] [ 1738.602406] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:16 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xfffff000, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1738.620069] FAULT_INJECTION: forcing a failure. [ 1738.620069] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.622641] CPU: 1 PID: 8865 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1738.624448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1738.626923] Call Trace: [ 1738.627484] [ 1738.627975] dump_stack_lvl+0x8b/0xb3 [ 1738.628841] should_fail.cold+0x5/0xa [ 1738.629693] ? create_object.isra.0+0x3a/0xa20 [ 1738.630714] should_failslab+0x5/0x10 [ 1738.631561] kmem_cache_alloc+0x5b/0x480 [ 1738.632495] create_object.isra.0+0x3a/0xa20 [ 1738.633452] ? kasan_unpoison+0x23/0x50 [ 1738.634325] kmem_cache_alloc_node+0x248/0x490 [ 1738.635331] __alloc_skb+0x211/0x340 [ 1738.636150] xfrm_send_policy_notify+0x4de/0x1630 [ 1738.637224] ? lockdep_hardirqs_on+0x79/0x100 [ 1738.638215] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1738.639208] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1738.640185] km_policy_notify+0xb1/0x200 [ 1738.641109] xfrm_add_policy+0x535/0x7a0 [ 1738.641989] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.643184] ? xfrm_policy_construct+0x520/0x520 [ 1738.644221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.645430] ? __nla_parse+0x3e/0x50 [ 1738.646255] ? xfrm_policy_construct+0x520/0x520 [ 1738.647273] xfrm_user_rcv_msg+0x412/0x830 [ 1738.648185] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1738.649258] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1738.650455] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1738.651492] ? trace_contention_end+0xd8/0x130 [ 1738.652486] ? __mutex_lock+0x231/0x14c0 [ 1738.653372] netlink_rcv_skb+0x14b/0x430 [ 1738.654255] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1738.655327] ? netlink_ack+0xa80/0xa80 [ 1738.656168] ? lock_release+0x3b2/0x750 [ 1738.657049] ? netlink_deliver_tap+0x1b2/0xc30 [ 1738.658032] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1738.659124] xfrm_netlink_rcv+0x6b/0x90 [ 1738.659974] netlink_unicast+0x54a/0x800 [ 1738.660896] ? netlink_attachskb+0x880/0x880 [ 1738.661843] ? is_vmalloc_addr+0x7b/0xb0 [ 1738.662734] netlink_sendmsg+0x904/0xe00 [ 1738.663631] ? netlink_unicast+0x800/0x800 [ 1738.664564] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.665752] ? netlink_unicast+0x800/0x800 [ 1738.666662] sock_sendmsg+0x150/0x190 [ 1738.667491] ____sys_sendmsg+0x703/0x870 [ 1738.668372] ? kernel_sendmsg+0x50/0x50 [ 1738.669222] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1738.670205] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1738.671327] ? lock_release+0x3b2/0x750 [ 1738.672187] ___sys_sendmsg+0xf3/0x170 [ 1738.673061] ? sendmsg_copy_msghdr+0x160/0x160 [ 1738.674054] ? lock_release+0x3b2/0x750 [ 1738.674926] ? lock_downgrade+0x6d0/0x6d0 [ 1738.675809] ? lock_release+0x3b2/0x750 [ 1738.676669] ? ksys_write+0x20c/0x250 [ 1738.677488] ? lock_downgrade+0x6d0/0x6d0 [ 1738.678386] ? __fget_files+0x287/0x470 [ 1738.679254] ? __fget_light+0xea/0x270 [ 1738.680098] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1738.681295] __sys_sendmsg+0xe5/0x1b0 [ 1738.682115] ? __sys_sendmsg_sock+0x30/0x30 [ 1738.683039] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.684259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.685363] do_syscall_64+0x3b/0x90 [ 1738.686160] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1738.687266] RIP: 0033:0x7fb278d14b19 [ 1738.688048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.691846] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1738.693419] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1738.694898] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1738.696409] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1738.697890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1738.699366] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1738.700881] 18:35:16 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 27) 18:35:16 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 28) [ 1738.714813] FAULT_INJECTION: forcing a failure. [ 1738.714813] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.716114] CPU: 0 PID: 8874 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1738.717005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1738.718209] Call Trace: [ 1738.718485] [ 1738.718730] dump_stack_lvl+0x8b/0xb3 [ 1738.719140] should_fail.cold+0x5/0xa [ 1738.719550] ? create_object.isra.0+0x3a/0xa20 [ 1738.720048] should_failslab+0x5/0x10 [ 1738.720465] kmem_cache_alloc+0x5b/0x480 [ 1738.720904] create_object.isra.0+0x3a/0xa20 [ 1738.721382] ? kasan_unpoison+0x23/0x50 [ 1738.721809] __kmalloc+0x25b/0x440 [ 1738.722206] memcg_list_lru_alloc+0x514/0xb10 [ 1738.722684] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1738.723212] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1738.723713] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1738.724211] ? mqueue_alloc_inode+0x23/0x40 [ 1738.724683] mqueue_alloc_inode+0x23/0x40 [ 1738.725116] ? mqueue_free_inode+0x20/0x20 [ 1738.725561] alloc_inode+0x63/0x240 [ 1738.725947] new_inode+0x23/0x240 [ 1738.726322] mqueue_get_inode+0x31/0xe20 [ 1738.726755] ? sget_fc+0x156/0x7a0 [ 1738.727139] ? mqueue_get_tree+0x130/0x130 [ 1738.727587] mqueue_fill_super+0x10f/0x200 [ 1738.728035] get_tree_nodev+0xce/0x1d0 [ 1738.728468] mqueue_get_tree+0xee/0x130 [ 1738.728881] vfs_get_tree+0x8e/0x2f0 [ 1738.729279] fc_mount+0x13/0xc0 [ 1738.729632] mq_init_ns+0x43e/0x630 [ 1738.730016] copy_ipcs+0x35e/0x5d0 [ 1738.730392] ? copy_utsname+0xa9/0x4a0 [ 1738.730816] create_new_namespaces+0x210/0xb30 [ 1738.731311] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1738.731839] ksys_unshare+0x445/0x8d0 [ 1738.732276] ? unshare_fd+0x1c0/0x1c0 [ 1738.732695] ? fput+0x2a/0x50 [ 1738.733034] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.733586] __x64_sys_unshare+0x2d/0x40 [ 1738.734017] do_syscall_64+0x3b/0x90 [ 1738.734419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1738.734965] RIP: 0033:0x7f4b4ea85b19 [ 1738.735361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.737277] RSP: 002b:00007f4b4bfda188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1738.738062] RAX: ffffffffffffffda RBX: 00007f4b4eb99020 RCX: 00007f4b4ea85b19 [ 1738.738817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1738.739556] RBP: 00007f4b4bfda1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1738.740304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1738.741041] R13: 00007fffc9bf7f7f R14: 00007f4b4bfda300 R15: 0000000000022000 [ 1738.741802] 18:35:16 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:16 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xffffff7f, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1738.801290] FAULT_INJECTION: forcing a failure. [ 1738.801290] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.804820] CPU: 1 PID: 8870 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 18:35:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 12) [ 1738.806673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1738.809362] Call Trace: [ 1738.809926] [ 1738.810422] dump_stack_lvl+0x8b/0xb3 [ 1738.811306] should_fail.cold+0x5/0xa [ 1738.812209] should_failslab+0x5/0x10 [ 1738.813103] kmem_cache_alloc_lru+0x60/0x7c0 [ 1738.814113] ? xas_alloc+0x35d/0x480 [ 1738.814946] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1738.816108] ? create_new_namespaces+0x210/0xb30 [ 1738.817203] xas_alloc+0x35d/0x480 [ 1738.818014] xas_create+0x35b/0x1030 [ 1738.818864] ? lock_acquire+0x1b2/0x530 [ 1738.819800] xas_store+0x90/0x1c40 [ 1738.820617] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1738.821853] ? xas_start+0x156/0x520 [ 1738.822681] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1738.823899] ? xas_load+0x66/0x2c0 [ 1738.824719] memcg_list_lru_alloc+0x3c7/0xb10 [ 1738.825727] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1738.826843] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1738.827924] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1738.828959] ? mqueue_alloc_inode+0x23/0x40 [ 1738.829926] mqueue_alloc_inode+0x23/0x40 [ 1738.830842] ? mqueue_free_inode+0x20/0x20 [ 1738.831782] alloc_inode+0x63/0x240 [ 1738.832594] new_inode+0x23/0x240 [ 1738.833360] mqueue_get_inode+0x31/0xe20 [ 1738.834303] ? sget_fc+0x156/0x7a0 [ 1738.835126] ? mqueue_get_tree+0x130/0x130 [ 1738.836060] mqueue_fill_super+0x10f/0x200 [ 1738.837012] get_tree_nodev+0xce/0x1d0 [ 1738.837913] mqueue_get_tree+0xee/0x130 [ 1738.838801] vfs_get_tree+0x8e/0x2f0 [ 1738.839354] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1738.839630] fc_mount+0x13/0xc0 [ 1738.841316] mq_init_ns+0x43e/0x630 [ 1738.842136] copy_ipcs+0x35e/0x5d0 [ 1738.842892] ? copy_utsname+0xa9/0x4a0 [ 1738.843759] create_new_namespaces+0x210/0xb30 [ 1738.844836] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1738.845923] ksys_unshare+0x445/0x8d0 [ 1738.846764] ? unshare_fd+0x1c0/0x1c0 [ 1738.847607] ? lock_is_held_type+0xd7/0x130 [ 1738.848585] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.849718] __x64_sys_unshare+0x2d/0x40 [ 1738.850613] do_syscall_64+0x3b/0x90 [ 1738.851427] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1738.852566] RIP: 0033:0x7fdbeab6ab19 [ 1738.853367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.857250] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1738.858884] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1738.860422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1738.861946] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1738.863432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1738.865173] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1738.866838] 18:35:16 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x500, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1738.898303] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:16 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 28) [ 1738.912731] FAULT_INJECTION: forcing a failure. [ 1738.912731] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.914638] CPU: 0 PID: 8883 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1738.915551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1738.916808] Call Trace: [ 1738.917081] [ 1738.917325] dump_stack_lvl+0x8b/0xb3 [ 1738.917755] should_fail.cold+0x5/0xa [ 1738.918177] ? lock_is_held_type+0xd7/0x130 [ 1738.918669] should_failslab+0x5/0x10 [ 1738.919099] __kmalloc_node_track_caller+0x7e/0x440 [ 1738.919661] ? xfrm_send_policy_notify+0x4de/0x1630 [ 1738.920229] __alloc_skb+0xe3/0x340 [ 1738.920641] xfrm_send_policy_notify+0x4de/0x1630 [ 1738.921182] ? lockdep_hardirqs_on+0x79/0x100 [ 1738.921677] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1738.922186] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1738.922681] km_policy_notify+0xb1/0x200 [ 1738.923147] xfrm_add_policy+0x535/0x7a0 [ 1738.923608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.924238] ? xfrm_policy_construct+0x520/0x520 [ 1738.924761] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.925369] ? __nla_parse+0x3e/0x50 [ 1738.925788] ? xfrm_policy_construct+0x520/0x520 [ 1738.926310] xfrm_user_rcv_msg+0x412/0x830 [ 1738.926786] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1738.927332] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1738.927906] ? finish_task_switch.isra.0+0x226/0x870 [ 1738.928488] ? lockdep_hardirqs_on+0x79/0x100 [ 1738.929009] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1738.929555] ? trace_contention_end+0xd8/0x130 [ 1738.930061] ? __mutex_lock+0x231/0x14c0 [ 1738.930516] netlink_rcv_skb+0x14b/0x430 [ 1738.930971] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1738.931520] ? netlink_ack+0xa80/0xa80 [ 1738.931937] ? lock_release+0x3b2/0x750 [ 1738.932385] ? netlink_deliver_tap+0x1b2/0xc30 [ 1738.932899] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1738.933428] xfrm_netlink_rcv+0x6b/0x90 [ 1738.933852] netlink_unicast+0x54a/0x800 [ 1738.934289] ? netlink_attachskb+0x880/0x880 [ 1738.934764] ? is_vmalloc_addr+0x7b/0xb0 [ 1738.935201] netlink_sendmsg+0x904/0xe00 [ 1738.935643] ? netlink_unicast+0x800/0x800 [ 1738.936100] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1738.936692] ? netlink_unicast+0x800/0x800 [ 1738.937143] sock_sendmsg+0x150/0x190 [ 1738.937553] ____sys_sendmsg+0x703/0x870 [ 1738.937992] ? kernel_sendmsg+0x50/0x50 [ 1738.938408] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1738.938887] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1738.939455] ? lock_release+0x3b2/0x750 [ 1738.939888] ___sys_sendmsg+0xf3/0x170 [ 1738.940337] ? sendmsg_copy_msghdr+0x160/0x160 [ 1738.940839] ? lock_release+0x3b2/0x750 [ 1738.941268] ? lock_downgrade+0x6d0/0x6d0 [ 1738.941706] ? lock_release+0x3b2/0x750 [ 1738.942130] ? ksys_write+0x20c/0x250 [ 1738.942534] ? lock_downgrade+0x6d0/0x6d0 [ 1738.942984] ? __fget_files+0x287/0x470 [ 1738.943411] ? __fget_light+0xea/0x270 [ 1738.943825] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1738.944415] __sys_sendmsg+0xe5/0x1b0 [ 1738.944819] ? __sys_sendmsg_sock+0x30/0x30 [ 1738.945278] ? __traceiter_irq_enable+0xa0/0xa0 [ 1738.945785] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.946333] do_syscall_64+0x3b/0x90 [ 1738.946730] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1738.947271] RIP: 0033:0x7fb278d14b19 [ 1738.947659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.949577] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1738.950357] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1738.951102] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1738.951836] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1738.952593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1738.953327] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1738.954090] 18:35:16 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x600, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1738.975834] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1739.001489] FAULT_INJECTION: forcing a failure. [ 1739.001489] name failslab, interval 1, probability 0, space 0, times 0 [ 1739.003891] CPU: 1 PID: 8887 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1739.005628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1739.007999] Call Trace: [ 1739.008546] [ 1739.009015] dump_stack_lvl+0x8b/0xb3 [ 1739.009830] should_fail.cold+0x5/0xa [ 1739.010642] should_failslab+0x5/0x10 [ 1739.011462] kmem_cache_alloc_lru+0x60/0x7c0 [ 1739.012429] ? xas_alloc+0x35d/0x480 [ 1739.013225] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1739.014357] ? create_new_namespaces+0x210/0xb30 [ 1739.015390] xas_alloc+0x35d/0x480 [ 1739.016154] xas_create+0x35b/0x1030 [ 1739.016981] ? lock_acquire+0x1b2/0x530 [ 1739.017854] xas_store+0x90/0x1c40 [ 1739.018617] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1739.019802] ? xas_start+0x156/0x520 [ 1739.020608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1739.021797] ? xas_load+0x66/0x2c0 [ 1739.022563] memcg_list_lru_alloc+0x3c7/0xb10 [ 1739.023539] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1739.024611] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1739.025632] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1739.026595] ? mqueue_alloc_inode+0x23/0x40 [ 1739.027525] mqueue_alloc_inode+0x23/0x40 [ 1739.028416] ? mqueue_free_inode+0x20/0x20 [ 1739.029311] alloc_inode+0x63/0x240 [ 1739.030089] new_inode+0x23/0x240 [ 1739.030843] mqueue_get_inode+0x31/0xe20 [ 1739.031717] ? sget_fc+0x156/0x7a0 [ 1739.032499] ? mqueue_get_tree+0x130/0x130 [ 1739.033389] mqueue_fill_super+0x10f/0x200 [ 1739.034293] get_tree_nodev+0xce/0x1d0 [ 1739.035129] mqueue_get_tree+0xee/0x130 [ 1739.035979] vfs_get_tree+0x8e/0x2f0 [ 1739.036798] fc_mount+0x13/0xc0 [ 1739.037505] mq_init_ns+0x43e/0x630 [ 1739.038277] copy_ipcs+0x35e/0x5d0 [ 1739.039038] ? copy_utsname+0xa9/0x4a0 [ 1739.039871] create_new_namespaces+0x210/0xb30 [ 1739.040873] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1739.041923] ksys_unshare+0x445/0x8d0 [ 1739.042753] ? unshare_fd+0x1c0/0x1c0 [ 1739.043562] ? lock_is_held_type+0xd7/0x130 [ 1739.044590] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1739.045706] __x64_sys_unshare+0x2d/0x40 [ 1739.046585] do_syscall_64+0x3b/0x90 [ 1739.047383] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1739.048502] RIP: 0033:0x7f4b4ea85b19 [ 1739.049285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1739.053244] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1739.054867] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1739.056396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1739.057914] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1739.059431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1739.060947] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1739.062491] 18:35:33 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xffffff9e, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:33 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:35:33 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:35:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 13) 18:35:33 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x700, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 29) 18:35:33 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 29) 18:35:33 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}], 0x1, &(0x7f0000000180)) [ 1756.018103] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1756.044079] FAULT_INJECTION: forcing a failure. [ 1756.044079] name failslab, interval 1, probability 0, space 0, times 0 [ 1756.046380] CPU: 1 PID: 8904 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1756.048000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1756.050243] Call Trace: [ 1756.050752] [ 1756.051193] dump_stack_lvl+0x8b/0xb3 [ 1756.051963] should_fail.cold+0x5/0xa [ 1756.052746] ? lock_release+0x3b2/0x750 [ 1756.053099] FAULT_INJECTION: forcing a failure. [ 1756.053099] name failslab, interval 1, probability 0, space 0, times 0 [ 1756.053550] ? create_object.isra.0+0x3a/0xa20 [ 1756.057078] should_failslab+0x5/0x10 [ 1756.057824] kmem_cache_alloc+0x5b/0x480 [ 1756.058647] create_object.isra.0+0x3a/0xa20 [ 1756.059509] ? kasan_unpoison+0x23/0x50 [ 1756.060311] __kmalloc_node_track_caller+0x269/0x440 [ 1756.061317] ? xfrm_send_policy_notify+0x4de/0x1630 [ 1756.062320] __alloc_skb+0xe3/0x340 [ 1756.063048] xfrm_send_policy_notify+0x4de/0x1630 [ 1756.064024] ? lockdep_hardirqs_on+0x79/0x100 [ 1756.064923] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1756.065820] ? xfrm_alloc_userspi+0x9a0/0x9a0 [ 1756.066697] km_policy_notify+0xb1/0x200 [ 1756.067525] xfrm_add_policy+0x535/0x7a0 [ 1756.068316] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1756.069398] ? xfrm_policy_construct+0x520/0x520 [ 1756.070348] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1756.071430] ? __nla_parse+0x3e/0x50 [ 1756.072187] ? xfrm_policy_construct+0x520/0x520 [ 1756.073113] xfrm_user_rcv_msg+0x412/0x830 [ 1756.073953] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1756.074917] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1756.076000] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1756.076990] ? trace_contention_end+0xd8/0x130 [ 1756.077894] ? __mutex_lock+0x231/0x14c0 [ 1756.078716] netlink_rcv_skb+0x14b/0x430 [ 1756.079538] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1756.080539] ? netlink_ack+0xa80/0xa80 [ 1756.081320] ? lock_release+0x3b2/0x750 [ 1756.082122] ? netlink_deliver_tap+0x1b2/0xc30 [ 1756.083026] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 1756.084032] xfrm_netlink_rcv+0x6b/0x90 [ 1756.084833] netlink_unicast+0x54a/0x800 [ 1756.085656] ? netlink_attachskb+0x880/0x880 [ 1756.086527] ? is_vmalloc_addr+0x7b/0xb0 [ 1756.087356] netlink_sendmsg+0x904/0xe00 [ 1756.088172] ? netlink_unicast+0x800/0x800 [ 1756.089037] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1756.090128] ? netlink_unicast+0x800/0x800 [ 1756.090977] sock_sendmsg+0x150/0x190 [ 1756.091738] ____sys_sendmsg+0x703/0x870 [ 1756.092569] ? kernel_sendmsg+0x50/0x50 [ 1756.093353] ? __ia32_sys_recvmmsg+0x260/0x260 [ 1756.094269] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1756.095314] ? lock_release+0x3b2/0x750 [ 1756.096118] ___sys_sendmsg+0xf3/0x170 [ 1756.096904] ? sendmsg_copy_msghdr+0x160/0x160 [ 1756.097805] ? lock_release+0x3b2/0x750 [ 1756.098570] ? lock_downgrade+0x6d0/0x6d0 [ 1756.099395] ? lock_release+0x3b2/0x750 [ 1756.100158] ? ksys_write+0x20c/0x250 [ 1756.100937] ? lock_downgrade+0x6d0/0x6d0 [ 1756.101746] ? __fget_files+0x287/0x470 [ 1756.102559] ? __fget_light+0xea/0x270 [ 1756.103321] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1756.104418] __sys_sendmsg+0xe5/0x1b0 [ 1756.105174] ? __sys_sendmsg_sock+0x30/0x30 [ 1756.106034] ? __traceiter_irq_enable+0xa0/0xa0 [ 1756.106956] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1756.107980] do_syscall_64+0x3b/0x90 [ 1756.108736] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1756.109765] RIP: 0033:0x7fb278d14b19 [ 1756.110493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1756.114130] RSP: 002b:00007fb27628a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1756.115623] RAX: ffffffffffffffda RBX: 00007fb278e27f60 RCX: 00007fb278d14b19 [ 1756.117035] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 1756.118431] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1756.119832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1756.121245] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1756.122678] [ 1756.123126] CPU: 0 PID: 8905 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1756.125049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1756.127436] Call Trace: [ 1756.128094] [ 1756.128592] dump_stack_lvl+0x8b/0xb3 [ 1756.129108] FAULT_INJECTION: forcing a failure. [ 1756.129108] name failslab, interval 1, probability 0, space 0, times 0 [ 1756.129415] should_fail.cold+0x5/0xa [ 1756.132310] ? create_object.isra.0+0x3a/0xa20 [ 1756.133514] should_failslab+0x5/0x10 [ 1756.134325] kmem_cache_alloc+0x5b/0x480 [ 1756.135392] create_object.isra.0+0x3a/0xa20 [ 1756.136331] ? kasan_unpoison+0x23/0x50 [ 1756.137392] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1756.138352] ? xas_alloc+0x35d/0x480 [ 1756.139211] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1756.140332] xas_alloc+0x35d/0x480 [ 1756.141095] xas_create+0x35b/0x1030 [ 1756.141880] ? lock_acquire+0x1b2/0x530 [ 1756.142727] xas_store+0x90/0x1c40 [ 1756.143469] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1756.144649] ? xas_start+0x156/0x520 [ 1756.145432] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1756.146574] ? xas_load+0x66/0x2c0 [ 1756.147322] memcg_list_lru_alloc+0x3c7/0xb10 [ 1756.148263] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1756.149316] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1756.150304] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1756.151255] ? mqueue_alloc_inode+0x23/0x40 [ 1756.152171] mqueue_alloc_inode+0x23/0x40 [ 1756.153242] ? mqueue_free_inode+0x20/0x20 [ 1756.154287] alloc_inode+0x63/0x240 [ 1756.155076] new_inode+0x23/0x240 [ 1756.155983] mqueue_get_inode+0x31/0xe20 [ 1756.156882] ? sget_fc+0x156/0x7a0 [ 1756.157814] ? mqueue_get_tree+0x130/0x130 [ 1756.158701] mqueue_fill_super+0x10f/0x200 [ 1756.159783] get_tree_nodev+0xce/0x1d0 [ 1756.160633] mqueue_get_tree+0xee/0x130 [ 1756.161662] vfs_get_tree+0x8e/0x2f0 [ 1756.162456] fc_mount+0x13/0xc0 [ 1756.163301] mq_init_ns+0x43e/0x630 [ 1756.164084] copy_ipcs+0x35e/0x5d0 [ 1756.165000] ? copy_utsname+0xa9/0x4a0 [ 1756.165849] create_new_namespaces+0x210/0xb30 [ 1756.166863] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1756.167893] ksys_unshare+0x445/0x8d0 [ 1756.168723] ? unshare_fd+0x1c0/0x1c0 [ 1756.169524] ? lock_is_held_type+0xd7/0x130 [ 1756.170460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1756.171532] __x64_sys_unshare+0x2d/0x40 [ 1756.172392] do_syscall_64+0x3b/0x90 [ 1756.173184] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1756.174276] RIP: 0033:0x7f4b4ea85b19 [ 1756.175046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1756.178838] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1756.180398] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1756.181880] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1756.183347] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1756.184816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1756.186280] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1756.187779] [ 1756.188268] CPU: 1 PID: 8903 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1756.189910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1756.192150] Call Trace: [ 1756.192673] [ 1756.193117] dump_stack_lvl+0x8b/0xb3 [ 1756.193884] should_fail.cold+0x5/0xa [ 1756.194641] ? xas_alloc+0x35d/0x480 [ 1756.195377] ? create_object.isra.0+0x3a/0xa20 [ 1756.196282] should_failslab+0x5/0x10 [ 1756.197052] kmem_cache_alloc+0x5b/0x480 [ 1756.197876] create_object.isra.0+0x3a/0xa20 [ 1756.198748] ? kasan_unpoison+0x23/0x50 [ 1756.199541] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1756.200433] ? xas_alloc+0x35d/0x480 [ 1756.201184] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1756.202229] xas_alloc+0x35d/0x480 [ 1756.202938] xas_create+0x35b/0x1030 [ 1756.203680] ? lock_acquire+0x1b2/0x530 [ 1756.204497] xas_store+0x90/0x1c40 [ 1756.205190] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1756.206282] ? xas_start+0x156/0x520 [ 1756.207025] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1756.208122] ? xas_load+0x66/0x2c0 [ 1756.208839] memcg_list_lru_alloc+0x3c7/0xb10 [ 1756.209745] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1756.210726] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1756.211666] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1756.212577] ? mqueue_alloc_inode+0x23/0x40 [ 1756.213437] mqueue_alloc_inode+0x23/0x40 [ 1756.214248] ? mqueue_free_inode+0x20/0x20 [ 1756.215079] alloc_inode+0x63/0x240 [ 1756.215806] new_inode+0x23/0x240 [ 1756.216515] mqueue_get_inode+0x31/0xe20 [ 1756.217333] ? sget_fc+0x156/0x7a0 [ 1756.218052] ? mqueue_get_tree+0x130/0x130 [ 1756.218886] mqueue_fill_super+0x10f/0x200 [ 1756.219719] get_tree_nodev+0xce/0x1d0 [ 1756.220514] mqueue_get_tree+0xee/0x130 [ 1756.221313] vfs_get_tree+0x8e/0x2f0 [ 1756.222060] fc_mount+0x13/0xc0 [ 1756.222713] mq_init_ns+0x43e/0x630 [ 1756.223438] copy_ipcs+0x35e/0x5d0 [ 1756.224141] ? copy_utsname+0xa9/0x4a0 [ 1756.224943] create_new_namespaces+0x210/0xb30 [ 1756.225876] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1756.226860] ksys_unshare+0x445/0x8d0 [ 1756.227625] ? unshare_fd+0x1c0/0x1c0 [ 1756.228402] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1756.229433] __x64_sys_unshare+0x2d/0x40 [ 1756.230239] do_syscall_64+0x3b/0x90 [ 1756.230979] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1756.232010] RIP: 0033:0x7fdbeab6ab19 [ 1756.232766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1756.236388] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1756.237891] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1756.239296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1756.240702] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1756.242101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1756.243500] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1756.244947] 18:35:34 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x900, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) (fail_nth: 14) 18:35:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xfffffff0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 30) [ 1756.342656] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:34 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 30) [ 1756.350976] FAULT_INJECTION: forcing a failure. [ 1756.350976] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1756.353555] CPU: 0 PID: 8911 Comm: syz-executor.3 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1756.355257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1756.357625] Call Trace: [ 1756.358163] [ 1756.358632] dump_stack_lvl+0x8b/0xb3 [ 1756.359442] should_fail.cold+0x5/0xa [ 1756.360249] _copy_to_user+0x2a/0x140 [ 1756.361074] simple_read_from_buffer+0xcc/0x160 [ 1756.362047] proc_fail_nth_read+0x194/0x220 [ 1756.362963] ? proc_exe_link+0x1d0/0x1d0 [ 1756.363818] ? security_file_permission+0xb1/0xd0 [ 1756.364868] ? proc_exe_link+0x1d0/0x1d0 [ 1756.365727] vfs_read+0x1ea/0x5d0 [ 1756.366466] ksys_read+0x127/0x250 [ 1756.367208] ? __ia32_sys_pwrite64+0x220/0x220 [ 1756.368165] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1756.369260] do_syscall_64+0x3b/0x90 [ 1756.370048] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1756.371130] RIP: 0033:0x7fb278cc769c [ 1756.371898] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1756.375695] RSP: 002b:00007fb27628a170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1756.377283] RAX: ffffffffffffffda RBX: 00000000000000b8 RCX: 00007fb278cc769c [ 1756.378759] RDX: 000000000000000f RSI: 00007fb27628a1e0 RDI: 0000000000000004 [ 1756.380233] RBP: 00007fb27628a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1756.381710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1756.383182] R13: 00007fff6bf0ca2f R14: 00007fb27628a300 R15: 0000000000022000 [ 1756.384697] [ 1756.410424] FAULT_INJECTION: forcing a failure. [ 1756.410424] name failslab, interval 1, probability 0, space 0, times 0 [ 1756.412839] CPU: 1 PID: 8915 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1756.414460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1756.416728] Call Trace: [ 1756.417232] [ 1756.417676] dump_stack_lvl+0x8b/0xb3 [ 1756.418447] should_fail.cold+0x5/0xa [ 1756.419215] ? create_object.isra.0+0x3a/0xa20 [ 1756.420135] should_failslab+0x5/0x10 [ 1756.420908] kmem_cache_alloc+0x5b/0x480 [ 1756.421734] create_object.isra.0+0x3a/0xa20 [ 1756.422617] ? kasan_unpoison+0x23/0x50 [ 1756.423417] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1756.424315] ? mqueue_alloc_inode+0x23/0x40 [ 1756.425204] mqueue_alloc_inode+0x23/0x40 [ 1756.426021] ? mqueue_free_inode+0x20/0x20 [ 1756.426853] alloc_inode+0x63/0x240 [ 1756.427582] new_inode+0x23/0x240 [ 1756.428288] mqueue_get_inode+0x31/0xe20 [ 1756.429149] ? sget_fc+0x156/0x7a0 [ 1756.429871] ? mqueue_get_tree+0x130/0x130 [ 1756.430707] mqueue_fill_super+0x10f/0x200 [ 1756.431544] get_tree_nodev+0xce/0x1d0 [ 1756.432326] mqueue_get_tree+0xee/0x130 [ 1756.433121] vfs_get_tree+0x8e/0x2f0 [ 1756.433867] fc_mount+0x13/0xc0 [ 1756.434526] mq_init_ns+0x43e/0x630 [ 1756.435259] copy_ipcs+0x35e/0x5d0 [ 1756.435967] ? copy_utsname+0xa9/0x4a0 [ 1756.436788] create_new_namespaces+0x210/0xb30 [ 1756.437717] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1756.438690] FAULT_INJECTION: forcing a failure. [ 1756.438690] name failslab, interval 1, probability 0, space 0, times 0 [ 1756.438704] ksys_unshare+0x445/0x8d0 [ 1756.441771] ? unshare_fd+0x1c0/0x1c0 [ 1756.442540] ? lock_is_held_type+0xd7/0x130 [ 1756.443431] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1756.444462] __x64_sys_unshare+0x2d/0x40 [ 1756.445276] do_syscall_64+0x3b/0x90 [ 1756.446021] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1756.447050] RIP: 0033:0x7f4b4ea85b19 [ 1756.447782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1756.451415] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1756.452922] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1756.454330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1756.455734] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1756.457156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1756.458557] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1756.459987] [ 1756.460455] CPU: 0 PID: 8917 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1756.462229] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1756.464598] Call Trace: [ 1756.465181] [ 1756.465659] dump_stack_lvl+0x8b/0xb3 [ 1756.466523] should_fail.cold+0x5/0xa [ 1756.467382] ? create_object.isra.0+0x3a/0xa20 [ 1756.468394] should_failslab+0x5/0x10 [ 1756.469262] kmem_cache_alloc+0x5b/0x480 [ 1756.470181] create_object.isra.0+0x3a/0xa20 [ 1756.471159] ? kasan_unpoison+0x23/0x50 [ 1756.472053] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1756.473050] ? mqueue_alloc_inode+0x23/0x40 [ 1756.473999] mqueue_alloc_inode+0x23/0x40 [ 1756.474911] ? mqueue_free_inode+0x20/0x20 [ 1756.475828] alloc_inode+0x63/0x240 [ 1756.476635] new_inode+0x23/0x240 [ 1756.477415] mqueue_get_inode+0x31/0xe20 [ 1756.478326] ? sget_fc+0x156/0x7a0 [ 1756.479136] ? mqueue_get_tree+0x130/0x130 [ 1756.480055] mqueue_fill_super+0x10f/0x200 [ 1756.480998] get_tree_nodev+0xce/0x1d0 [ 1756.481850] mqueue_get_tree+0xee/0x130 [ 1756.482694] vfs_get_tree+0x8e/0x2f0 [ 1756.483521] fc_mount+0x13/0xc0 [ 1756.484245] mq_init_ns+0x43e/0x630 [ 1756.485050] copy_ipcs+0x35e/0x5d0 [ 1756.485820] ? copy_utsname+0xa9/0x4a0 [ 1756.486672] create_new_namespaces+0x210/0xb30 [ 1756.487690] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1756.488800] ksys_unshare+0x445/0x8d0 [ 1756.489628] ? unshare_fd+0x1c0/0x1c0 [ 1756.490455] ? lock_is_held_type+0xd7/0x130 [ 1756.491428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1756.492552] __x64_sys_unshare+0x2d/0x40 [ 1756.493442] do_syscall_64+0x3b/0x90 [ 1756.494255] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1756.495380] RIP: 0033:0x7fdbeab6ab19 [ 1756.496197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1756.500068] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1756.501679] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1756.503196] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1756.504695] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1756.506598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1756.508273] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1756.509839] 18:35:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xfffffffc, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:34 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xea4, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0xffffffff, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1756.633741] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 31) 18:35:46 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}], 0x1, &(0x7f0000000180)) 18:35:46 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:35:46 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf00, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 31) 18:35:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2=0xe000000a, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:46 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) [ 1768.644997] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1768.658456] FAULT_INJECTION: forcing a failure. [ 1768.658456] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.659759] CPU: 1 PID: 8944 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1768.660608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1768.661818] Call Trace: [ 1768.662089] [ 1768.662333] dump_stack_lvl+0x8b/0xb3 [ 1768.662750] should_fail.cold+0x5/0xa [ 1768.663148] ? security_inode_alloc+0x34/0x160 [ 1768.663636] should_failslab+0x5/0x10 [ 1768.664037] kmem_cache_alloc+0x5b/0x480 [ 1768.664094] FAULT_INJECTION: forcing a failure. [ 1768.664094] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.664491] security_inode_alloc+0x34/0x160 [ 1768.664511] inode_init_always+0x5d8/0xd20 [ 1768.664533] alloc_inode+0x84/0x240 [ 1768.668096] new_inode+0x23/0x240 [ 1768.668479] mqueue_get_inode+0x31/0xe20 [ 1768.668926] ? sget_fc+0x156/0x7a0 [ 1768.669308] ? mqueue_get_tree+0x130/0x130 [ 1768.669753] mqueue_fill_super+0x10f/0x200 [ 1768.670202] get_tree_nodev+0xce/0x1d0 [ 1768.670619] mqueue_get_tree+0xee/0x130 [ 1768.671041] vfs_get_tree+0x8e/0x2f0 [ 1768.671438] fc_mount+0x13/0xc0 [ 1768.671790] mq_init_ns+0x43e/0x630 [ 1768.672174] copy_ipcs+0x35e/0x5d0 [ 1768.672552] ? copy_utsname+0xa9/0x4a0 [ 1768.672996] create_new_namespaces+0x210/0xb30 [ 1768.673495] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1768.674030] ksys_unshare+0x445/0x8d0 [ 1768.674447] ? unshare_fd+0x1c0/0x1c0 [ 1768.674858] ? lock_is_held_type+0xd7/0x130 [ 1768.675335] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1768.675892] __x64_sys_unshare+0x2d/0x40 [ 1768.676335] do_syscall_64+0x3b/0x90 [ 1768.676741] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1768.677297] RIP: 0033:0x7fdbeab6ab19 [ 1768.677686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1768.679597] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1768.680397] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1768.681160] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1768.681899] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.682671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1768.683449] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1768.684213] [ 1768.684459] CPU: 0 PID: 8945 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1768.686149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1768.688447] Call Trace: [ 1768.688995] [ 1768.689449] dump_stack_lvl+0x8b/0xb3 [ 1768.690246] should_fail.cold+0x5/0xa [ 1768.691174] ? security_inode_alloc+0x34/0x160 [ 1768.692337] should_failslab+0x5/0x10 [ 1768.693344] kmem_cache_alloc+0x5b/0x480 [ 1768.694399] security_inode_alloc+0x34/0x160 [ 1768.695515] inode_init_always+0x5d8/0xd20 [ 1768.696602] alloc_inode+0x84/0x240 [ 1768.697551] new_inode+0x23/0x240 [ 1768.698444] mqueue_get_inode+0x31/0xe20 [ 1768.699310] ? sget_fc+0x156/0x7a0 [ 1768.700041] ? mqueue_get_tree+0x130/0x130 [ 1768.700917] mqueue_fill_super+0x10f/0x200 [ 1768.701782] get_tree_nodev+0xce/0x1d0 [ 1768.702589] mqueue_get_tree+0xee/0x130 [ 1768.703458] vfs_get_tree+0x8e/0x2f0 [ 1768.704323] fc_mount+0x13/0xc0 [ 1768.705102] mq_init_ns+0x43e/0x630 [ 1768.705948] copy_ipcs+0x35e/0x5d0 [ 1768.706768] ? copy_utsname+0xa9/0x4a0 [ 1768.707698] create_new_namespaces+0x210/0xb30 [ 1768.708857] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1768.710021] ksys_unshare+0x445/0x8d0 [ 1768.710923] ? unshare_fd+0x1c0/0x1c0 [ 1768.711815] ? lock_is_held_type+0xd7/0x130 [ 1768.712874] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1768.714079] __x64_sys_unshare+0x2d/0x40 [ 1768.715038] do_syscall_64+0x3b/0x90 [ 1768.715904] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1768.717111] RIP: 0033:0x7f4b4ea85b19 [ 1768.717958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1768.722136] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1768.723873] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1768.725498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1768.727167] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.728969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1768.730580] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1768.732243] 18:35:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2=0xe000000e, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2=0xe0000019, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:46 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:35:46 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 32) [ 1768.774588] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:35:46 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x2}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1768.800405] FAULT_INJECTION: forcing a failure. [ 1768.800405] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.801648] CPU: 1 PID: 8955 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1768.802508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1768.803731] Call Trace: [ 1768.804004] [ 1768.804241] dump_stack_lvl+0x8b/0xb3 [ 1768.804711] should_fail.cold+0x5/0xa [ 1768.805119] ? create_object.isra.0+0x3a/0xa20 [ 1768.805607] should_failslab+0x5/0x10 [ 1768.806005] kmem_cache_alloc+0x5b/0x480 [ 1768.806447] create_object.isra.0+0x3a/0xa20 [ 1768.806929] ? kasan_unpoison+0x23/0x50 [ 1768.807364] kmem_cache_alloc+0x239/0x480 18:35:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1768.807832] security_inode_alloc+0x34/0x160 [ 1768.808487] inode_init_always+0x5d8/0xd20 [ 1768.809019] alloc_inode+0x84/0x240 [ 1768.809421] new_inode+0x23/0x240 [ 1768.809815] mqueue_get_inode+0x31/0xe20 [ 1768.810272] ? sget_fc+0x156/0x7a0 [ 1768.810670] ? mqueue_get_tree+0x130/0x130 [ 1768.811111] mqueue_fill_super+0x10f/0x200 [ 1768.811575] get_tree_nodev+0xce/0x1d0 [ 1768.811984] mqueue_get_tree+0xee/0x130 [ 1768.812430] vfs_get_tree+0x8e/0x2f0 [ 1768.812840] fc_mount+0x13/0xc0 [ 1768.813207] mq_init_ns+0x43e/0x630 [ 1768.813595] copy_ipcs+0x35e/0x5d0 [ 1768.813991] ? copy_utsname+0xa9/0x4a0 [ 1768.814409] create_new_namespaces+0x210/0xb30 [ 1768.814935] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1768.815449] ksys_unshare+0x445/0x8d0 [ 1768.815898] ? unshare_fd+0x1c0/0x1c0 [ 1768.816303] ? lock_is_held_type+0xd7/0x130 [ 1768.816837] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1768.817381] __x64_sys_unshare+0x2d/0x40 [ 1768.817844] do_syscall_64+0x3b/0x90 [ 1768.818258] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1768.818832] RIP: 0033:0x7fdbeab6ab19 [ 1768.819219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1768.821288] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1768.822073] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1768.822816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1768.823555] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.824278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1768.825032] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1768.825788] 18:36:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:01 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:36:01 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:36:01 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x3}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:01 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 32) 18:36:01 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4800, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:01 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x0, 0xffaf, 0x1800}], 0x2, &(0x7f0000000180)) 18:36:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 33) [ 1783.983284] FAULT_INJECTION: forcing a failure. [ 1783.983284] name failslab, interval 1, probability 0, space 0, times 0 [ 1783.985687] CPU: 1 PID: 8973 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1783.987365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1783.989681] Call Trace: [ 1783.990208] [ 1783.990672] dump_stack_lvl+0x8b/0xb3 [ 1783.991456] should_fail.cold+0x5/0xa [ 1783.992232] ? create_object.isra.0+0x3a/0xa20 [ 1783.993153] should_failslab+0x5/0x10 [ 1783.993926] kmem_cache_alloc+0x5b/0x480 [ 1783.994787] create_object.isra.0+0x3a/0xa20 [ 1783.995701] ? kasan_unpoison+0x23/0x50 [ 1783.996541] kmem_cache_alloc+0x239/0x480 [ 1783.997424] security_inode_alloc+0x34/0x160 [ 1783.998335] inode_init_always+0x5d8/0xd20 [ 1783.999193] alloc_inode+0x84/0x240 [ 1783.999937] new_inode+0x23/0x240 [ 1784.000640] mqueue_get_inode+0x31/0xe20 [ 1784.001486] ? sget_fc+0x156/0x7a0 [ 1784.001986] FAULT_INJECTION: forcing a failure. [ 1784.001986] name failslab, interval 1, probability 0, space 0, times 0 [ 1784.002203] ? mqueue_get_tree+0x130/0x130 [ 1784.004211] mqueue_fill_super+0x10f/0x200 [ 1784.005058] get_tree_nodev+0xce/0x1d0 [ 1784.005848] mqueue_get_tree+0xee/0x130 [ 1784.006637] vfs_get_tree+0x8e/0x2f0 [ 1784.007385] fc_mount+0x13/0xc0 [ 1784.008041] mq_init_ns+0x43e/0x630 [ 1784.008770] copy_ipcs+0x35e/0x5d0 [ 1784.009480] ? copy_utsname+0xa9/0x4a0 [ 1784.010276] create_new_namespaces+0x210/0xb30 [ 1784.011213] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1784.012221] ksys_unshare+0x445/0x8d0 [ 1784.013024] ? unshare_fd+0x1c0/0x1c0 [ 1784.013798] ? lock_is_held_type+0xd7/0x130 [ 1784.014703] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.015752] __x64_sys_unshare+0x2d/0x40 [ 1784.016579] do_syscall_64+0x3b/0x90 [ 1784.017361] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1784.018411] RIP: 0033:0x7f4b4ea85b19 [ 1784.019156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.022841] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1784.024359] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1784.025785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1784.027228] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1784.028647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1784.030081] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1784.031564] [ 1784.032027] CPU: 0 PID: 8977 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1784.032903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1784.034107] Call Trace: [ 1784.034376] [ 1784.034629] dump_stack_lvl+0x8b/0xb3 [ 1784.035042] should_fail.cold+0x5/0xa [ 1784.035448] should_failslab+0x5/0x10 [ 1784.035850] kmem_cache_alloc_lru+0x60/0x7c0 [ 1784.036315] ? __d_alloc+0x31/0x990 [ 1784.036703] ? mqueue_get_tree+0x130/0x130 [ 1784.037152] __d_alloc+0x31/0x990 [ 1784.037516] ? mqueue_get_inode+0x27f/0xe20 [ 1784.037974] ? mqueue_get_tree+0x130/0x130 [ 1784.038429] d_make_root+0x45/0x110 [ 1784.038814] mqueue_fill_super+0x137/0x200 [ 1784.039260] get_tree_nodev+0xce/0x1d0 [ 1784.039680] mqueue_get_tree+0xee/0x130 [ 1784.040106] vfs_get_tree+0x8e/0x2f0 [ 1784.040507] fc_mount+0x13/0xc0 [ 1784.040871] mq_init_ns+0x43e/0x630 [ 1784.041260] copy_ipcs+0x35e/0x5d0 [ 1784.041638] ? copy_utsname+0xa9/0x4a0 [ 1784.042076] create_new_namespaces+0x210/0xb30 [ 1784.042564] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1784.043099] ksys_unshare+0x445/0x8d0 [ 1784.043510] ? unshare_fd+0x1c0/0x1c0 [ 1784.043928] ? lock_is_held_type+0xd7/0x130 [ 1784.044412] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.044967] __x64_sys_unshare+0x2d/0x40 [ 1784.045409] do_syscall_64+0x3b/0x90 [ 1784.045814] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1784.046384] RIP: 0033:0x7fdbeab6ab19 [ 1784.046784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.048743] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1784.049571] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1784.050324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1784.051099] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1784.051858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1784.052625] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1784.053395] 18:36:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:01 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x4}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1784.055554] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:36:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x8, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:01 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 33) 18:36:01 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 34) 18:36:01 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4c00, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1784.150081] FAULT_INJECTION: forcing a failure. [ 1784.150081] name failslab, interval 1, probability 0, space 0, times 0 [ 1784.151404] CPU: 0 PID: 8987 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1784.152287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1784.153507] Call Trace: [ 1784.153787] [ 1784.154021] dump_stack_lvl+0x8b/0xb3 [ 1784.154453] should_fail.cold+0x5/0xa [ 1784.154858] should_failslab+0x5/0x10 [ 1784.155269] kmem_cache_alloc_lru+0x60/0x7c0 [ 1784.155741] ? __d_alloc+0x31/0x990 [ 1784.156141] ? mqueue_get_tree+0x130/0x130 [ 1784.156602] __d_alloc+0x31/0x990 [ 1784.156979] ? mqueue_get_inode+0x27f/0xe20 [ 1784.157445] ? mqueue_get_tree+0x130/0x130 [ 1784.157893] d_make_root+0x45/0x110 [ 1784.158286] mqueue_fill_super+0x137/0x200 [ 1784.158731] get_tree_nodev+0xce/0x1d0 [ 1784.159148] mqueue_get_tree+0xee/0x130 [ 1784.159575] vfs_get_tree+0x8e/0x2f0 [ 1784.159970] fc_mount+0x13/0xc0 [ 1784.160339] mq_init_ns+0x43e/0x630 [ 1784.160741] copy_ipcs+0x35e/0x5d0 [ 1784.161137] ? copy_utsname+0xa9/0x4a0 [ 1784.161571] create_new_namespaces+0x210/0xb30 [ 1784.162079] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1784.162628] ksys_unshare+0x445/0x8d0 [ 1784.163056] ? unshare_fd+0x1c0/0x1c0 [ 1784.163476] ? lock_is_held_type+0xd7/0x130 [ 1784.163963] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.164524] __x64_sys_unshare+0x2d/0x40 [ 1784.164975] do_syscall_64+0x3b/0x90 [ 1784.165393] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1784.165968] RIP: 0033:0x7f4b4ea85b19 [ 1784.166369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.168353] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1784.169184] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1784.169951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1784.170712] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1784.171479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1784.172231] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1784.173011] [ 1784.186509] FAULT_INJECTION: forcing a failure. [ 1784.186509] name failslab, interval 1, probability 0, space 0, times 0 [ 1784.187757] CPU: 0 PID: 8989 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1784.188632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1784.189832] Call Trace: [ 1784.190109] [ 1784.190347] dump_stack_lvl+0x8b/0xb3 [ 1784.190766] should_fail.cold+0x5/0xa [ 1784.191175] ? memcg_list_lru_alloc+0x23f/0xb10 [ 1784.191673] should_failslab+0x5/0x10 [ 1784.192075] __kmalloc+0x72/0x440 [ 1784.192455] memcg_list_lru_alloc+0x23f/0xb10 [ 1784.192954] ? lock_is_held_type+0xd7/0x130 [ 1784.193438] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1784.193974] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1784.194486] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1784.194972] ? __d_alloc+0x31/0x990 [ 1784.195357] ? mqueue_get_tree+0x130/0x130 [ 1784.195817] __d_alloc+0x31/0x990 [ 1784.196190] ? mqueue_get_inode+0x27f/0xe20 [ 1784.196678] ? mqueue_get_tree+0x130/0x130 [ 1784.197146] d_make_root+0x45/0x110 [ 1784.197546] mqueue_fill_super+0x137/0x200 [ 1784.198006] get_tree_nodev+0xce/0x1d0 [ 1784.198444] mqueue_get_tree+0xee/0x130 [ 1784.198876] vfs_get_tree+0x8e/0x2f0 [ 1784.199287] fc_mount+0x13/0xc0 [ 1784.199646] mq_init_ns+0x43e/0x630 [ 1784.200048] copy_ipcs+0x35e/0x5d0 [ 1784.200422] ? copy_utsname+0xa9/0x4a0 [ 1784.200865] create_new_namespaces+0x210/0xb30 [ 1784.201378] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1784.201923] ksys_unshare+0x445/0x8d0 [ 1784.202352] ? unshare_fd+0x1c0/0x1c0 [ 1784.202777] ? lock_is_held_type+0xd7/0x130 [ 1784.203264] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.203837] __x64_sys_unshare+0x2d/0x40 [ 1784.204292] do_syscall_64+0x3b/0x90 [ 1784.204705] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1784.205263] RIP: 0033:0x7fdbeab6ab19 [ 1784.205668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.207660] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1784.208497] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1784.209284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1784.210069] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1784.210837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1784.211361] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1784.211613] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1784.211638] 18:36:01 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x8}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:02 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 34) [ 1784.293553] FAULT_INJECTION: forcing a failure. [ 1784.293553] name failslab, interval 1, probability 0, space 0, times 0 [ 1784.294792] CPU: 0 PID: 8998 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1784.295660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1784.296861] Call Trace: [ 1784.297138] [ 1784.297371] dump_stack_lvl+0x8b/0xb3 [ 1784.297793] should_fail.cold+0x5/0xa [ 1784.298199] ? memcg_list_lru_alloc+0x23f/0xb10 [ 1784.298698] should_failslab+0x5/0x10 [ 1784.299110] __kmalloc+0x72/0x440 [ 1784.299489] memcg_list_lru_alloc+0x23f/0xb10 [ 1784.299962] ? lock_is_held_type+0xd7/0x130 [ 1784.300446] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1784.301000] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1784.301517] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1784.301998] ? __d_alloc+0x31/0x990 [ 1784.302398] ? mqueue_get_tree+0x130/0x130 [ 1784.302839] __d_alloc+0x31/0x990 [ 1784.303234] ? mqueue_get_inode+0x27f/0xe20 [ 1784.303713] ? mqueue_get_tree+0x130/0x130 [ 1784.304168] d_make_root+0x45/0x110 [ 1784.304564] mqueue_fill_super+0x137/0x200 [ 1784.305051] get_tree_nodev+0xce/0x1d0 [ 1784.305484] mqueue_get_tree+0xee/0x130 [ 1784.305916] vfs_get_tree+0x8e/0x2f0 [ 1784.306325] fc_mount+0x13/0xc0 [ 1784.306690] mq_init_ns+0x43e/0x630 [ 1784.307091] copy_ipcs+0x35e/0x5d0 [ 1784.307475] ? copy_utsname+0xa9/0x4a0 [ 1784.307911] create_new_namespaces+0x210/0xb30 [ 1784.308418] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1784.308974] ksys_unshare+0x445/0x8d0 [ 1784.309400] ? unshare_fd+0x1c0/0x1c0 [ 1784.309821] ? lock_is_held_type+0xd7/0x130 [ 1784.310320] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.310890] __x64_sys_unshare+0x2d/0x40 [ 1784.311338] do_syscall_64+0x3b/0x90 [ 1784.311747] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1784.312318] RIP: 0033:0x7f4b4ea85b19 [ 1784.312712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.314665] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1784.315494] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1784.316257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1784.317029] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1784.317813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1784.318592] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1784.319379] 18:36:18 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:36:18 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 35) 18:36:18 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {0x0, 0x0, 0x1800}], 0x2, &(0x7f0000000180)) 18:36:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x9}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:18 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x6800, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:18 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 35) 18:36:18 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) [ 1800.779640] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1800.780116] FAULT_INJECTION: forcing a failure. [ 1800.780116] name failslab, interval 1, probability 0, space 0, times 0 [ 1800.783311] CPU: 0 PID: 9005 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1800.784555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1800.786275] Call Trace: [ 1800.786684] [ 1800.787030] dump_stack_lvl+0x8b/0xb3 [ 1800.787613] should_fail.cold+0x5/0xa [ 1800.788189] ? create_object.isra.0+0x3a/0xa20 [ 1800.788885] should_failslab+0x5/0x10 [ 1800.789500] kmem_cache_alloc+0x5b/0x480 [ 1800.790125] create_object.isra.0+0x3a/0xa20 [ 1800.790797] ? kasan_unpoison+0x23/0x50 [ 1800.791403] __kmalloc+0x25b/0x440 [ 1800.791961] memcg_list_lru_alloc+0x23f/0xb10 [ 1800.792639] ? lock_is_held_type+0xd7/0x130 [ 1800.793322] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1800.793914] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1800.794433] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1800.794912] ? __d_alloc+0x31/0x990 [ 1800.795299] ? mqueue_get_tree+0x130/0x130 [ 1800.795746] __d_alloc+0x31/0x990 [ 1800.796109] ? mqueue_get_inode+0x27f/0xe20 [ 1800.796569] ? mqueue_get_tree+0x130/0x130 [ 1800.797020] d_make_root+0x45/0x110 [ 1800.797410] mqueue_fill_super+0x137/0x200 [ 1800.797859] get_tree_nodev+0xce/0x1d0 [ 1800.798271] mqueue_get_tree+0xee/0x130 [ 1800.798701] vfs_get_tree+0x8e/0x2f0 [ 1800.799105] fc_mount+0x13/0xc0 [ 1800.799456] mq_init_ns+0x43e/0x630 [ 1800.799848] copy_ipcs+0x35e/0x5d0 [ 1800.800216] ? copy_utsname+0xa9/0x4a0 [ 1800.800636] create_new_namespaces+0x210/0xb30 [ 1800.801144] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1800.801662] ksys_unshare+0x445/0x8d0 [ 1800.802065] ? unshare_fd+0x1c0/0x1c0 [ 1800.802467] ? lock_is_held_type+0xd7/0x130 [ 1800.802932] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1800.803485] __x64_sys_unshare+0x2d/0x40 [ 1800.803923] do_syscall_64+0x3b/0x90 [ 1800.804333] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1800.804670] FAULT_INJECTION: forcing a failure. [ 1800.804670] name failslab, interval 1, probability 0, space 0, times 0 [ 1800.804880] RIP: 0033:0x7fdbeab6ab19 [ 1800.807481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1800.809416] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1800.810206] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1800.810960] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1800.811701] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.812452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1800.813215] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1800.813977] [ 1800.814221] CPU: 1 PID: 9015 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1800.815884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1800.818153] Call Trace: [ 1800.818659] [ 1800.819109] dump_stack_lvl+0x8b/0xb3 [ 1800.819886] should_fail.cold+0x5/0xa [ 1800.820660] ? create_object.isra.0+0x3a/0xa20 [ 1800.821595] should_failslab+0x5/0x10 [ 1800.822364] kmem_cache_alloc+0x5b/0x480 [ 1800.823200] create_object.isra.0+0x3a/0xa20 [ 1800.824107] ? kasan_unpoison+0x23/0x50 [ 1800.824913] __kmalloc+0x25b/0x440 [ 1800.825673] memcg_list_lru_alloc+0x23f/0xb10 [ 1800.826564] ? lock_is_held_type+0xd7/0x130 18:36:18 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 36) [ 1800.827474] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1800.828663] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1800.829628] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1800.830575] ? __d_alloc+0x31/0x990 [ 1800.831316] ? mqueue_get_tree+0x130/0x130 [ 1800.832154] __d_alloc+0x31/0x990 [ 1800.832860] ? mqueue_get_inode+0x27f/0xe20 [ 1800.833745] ? mqueue_get_tree+0x130/0x130 [ 1800.834584] d_make_root+0x45/0x110 [ 1800.835313] mqueue_fill_super+0x137/0x200 [ 1800.836163] get_tree_nodev+0xce/0x1d0 [ 1800.836955] mqueue_get_tree+0xee/0x130 [ 1800.837768] vfs_get_tree+0x8e/0x2f0 [ 1800.838518] fc_mount+0x13/0xc0 [ 1800.839181] mq_init_ns+0x43e/0x630 [ 1800.839909] copy_ipcs+0x35e/0x5d0 [ 1800.840614] ? copy_utsname+0xa9/0x4a0 [ 1800.841415] create_new_namespaces+0x210/0xb30 [ 1800.842349] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1800.843341] ksys_unshare+0x445/0x8d0 [ 1800.844111] ? unshare_fd+0x1c0/0x1c0 [ 1800.844888] ? lock_is_held_type+0xd7/0x130 [ 1800.845788] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1800.846822] __x64_sys_unshare+0x2d/0x40 [ 1800.847646] do_syscall_64+0x3b/0x90 [ 1800.848395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1800.849446] RIP: 0033:0x7f4b4ea85b19 [ 1800.850184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1800.853850] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1800.855357] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1800.856763] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1800.858198] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.859607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1800.861018] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1800.862458] 18:36:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1800.896765] FAULT_INJECTION: forcing a failure. [ 1800.896765] name failslab, interval 1, probability 0, space 0, times 0 [ 1800.899510] CPU: 1 PID: 9020 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1800.901452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1800.904115] Call Trace: [ 1800.904719] [ 1800.905275] dump_stack_lvl+0x8b/0xb3 [ 1800.906122] should_fail.cold+0x5/0xa [ 1800.906903] ? memcg_list_lru_alloc+0x514/0xb10 [ 1800.907833] should_failslab+0x5/0x10 [ 1800.908609] __kmalloc+0x72/0x440 [ 1800.909332] memcg_list_lru_alloc+0x514/0xb10 [ 1800.910240] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1800.911234] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1800.912185] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1800.913098] ? __d_alloc+0x31/0x990 [ 1800.913835] ? mqueue_get_tree+0x130/0x130 [ 1800.914680] __d_alloc+0x31/0x990 [ 1800.915374] ? mqueue_get_inode+0x27f/0xe20 [ 1800.916254] ? mqueue_get_tree+0x130/0x130 [ 1800.917122] d_make_root+0x45/0x110 [ 1800.917857] mqueue_fill_super+0x137/0x200 [ 1800.918709] get_tree_nodev+0xce/0x1d0 [ 1800.919501] mqueue_get_tree+0xee/0x130 [ 1800.920304] vfs_get_tree+0x8e/0x2f0 [ 1800.921054] fc_mount+0x13/0xc0 [ 1800.921729] mq_init_ns+0x43e/0x630 18:36:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2b2, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1800.922461] copy_ipcs+0x35e/0x5d0 [ 1800.923307] ? copy_utsname+0xa9/0x4a0 18:36:18 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1800.924105] create_new_namespaces+0x210/0xb30 [ 1800.925120] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1800.926110] ksys_unshare+0x445/0x8d0 [ 1800.926884] ? unshare_fd+0x1c0/0x1c0 [ 1800.927651] ? lock_is_held_type+0xd7/0x130 [ 1800.928533] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1800.929576] __x64_sys_unshare+0x2d/0x40 [ 1800.930399] do_syscall_64+0x3b/0x90 [ 1800.931145] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1800.932177] RIP: 0033:0x7fdbeab6ab19 [ 1800.932909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1800.936602] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1800.938124] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1800.939538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1800.940954] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.942358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1800.943768] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1800.945223] [ 1800.955617] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:36:18 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:36:34 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x7400, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 37) 18:36:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 36) 18:36:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf0}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1816.898990] FAULT_INJECTION: forcing a failure. [ 1816.898990] name failslab, interval 1, probability 0, space 0, times 0 [ 1816.901317] CPU: 1 PID: 9043 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1816.902973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1816.905221] Call Trace: [ 1816.905735] [ 1816.906177] dump_stack_lvl+0x8b/0xb3 [ 1816.906946] should_fail.cold+0x5/0xa [ 1816.907709] ? memcg_list_lru_alloc+0x514/0xb10 18:36:34 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) 18:36:34 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) [ 1816.908648] should_failslab+0x5/0x10 [ 1816.909634] __kmalloc+0x72/0x440 [ 1816.910363] memcg_list_lru_alloc+0x514/0xb10 [ 1816.911263] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1816.912256] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1816.913203] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1816.914113] ? __d_alloc+0x31/0x990 [ 1816.914847] ? mqueue_get_tree+0x130/0x130 [ 1816.915688] __d_alloc+0x31/0x990 [ 1816.916379] ? mqueue_get_inode+0x27f/0xe20 [ 1816.917252] ? mqueue_get_tree+0x130/0x130 [ 1816.918110] d_make_root+0x45/0x110 [ 1816.918840] mqueue_fill_super+0x137/0x200 [ 1816.919680] get_tree_nodev+0xce/0x1d0 [ 1816.920442] FAULT_INJECTION: forcing a failure. [ 1816.920442] name failslab, interval 1, probability 0, space 0, times 0 [ 1816.920468] mqueue_get_tree+0xee/0x130 [ 1816.923026] vfs_get_tree+0x8e/0x2f0 [ 1816.923774] fc_mount+0x13/0xc0 [ 1816.924431] mq_init_ns+0x43e/0x630 [ 1816.925159] copy_ipcs+0x35e/0x5d0 [ 1816.925878] ? copy_utsname+0xa9/0x4a0 [ 1816.926672] create_new_namespaces+0x210/0xb30 [ 1816.927609] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1816.928593] ksys_unshare+0x445/0x8d0 [ 1816.929368] ? unshare_fd+0x1c0/0x1c0 [ 1816.930134] ? lock_is_held_type+0xd7/0x130 [ 1816.931019] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1816.932046] __x64_sys_unshare+0x2d/0x40 [ 1816.932862] do_syscall_64+0x3b/0x90 [ 1816.933619] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1816.934657] RIP: 0033:0x7f4b4ea85b19 [ 1816.935409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1816.939060] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1816.940561] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1816.941975] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1816.943385] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1816.944791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1816.946215] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1816.947646] [ 1816.948104] CPU: 0 PID: 9045 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1816.949407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1816.951149] Call Trace: [ 1816.951551] [ 1816.951896] dump_stack_lvl+0x8b/0xb3 [ 1816.952492] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1816.952500] should_fail.cold+0x5/0xa [ 1816.954777] ? create_object.isra.0+0x3a/0xa20 [ 1816.955484] should_failslab+0x5/0x10 [ 1816.956078] kmem_cache_alloc+0x5b/0x480 [ 1816.956718] create_object.isra.0+0x3a/0xa20 [ 1816.957413] ? kasan_unpoison+0x23/0x50 [ 1816.958031] __kmalloc+0x25b/0x440 [ 1816.958589] memcg_list_lru_alloc+0x514/0xb10 [ 1816.959284] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1816.960072] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1816.960799] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1816.961503] ? __d_alloc+0x31/0x990 [ 1816.962064] ? mqueue_get_tree+0x130/0x130 [ 1816.962719] __d_alloc+0x31/0x990 [ 1816.963255] ? mqueue_get_inode+0x27f/0xe20 [ 1816.963932] ? mqueue_get_tree+0x130/0x130 [ 1816.964569] d_make_root+0x45/0x110 [ 1816.965123] mqueue_fill_super+0x137/0x200 [ 1816.965788] get_tree_nodev+0xce/0x1d0 [ 1816.966436] mqueue_get_tree+0xee/0x130 [ 1816.967086] vfs_get_tree+0x8e/0x2f0 [ 1816.967716] fc_mount+0x13/0xc0 [ 1816.968244] mq_init_ns+0x43e/0x630 [ 1816.968856] copy_ipcs+0x35e/0x5d0 [ 1816.969433] ? copy_utsname+0xa9/0x4a0 [ 1816.970055] create_new_namespaces+0x210/0xb30 [ 1816.970788] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1816.971568] ksys_unshare+0x445/0x8d0 [ 1816.972175] ? unshare_fd+0x1c0/0x1c0 [ 1816.972787] ? lock_is_held_type+0xd7/0x130 [ 1816.973493] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1816.974296] __x64_sys_unshare+0x2d/0x40 [ 1816.974905] do_syscall_64+0x3b/0x90 [ 1816.975476] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1816.976285] RIP: 0033:0x7fdbeab6ab19 [ 1816.976848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1816.979671] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1816.980885] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1816.981975] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1816.983080] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1816.984229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1816.985371] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1816.986520] 18:36:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x147}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x900, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x7a00, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x300}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 38) [ 1817.095751] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:36:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf00, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:34 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 37) 18:36:34 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x8401, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1817.162129] FAULT_INJECTION: forcing a failure. [ 1817.162129] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.164376] CPU: 1 PID: 9058 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1817.165997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1817.168205] Call Trace: [ 1817.168705] [ 1817.169142] dump_stack_lvl+0x8b/0xb3 [ 1817.169913] should_fail.cold+0x5/0xa [ 1817.170672] should_failslab+0x5/0x10 [ 1817.171432] kmem_cache_alloc_lru+0x60/0x7c0 [ 1817.172310] ? xas_alloc+0x35d/0x480 [ 1817.173039] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1817.174085] ? ksys_unshare+0x445/0x8d0 [ 1817.174889] xas_alloc+0x35d/0x480 [ 1817.175590] xas_create+0x35b/0x1030 [ 1817.176330] ? lock_acquire+0x1b2/0x530 [ 1817.177134] xas_store+0x90/0x1c40 [ 1817.177850] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1817.178938] ? xas_start+0x156/0x520 [ 1817.179676] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1817.180763] ? xas_load+0x66/0x2c0 [ 1817.181483] memcg_list_lru_alloc+0x3c7/0xb10 [ 1817.181965] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1817.182372] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1817.184447] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1817.185392] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1817.186296] ? __d_alloc+0x31/0x990 [ 1817.187024] ? mqueue_get_tree+0x130/0x130 [ 1817.187873] __d_alloc+0x31/0x990 [ 1817.188558] ? mqueue_get_inode+0x27f/0xe20 [ 1817.189470] ? mqueue_get_tree+0x130/0x130 [ 1817.190306] d_make_root+0x45/0x110 [ 1817.191031] mqueue_fill_super+0x137/0x200 [ 1817.191867] get_tree_nodev+0xce/0x1d0 [ 1817.192658] mqueue_get_tree+0xee/0x130 [ 1817.193462] vfs_get_tree+0x8e/0x2f0 [ 1817.194207] fc_mount+0x13/0xc0 [ 1817.194868] mq_init_ns+0x43e/0x630 [ 1817.195594] copy_ipcs+0x35e/0x5d0 [ 1817.196304] ? copy_utsname+0xa9/0x4a0 [ 1817.197101] create_new_namespaces+0x210/0xb30 [ 1817.198036] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1817.199011] ksys_unshare+0x445/0x8d0 [ 1817.199771] ? unshare_fd+0x1c0/0x1c0 [ 1817.200527] ? lock_is_held_type+0xd7/0x130 [ 1817.201427] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1817.202441] __x64_sys_unshare+0x2d/0x40 [ 1817.203249] do_syscall_64+0x3b/0x90 [ 1817.203990] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1817.205013] RIP: 0033:0x7fdbeab6ab19 [ 1817.205742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1817.209315] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1817.210822] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1817.212216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1817.213612] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1817.214998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1817.216381] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1817.217813] [ 1817.231051] FAULT_INJECTION: forcing a failure. [ 1817.231051] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.233360] CPU: 1 PID: 9065 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1817.234978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1817.237208] Call Trace: [ 1817.237722] [ 1817.238162] dump_stack_lvl+0x8b/0xb3 [ 1817.238928] should_fail.cold+0x5/0xa [ 1817.239689] ? create_object.isra.0+0x3a/0xa20 [ 1817.240605] should_failslab+0x5/0x10 [ 1817.241384] kmem_cache_alloc+0x5b/0x480 [ 1817.242211] create_object.isra.0+0x3a/0xa20 [ 1817.243087] ? kasan_unpoison+0x23/0x50 [ 1817.243885] __kmalloc+0x25b/0x440 [ 1817.244613] memcg_list_lru_alloc+0x514/0xb10 [ 1817.245524] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1817.246511] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1817.247454] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1817.248358] ? __d_alloc+0x31/0x990 [ 1817.249101] ? mqueue_get_tree+0x130/0x130 [ 1817.249954] __d_alloc+0x31/0x990 [ 1817.250647] ? mqueue_get_inode+0x27f/0xe20 [ 1817.251525] ? mqueue_get_tree+0x130/0x130 [ 1817.252366] d_make_root+0x45/0x110 [ 1817.253095] mqueue_fill_super+0x137/0x200 [ 1817.253950] get_tree_nodev+0xce/0x1d0 [ 1817.254736] mqueue_get_tree+0xee/0x130 [ 1817.255528] vfs_get_tree+0x8e/0x2f0 [ 1817.256281] fc_mount+0x13/0xc0 [ 1817.256943] mq_init_ns+0x43e/0x630 [ 1817.257688] copy_ipcs+0x35e/0x5d0 [ 1817.258392] ? copy_utsname+0xa9/0x4a0 [ 1817.259181] create_new_namespaces+0x210/0xb30 [ 1817.260113] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1817.261114] ksys_unshare+0x445/0x8d0 [ 1817.261902] ? unshare_fd+0x1c0/0x1c0 [ 1817.262681] ? lock_is_held_type+0xd7/0x130 [ 1817.263593] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1817.264635] __x64_sys_unshare+0x2d/0x40 [ 1817.265472] do_syscall_64+0x3b/0x90 [ 1817.266234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1817.267283] RIP: 0033:0x7f4b4ea85b19 [ 1817.268030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1817.271734] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1817.273255] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1817.274685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1817.276111] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1817.277547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1817.278962] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1817.280402] 18:36:52 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 38) 18:36:52 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{}], 0x1, &(0x7f0000000180)) 18:36:52 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x900}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:52 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) 18:36:52 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xa40e, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:52 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 39) 18:36:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:52 executing program 2: semtimedop(0x0, 0x0, 0x0, 0x0) [ 1834.655471] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1834.662978] FAULT_INJECTION: forcing a failure. [ 1834.662978] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.664453] CPU: 1 PID: 9076 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1834.665530] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1834.667004] Call Trace: [ 1834.667340] [ 1834.667628] dump_stack_lvl+0x8b/0xb3 [ 1834.668134] should_fail.cold+0x5/0xa [ 1834.668640] should_failslab+0x5/0x10 [ 1834.669138] kmem_cache_alloc_lru+0x60/0x7c0 [ 1834.669723] ? xas_alloc+0x35d/0x480 [ 1834.670206] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1834.670893] ? ksys_unshare+0x445/0x8d0 [ 1834.671402] xas_alloc+0x35d/0x480 [ 1834.671856] xas_create+0x35b/0x1030 [ 1834.672346] ? lock_acquire+0x1b2/0x530 [ 1834.672880] xas_store+0x90/0x1c40 [ 1834.673337] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1834.674046] ? xas_start+0x156/0x520 [ 1834.674506] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1834.675228] ? xas_load+0x66/0x2c0 [ 1834.675695] memcg_list_lru_alloc+0x3c7/0xb10 [ 1834.676281] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1834.676936] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1834.677563] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1834.678137] ? __d_alloc+0x31/0x990 [ 1834.678618] ? mqueue_get_tree+0x130/0x130 [ 1834.679158] __d_alloc+0x31/0x990 [ 1834.679616] ? mqueue_get_inode+0x27f/0xe20 [ 1834.680185] ? mqueue_get_tree+0x130/0x130 [ 1834.680734] d_make_root+0x45/0x110 [ 1834.681201] mqueue_fill_super+0x137/0x200 [ 1834.681630] FAULT_INJECTION: forcing a failure. [ 1834.681630] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.681768] get_tree_nodev+0xce/0x1d0 [ 1834.684507] mqueue_get_tree+0xee/0x130 [ 1834.685023] vfs_get_tree+0x8e/0x2f0 [ 1834.685520] fc_mount+0x13/0xc0 [ 1834.685959] mq_init_ns+0x43e/0x630 [ 1834.686438] copy_ipcs+0x35e/0x5d0 [ 1834.686897] ? copy_utsname+0xa9/0x4a0 [ 1834.687419] create_new_namespaces+0x210/0xb30 [ 1834.688025] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1834.688654] ksys_unshare+0x445/0x8d0 [ 1834.689157] ? unshare_fd+0x1c0/0x1c0 [ 1834.689660] ? lock_is_held_type+0xd7/0x130 [ 1834.690236] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.690903] __x64_sys_unshare+0x2d/0x40 [ 1834.691422] do_syscall_64+0x3b/0x90 [ 1834.691922] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1834.692602] RIP: 0033:0x7f4b4ea85b19 [ 1834.693075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.695444] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1834.696412] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1834.697330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1834.698262] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1834.699170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.700097] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1834.701025] [ 1834.701324] CPU: 0 PID: 9082 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1834.703040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1834.705333] Call Trace: [ 1834.705895] [ 1834.706342] dump_stack_lvl+0x8b/0xb3 [ 1834.707137] should_fail.cold+0x5/0xa [ 1834.707945] ? create_object.isra.0+0x3a/0xa20 [ 1834.708880] should_failslab+0x5/0x10 [ 1834.709682] kmem_cache_alloc+0x5b/0x480 [ 1834.710543] create_object.isra.0+0x3a/0xa20 [ 1834.711454] ? kasan_unpoison+0x23/0x50 [ 1834.712262] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1834.713192] ? xas_alloc+0x35d/0x480 [ 1834.713980] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1834.715077] xas_alloc+0x35d/0x480 [ 1834.715825] xas_create+0x35b/0x1030 [ 1834.716579] ? lock_acquire+0x1b2/0x530 [ 1834.717431] xas_store+0x90/0x1c40 [ 1834.718188] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1834.719310] ? xas_start+0x156/0x520 [ 1834.720046] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1834.721156] ? xas_load+0x66/0x2c0 [ 1834.721900] memcg_list_lru_alloc+0x3c7/0xb10 [ 1834.722825] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1834.723834] ? kmem_cache_alloc_lru+0xe8/0x7c0 18:36:52 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 39) [ 1834.724805] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1834.725870] ? __d_alloc+0x31/0x990 [ 1834.726615] ? mqueue_get_tree+0x130/0x130 [ 1834.727488] __d_alloc+0x31/0x990 [ 1834.728220] ? mqueue_get_inode+0x27f/0xe20 [ 1834.729104] ? mqueue_get_tree+0x130/0x130 [ 1834.730005] d_make_root+0x45/0x110 [ 1834.730770] mqueue_fill_super+0x137/0x200 [ 1834.731643] get_tree_nodev+0xce/0x1d0 [ 1834.732433] mqueue_get_tree+0xee/0x130 [ 1834.733257] vfs_get_tree+0x8e/0x2f0 [ 1834.734047] fc_mount+0x13/0xc0 [ 1834.734725] mq_init_ns+0x43e/0x630 [ 1834.735489] copy_ipcs+0x35e/0x5d0 [ 1834.736234] ? copy_utsname+0xa9/0x4a0 [ 1834.737061] create_new_namespaces+0x210/0xb30 [ 1834.738013] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1834.739045] ksys_unshare+0x445/0x8d0 [ 1834.740009] ? unshare_fd+0x1c0/0x1c0 [ 1834.741011] ? lock_is_held_type+0xd7/0x130 [ 1834.742178] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.743546] __x64_sys_unshare+0x2d/0x40 [ 1834.744513] do_syscall_64+0x3b/0x90 [ 1834.745377] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1834.746569] RIP: 0033:0x7fdbeab6ab19 [ 1834.747399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.751258] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1834.752822] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1834.754319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1834.755784] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1834.755808] FAULT_INJECTION: forcing a failure. [ 1834.755808] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.757253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.760103] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1834.761726] [ 1834.762290] CPU: 1 PID: 9087 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1834.763390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1834.764765] Call Trace: 18:36:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xb202, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1834.765076] [ 1834.765597] dump_stack_lvl+0x8b/0xb3 [ 1834.766114] should_fail.cold+0x5/0xa [ 1834.766579] ? create_object.isra.0+0x3a/0xa20 [ 1834.767137] should_failslab+0x5/0x10 [ 1834.767611] kmem_cache_alloc+0x5b/0x480 [ 1834.768120] create_object.isra.0+0x3a/0xa20 [ 1834.768664] ? kasan_unpoison+0x23/0x50 [ 1834.769159] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1834.769730] ? xas_alloc+0x35d/0x480 [ 1834.770179] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 1834.770799] xas_alloc+0x35d/0x480 [ 1834.771235] xas_create+0x35b/0x1030 [ 1834.771696] ? lock_acquire+0x1b2/0x530 [ 1834.772201] xas_store+0x90/0x1c40 [ 1834.772641] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1834.773321] ? xas_start+0x156/0x520 [ 1834.773782] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1834.774465] ? xas_load+0x66/0x2c0 [ 1834.774903] memcg_list_lru_alloc+0x3c7/0xb10 [ 1834.775453] ? memcg_reparent_list_lrus+0x8a0/0x8a0 [ 1834.776026] ? kmem_cache_alloc_lru+0xe8/0x7c0 [ 1834.776611] kmem_cache_alloc_lru+0x10e/0x7c0 [ 1834.777168] ? __d_alloc+0x31/0x990 [ 1834.777641] ? mqueue_get_tree+0x130/0x130 [ 1834.778153] __d_alloc+0x31/0x990 [ 1834.778574] ? mqueue_get_inode+0x27f/0xe20 [ 1834.779106] ? mqueue_get_tree+0x130/0x130 [ 1834.779621] d_make_root+0x45/0x110 [ 1834.780069] mqueue_fill_super+0x137/0x200 [ 1834.780580] get_tree_nodev+0xce/0x1d0 [ 1834.781036] mqueue_get_tree+0xee/0x130 [ 1834.781526] vfs_get_tree+0x8e/0x2f0 [ 1834.782002] fc_mount+0x13/0xc0 [ 1834.782397] mq_init_ns+0x43e/0x630 [ 1834.782826] copy_ipcs+0x35e/0x5d0 [ 1834.783246] ? copy_utsname+0xa9/0x4a0 [ 1834.783712] create_new_namespaces+0x210/0xb30 [ 1834.784250] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1834.784823] ksys_unshare+0x445/0x8d0 [ 1834.785273] ? unshare_fd+0x1c0/0x1c0 [ 1834.785722] ? lock_is_held_type+0xd7/0x130 [ 1834.786248] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.786843] __x64_sys_unshare+0x2d/0x40 [ 1834.787318] do_syscall_64+0x3b/0x90 [ 1834.787758] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1834.788360] RIP: 0033:0x7f4b4ea85b19 [ 1834.788785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.790903] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1834.791774] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1834.792588] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1834.793461] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1834.794320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.795143] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1834.795974] 18:36:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:52 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:52 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 40) 18:36:52 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf00}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:36:52 executing program 2: semtimedop(0x0, 0x0, 0x0, 0x0) 18:36:52 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 40) [ 1834.920927] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:36:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x80000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1834.949801] FAULT_INJECTION: forcing a failure. [ 1834.949801] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.952088] CPU: 0 PID: 9102 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1834.953718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1834.955947] Call Trace: [ 1834.956452] [ 1834.956892] dump_stack_lvl+0x8b/0xb3 [ 1834.957685] should_fail.cold+0x5/0xa [ 1834.958445] ? create_object.isra.0+0x3a/0xa20 [ 1834.959362] should_failslab+0x5/0x10 [ 1834.960133] kmem_cache_alloc+0x5b/0x480 [ 1834.960969] create_object.isra.0+0x3a/0xa20 [ 1834.961853] ? kasan_unpoison+0x23/0x50 [ 1834.962652] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1834.963551] ? __d_alloc+0x31/0x990 [ 1834.964278] ? mqueue_get_tree+0x130/0x130 [ 1834.965109] __d_alloc+0x31/0x990 [ 1834.965818] ? mqueue_get_inode+0x27f/0xe20 [ 1834.966692] ? mqueue_get_tree+0x130/0x130 [ 1834.967526] d_make_root+0x45/0x110 [ 1834.968250] mqueue_fill_super+0x137/0x200 [ 1834.969089] get_tree_nodev+0xce/0x1d0 [ 1834.969881] mqueue_get_tree+0xee/0x130 [ 1834.970668] vfs_get_tree+0x8e/0x2f0 [ 1834.971418] fc_mount+0x13/0xc0 [ 1834.972073] mq_init_ns+0x43e/0x630 [ 1834.972801] copy_ipcs+0x35e/0x5d0 [ 1834.973502] ? copy_utsname+0xa9/0x4a0 [ 1834.974318] create_new_namespaces+0x210/0xb30 [ 1834.975248] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1834.976241] ksys_unshare+0x445/0x8d0 [ 1834.977010] ? unshare_fd+0x1c0/0x1c0 [ 1834.977795] ? lock_is_held_type+0xd7/0x130 [ 1834.978688] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.979723] __x64_sys_unshare+0x2d/0x40 [ 1834.980542] do_syscall_64+0x3b/0x90 [ 1834.981301] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1834.982346] RIP: 0033:0x7f4b4ea85b19 [ 1834.983080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.986642] FAULT_INJECTION: forcing a failure. [ 1834.986642] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.986716] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1834.989419] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1834.990835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1834.992235] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1834.993657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.995061] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1834.996493] [ 1834.996951] CPU: 1 PID: 9105 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1834.997883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1834.999090] Call Trace: [ 1834.999383] [ 1834.999629] dump_stack_lvl+0x8b/0xb3 [ 1835.000063] should_fail.cold+0x5/0xa [ 1835.000488] ? create_object.isra.0+0x3a/0xa20 [ 1835.000997] should_failslab+0x5/0x10 [ 1835.001420] kmem_cache_alloc+0x5b/0x480 [ 1835.001891] create_object.isra.0+0x3a/0xa20 [ 1835.002379] ? kasan_unpoison+0x23/0x50 [ 1835.002821] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 1835.003325] ? __d_alloc+0x31/0x990 [ 1835.003730] ? mqueue_get_tree+0x130/0x130 [ 1835.004193] __d_alloc+0x31/0x990 [ 1835.004566] ? mqueue_get_inode+0x27f/0xe20 [ 1835.005050] ? mqueue_get_tree+0x130/0x130 [ 1835.005512] d_make_root+0x45/0x110 [ 1835.005932] mqueue_fill_super+0x137/0x200 [ 1835.006401] get_tree_nodev+0xce/0x1d0 [ 1835.006840] mqueue_get_tree+0xee/0x130 [ 1835.007268] vfs_get_tree+0x8e/0x2f0 [ 1835.007677] fc_mount+0x13/0xc0 [ 1835.008040] mq_init_ns+0x43e/0x630 [ 1835.008449] copy_ipcs+0x35e/0x5d0 [ 1835.008838] ? copy_utsname+0xa9/0x4a0 [ 1835.009281] create_new_namespaces+0x210/0xb30 [ 1835.009808] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1835.010360] ksys_unshare+0x445/0x8d0 [ 1835.010787] ? unshare_fd+0x1c0/0x1c0 [ 1835.011208] ? lock_is_held_type+0xd7/0x130 [ 1835.011704] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1835.012257] __x64_sys_unshare+0x2d/0x40 [ 1835.012712] do_syscall_64+0x3b/0x90 [ 1835.013128] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1835.013707] RIP: 0033:0x7fdbeab6ab19 [ 1835.014109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1835.016105] RSP: 002b:00007fdbe80bf188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1835.016932] RAX: ffffffffffffffda RBX: 00007fdbeac7e020 RCX: 00007fdbeab6ab19 [ 1835.017732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1835.018513] RBP: 00007fdbe80bf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1835.019287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1835.020060] R13: 00007ffe00df362f R14: 00007fdbe80bf300 R15: 0000000000022000 [ 1835.020849] 18:37:06 executing program 2: semtimedop(0x0, 0x0, 0x0, 0x0) 18:37:06 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x2000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:06 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{}], 0x1, &(0x7f0000000180)) 18:37:06 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) 18:37:06 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x34000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:06 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 41) 18:37:06 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 41) [ 1848.350647] FAULT_INJECTION: forcing a failure. [ 1848.350647] name failslab, interval 1, probability 0, space 0, times 0 [ 1848.351929] CPU: 1 PID: 9117 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1848.352839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1848.354090] Call Trace: [ 1848.354371] [ 1848.354615] dump_stack_lvl+0x8b/0xb3 [ 1848.355049] should_fail.cold+0x5/0xa [ 1848.355477] ? alloc_vfsmnt+0x23/0x6b0 [ 1848.355909] should_failslab+0x5/0x10 [ 1848.356338] kmem_cache_alloc+0x5b/0x480 [ 1848.356794] alloc_vfsmnt+0x23/0x6b0 [ 1848.357217] vfs_create_mount+0x8b/0x5d0 [ 1848.357669] fc_mount+0x98/0xc0 [ 1848.358040] mq_init_ns+0x43e/0x630 [ 1848.358451] copy_ipcs+0x35e/0x5d0 [ 1848.358839] ? copy_utsname+0xa9/0x4a0 [ 1848.359283] create_new_namespaces+0x210/0xb30 [ 1848.359795] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1848.360346] ksys_unshare+0x445/0x8d0 [ 1848.360768] ? unshare_fd+0x1c0/0x1c0 [ 1848.361187] ? lock_is_held_type+0xd7/0x130 [ 1848.361677] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1848.362253] __x64_sys_unshare+0x2d/0x40 [ 1848.362703] do_syscall_64+0x3b/0x90 [ 1848.363109] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1848.363680] RIP: 0033:0x7f4b4ea85b19 [ 1848.364085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1848.366131] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1848.366967] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1848.367745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1848.368527] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1848.369318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1848.370101] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1848.370896] [ 1848.391212] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:37:06 executing program 2: semtimedop(0x0, &(0x7f0000000080), 0x0, 0x0) [ 1848.396592] FAULT_INJECTION: forcing a failure. [ 1848.396592] name failslab, interval 1, probability 0, space 0, times 0 [ 1848.397957] CPU: 1 PID: 9124 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1848.398869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1848.400121] Call Trace: [ 1848.400406] [ 1848.400647] dump_stack_lvl+0x8b/0xb3 [ 1848.401073] should_fail.cold+0x5/0xa [ 1848.401498] ? alloc_vfsmnt+0x23/0x6b0 [ 1848.401941] should_failslab+0x5/0x10 [ 1848.402366] kmem_cache_alloc+0x5b/0x480 [ 1848.402829] alloc_vfsmnt+0x23/0x6b0 [ 1848.403238] vfs_create_mount+0x8b/0x5d0 [ 1848.403697] fc_mount+0x98/0xc0 [ 1848.404059] mq_init_ns+0x43e/0x630 [ 1848.404465] copy_ipcs+0x35e/0x5d0 [ 1848.404850] ? copy_utsname+0xa9/0x4a0 [ 1848.405287] create_new_namespaces+0x210/0xb30 [ 1848.405806] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1848.406356] ksys_unshare+0x445/0x8d0 [ 1848.406788] ? unshare_fd+0x1c0/0x1c0 [ 1848.407212] ? lock_is_held_type+0xd7/0x130 [ 1848.407702] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1848.408276] __x64_sys_unshare+0x2d/0x40 [ 1848.408729] do_syscall_64+0x3b/0x90 [ 1848.409141] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1848.409707] RIP: 0033:0x7fdbeab6ab19 [ 1848.410133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1848.412180] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1848.413021] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1848.413816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1848.414605] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1848.415308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1848.416092] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1848.416893] 18:37:06 executing program 2: semtimedop(0x0, &(0x7f0000000080), 0x0, 0x0) 18:37:06 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 42) 18:37:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x1000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:06 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x234e}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:06 executing program 2: semtimedop(0x0, &(0x7f0000000080), 0x0, 0x0) 18:37:06 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x80000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1848.560651] FAULT_INJECTION: forcing a failure. [ 1848.560651] name failslab, interval 1, probability 0, space 0, times 0 [ 1848.561903] CPU: 1 PID: 9139 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1848.562763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1848.563934] Call Trace: [ 1848.564204] [ 1848.564429] dump_stack_lvl+0x8b/0xb3 [ 1848.564847] should_fail.cold+0x5/0xa [ 1848.565244] ? create_object.isra.0+0x3a/0xa20 [ 1848.565732] should_failslab+0x5/0x10 [ 1848.566141] kmem_cache_alloc+0x5b/0x480 [ 1848.566577] create_object.isra.0+0x3a/0xa20 [ 1848.567040] ? kasan_unpoison+0x23/0x50 [ 1848.567458] kmem_cache_alloc+0x239/0x480 [ 1848.567904] alloc_vfsmnt+0x23/0x6b0 [ 1848.568294] vfs_create_mount+0x8b/0x5d0 [ 1848.568697] fc_mount+0x98/0xc0 [ 1848.569042] mq_init_ns+0x43e/0x630 [ 1848.569434] copy_ipcs+0x35e/0x5d0 [ 1848.569799] ? copy_utsname+0xa9/0x4a0 [ 1848.570233] create_new_namespaces+0x210/0xb30 [ 1848.570736] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1848.571281] ksys_unshare+0x445/0x8d0 [ 1848.571714] ? unshare_fd+0x1c0/0x1c0 [ 1848.572133] ? lock_is_held_type+0xd7/0x130 [ 1848.572624] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1848.573204] __x64_sys_unshare+0x2d/0x40 [ 1848.573612] do_syscall_64+0x3b/0x90 [ 1848.574040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1848.574616] RIP: 0033:0x7f4b4ea85b19 [ 1848.575021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1848.577014] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1848.577860] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1848.578551] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1848.579334] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1848.580115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1848.580882] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1848.581673] [ 1848.593712] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:37:06 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x4701}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x3000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{}], 0x1, &(0x7f0000000180)) 18:37:22 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) 18:37:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 42) 18:37:22 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 43) 18:37:22 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x400300, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x4e23}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1864.691588] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1864.700066] FAULT_INJECTION: forcing a failure. [ 1864.700066] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.702397] CPU: 1 PID: 9158 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1864.704038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1864.706308] Call Trace: [ 1864.706819] [ 1864.707269] dump_stack_lvl+0x8b/0xb3 [ 1864.708047] should_fail.cold+0x5/0xa [ 1864.708829] ? create_object.isra.0+0x3a/0xa20 [ 1864.709757] should_failslab+0x5/0x10 [ 1864.710531] kmem_cache_alloc+0x5b/0x480 [ 1864.711369] create_object.isra.0+0x3a/0xa20 [ 1864.711971] FAULT_INJECTION: forcing a failure. [ 1864.711971] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.712255] ? kasan_unpoison+0x23/0x50 [ 1864.712291] kmem_cache_alloc+0x239/0x480 [ 1864.716653] alloc_vfsmnt+0x23/0x6b0 [ 1864.717400] vfs_create_mount+0x8b/0x5d0 [ 1864.718218] fc_mount+0x98/0xc0 [ 1864.718878] mq_init_ns+0x43e/0x630 [ 1864.719620] copy_ipcs+0x35e/0x5d0 [ 1864.720318] ? copy_utsname+0xa9/0x4a0 [ 1864.721118] create_new_namespaces+0x210/0xb30 [ 1864.722057] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1864.723058] ksys_unshare+0x445/0x8d0 [ 1864.723838] ? unshare_fd+0x1c0/0x1c0 [ 1864.724606] ? lock_is_held_type+0xd7/0x130 [ 1864.725496] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1864.726554] __x64_sys_unshare+0x2d/0x40 [ 1864.727380] do_syscall_64+0x3b/0x90 [ 1864.728131] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1864.729178] RIP: 0033:0x7fdbeab6ab19 [ 1864.729922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.733627] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1864.735158] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1864.736589] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1864.738035] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1864.739463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.740889] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1864.742344] [ 1864.742811] CPU: 0 PID: 9163 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1864.744494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1864.746775] Call Trace: [ 1864.747290] [ 1864.747755] dump_stack_lvl+0x8b/0xb3 [ 1864.748545] should_fail.cold+0x5/0xa [ 1864.749311] ? create_object.isra.0+0x3a/0xa20 [ 1864.750268] should_failslab+0x5/0x10 [ 1864.751182] kmem_cache_alloc+0x5b/0x480 [ 1864.752030] create_object.isra.0+0x3a/0xa20 [ 1864.752937] kmemleak_alloc_percpu+0xa0/0x100 [ 1864.753850] pcpu_alloc+0x7bf/0x1060 [ 1864.754660] alloc_vfsmnt+0xfd/0x6b0 [ 1864.755422] vfs_create_mount+0x8b/0x5d0 [ 1864.756247] fc_mount+0x98/0xc0 [ 1864.756920] mq_init_ns+0x43e/0x630 [ 1864.757664] copy_ipcs+0x35e/0x5d0 [ 1864.758384] ? copy_utsname+0xa9/0x4a0 [ 1864.759207] create_new_namespaces+0x210/0xb30 [ 1864.760149] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1864.761157] ksys_unshare+0x445/0x8d0 [ 1864.761938] ? unshare_fd+0x1c0/0x1c0 [ 1864.762739] ? lock_is_held_type+0xd7/0x130 [ 1864.763646] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1864.764697] __x64_sys_unshare+0x2d/0x40 [ 1864.765527] do_syscall_64+0x3b/0x90 [ 1864.766284] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1864.767330] RIP: 0033:0x7f4b4ea85b19 [ 1864.768076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.771785] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1864.773326] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1864.774786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1864.776214] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1864.777662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.779100] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1864.780565] 18:37:22 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xe0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1864.887694] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:37:22 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x80000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:22 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 43) [ 1865.039409] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1865.090200] FAULT_INJECTION: forcing a failure. [ 1865.090200] name failslab, interval 1, probability 0, space 0, times 0 [ 1865.092362] CPU: 1 PID: 9184 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1865.093892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1865.096015] Call Trace: [ 1865.096497] [ 1865.096917] dump_stack_lvl+0x8b/0xb3 [ 1865.097650] should_fail.cold+0x5/0xa [ 1865.098380] ? create_object.isra.0+0x3a/0xa20 [ 1865.099245] should_failslab+0x5/0x10 [ 1865.099972] kmem_cache_alloc+0x5b/0x480 [ 1865.100757] create_object.isra.0+0x3a/0xa20 [ 1865.101590] kmemleak_alloc_percpu+0xa0/0x100 [ 1865.102444] pcpu_alloc+0x7bf/0x1060 [ 1865.103157] alloc_vfsmnt+0xfd/0x6b0 [ 1865.103860] vfs_create_mount+0x8b/0x5d0 [ 1865.104618] fc_mount+0x98/0xc0 [ 1865.105267] mq_init_ns+0x43e/0x630 [ 1865.105966] copy_ipcs+0x35e/0x5d0 [ 1865.106691] ? copy_utsname+0xa9/0x4a0 [ 1865.107437] create_new_namespaces+0x210/0xb30 [ 1865.108320] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1865.109249] ksys_unshare+0x445/0x8d0 [ 1865.109981] ? unshare_fd+0x1c0/0x1c0 [ 1865.110701] ? lock_is_held_type+0xd7/0x130 [ 1865.111535] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1865.112501] __x64_sys_unshare+0x2d/0x40 [ 1865.113274] do_syscall_64+0x3b/0x90 [ 1865.113984] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1865.114963] RIP: 0033:0x7fdbeab6ab19 [ 1865.115655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1865.119109] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1865.120524] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1865.121862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1865.123189] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1865.124498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1865.125813] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1865.127167] 18:37:36 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x1000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:36 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 44) 18:37:36 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) 18:37:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:36 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x0, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:37:36 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:37:36 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xc9ffff}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:36 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 44) 18:37:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x20000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1879.086416] FAULT_INJECTION: forcing a failure. [ 1879.086416] name failslab, interval 1, probability 0, space 0, times 0 [ 1879.087756] CPU: 0 PID: 9200 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1879.088669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1879.088671] FAULT_INJECTION: forcing a failure. [ 1879.088671] name failslab, interval 1, probability 0, space 0, times 0 [ 1879.089916] Call Trace: [ 1879.089922] [ 1879.089928] dump_stack_lvl+0x8b/0xb3 [ 1879.089955] should_fail.cold+0x5/0xa [ 1879.093584] ? create_object.isra.0+0x3a/0xa20 [ 1879.094077] should_failslab+0x5/0x10 [ 1879.094553] kmem_cache_alloc+0x5b/0x480 [ 1879.095014] create_object.isra.0+0x3a/0xa20 [ 1879.095506] kmemleak_alloc_percpu+0xa0/0x100 [ 1879.096003] pcpu_alloc+0x7bf/0x1060 [ 1879.096434] alloc_vfsmnt+0xfd/0x6b0 [ 1879.096846] vfs_create_mount+0x8b/0x5d0 [ 1879.097307] fc_mount+0x98/0xc0 [ 1879.097672] mq_init_ns+0x43e/0x630 [ 1879.098087] copy_ipcs+0x35e/0x5d0 [ 1879.098467] ? copy_utsname+0xa9/0x4a0 [ 1879.098910] create_new_namespaces+0x210/0xb30 [ 1879.099421] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1879.099969] ksys_unshare+0x445/0x8d0 [ 1879.100399] ? unshare_fd+0x1c0/0x1c0 [ 1879.100823] ? lock_is_held_type+0xd7/0x130 [ 1879.101323] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1879.101892] __x64_sys_unshare+0x2d/0x40 [ 1879.102373] do_syscall_64+0x3b/0x90 [ 1879.102787] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1879.103361] RIP: 0033:0x7fdbeab6ab19 [ 1879.103776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1879.105843] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1879.106687] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1879.107470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1879.108255] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1879.109048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1879.109842] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1879.110665] [ 1879.110920] CPU: 1 PID: 9197 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1879.112641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1879.114995] Call Trace: [ 1879.115524] [ 1879.115988] dump_stack_lvl+0x8b/0xb3 [ 1879.116798] should_fail.cold+0x5/0xa [ 1879.117594] ? create_object.isra.0+0x3a/0xa20 [ 1879.118565] should_failslab+0x5/0x10 [ 1879.119369] kmem_cache_alloc+0x5b/0x480 [ 1879.120240] create_object.isra.0+0x3a/0xa20 [ 1879.121174] kmemleak_alloc_percpu+0xa0/0x100 [ 1879.122120] pcpu_alloc+0x7bf/0x1060 [ 1879.122927] alloc_vfsmnt+0xfd/0x6b0 [ 1879.123710] vfs_create_mount+0x8b/0x5d0 [ 1879.124570] fc_mount+0x98/0xc0 [ 1879.125260] mq_init_ns+0x43e/0x630 [ 1879.126033] copy_ipcs+0x35e/0x5d0 [ 1879.126794] ? copy_utsname+0xa9/0x4a0 [ 1879.127627] create_new_namespaces+0x210/0xb30 [ 1879.128609] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1879.129646] ksys_unshare+0x445/0x8d0 [ 1879.130464] ? unshare_fd+0x1c0/0x1c0 [ 1879.131268] ? lock_is_held_type+0xd7/0x130 [ 1879.132194] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1879.133277] __x64_sys_unshare+0x2d/0x40 [ 1879.134138] do_syscall_64+0x3b/0x90 [ 1879.134947] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1879.136027] RIP: 0033:0x7f4b4ea85b19 [ 1879.136795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1879.140573] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1879.142148] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1879.143646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1879.145116] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1879.146787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1879.148325] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1879.149947] 18:37:36 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 45) 18:37:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9effffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1879.174440] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:37:36 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 45) 18:37:36 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x2000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1879.241015] FAULT_INJECTION: forcing a failure. [ 1879.241015] name failslab, interval 1, probability 0, space 0, times 0 [ 1879.242361] CPU: 0 PID: 9213 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1879.243278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1879.244551] Call Trace: [ 1879.244819] [ 1879.245065] dump_stack_lvl+0x8b/0xb3 [ 1879.245501] should_fail.cold+0x5/0xa [ 1879.245935] should_failslab+0x5/0x10 [ 1879.245988] FAULT_INJECTION: forcing a failure. [ 1879.245988] name failslab, interval 1, probability 0, space 0, times 0 [ 1879.246373] __kmalloc_track_caller+0x79/0x430 [ 1879.246398] ? setup_mq_sysctls+0x59/0x230 [ 1879.249644] kmemdup+0x23/0x50 [ 1879.250016] setup_mq_sysctls+0x59/0x230 [ 1879.250467] copy_ipcs+0x381/0x5d0 [ 1879.250866] ? copy_utsname+0xa9/0x4a0 [ 1879.251292] create_new_namespaces+0x210/0xb30 [ 1879.251817] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1879.252343] ksys_unshare+0x445/0x8d0 [ 1879.252781] ? unshare_fd+0x1c0/0x1c0 [ 1879.253190] ? lock_is_held_type+0xd7/0x130 [ 1879.253701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1879.254282] __x64_sys_unshare+0x2d/0x40 [ 1879.254736] do_syscall_64+0x3b/0x90 [ 1879.255132] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1879.255713] RIP: 0033:0x7f4b4ea85b19 [ 1879.256135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1879.258197] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1879.259057] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1879.259858] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1879.260672] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1879.261455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1879.262252] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1879.263058] [ 1879.263320] CPU: 1 PID: 9214 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1879.265058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1879.267410] Call Trace: [ 1879.267946] [ 1879.268439] dump_stack_lvl+0x8b/0xb3 [ 1879.269277] should_fail.cold+0x5/0xa [ 1879.270085] should_failslab+0x5/0x10 [ 1879.270891] __kmalloc_track_caller+0x79/0x430 [ 1879.271855] ? setup_mq_sysctls+0x59/0x230 [ 1879.272744] kmemdup+0x23/0x50 [ 1879.273428] setup_mq_sysctls+0x59/0x230 [ 1879.274285] copy_ipcs+0x381/0x5d0 [ 1879.275029] ? copy_utsname+0xa9/0x4a0 [ 1879.275856] create_new_namespaces+0x210/0xb30 [ 1879.276832] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1879.277862] ksys_unshare+0x445/0x8d0 [ 1879.278690] ? unshare_fd+0x1c0/0x1c0 [ 1879.279494] ? lock_is_held_type+0xd7/0x130 [ 1879.280421] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1879.281492] __x64_sys_unshare+0x2d/0x40 [ 1879.282366] do_syscall_64+0x3b/0x90 [ 1879.283149] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1879.284231] RIP: 0033:0x7fdbeab6ab19 [ 1879.284996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1879.289043] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1879.290655] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1879.292134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1879.293602] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1879.295080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1879.296555] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1879.298051] 18:37:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xb2020000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:37 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf0ffff}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1879.326156] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1895.071792] FAULT_INJECTION: forcing a failure. [ 1895.071792] name failslab, interval 1, probability 0, space 0, times 0 18:37:52 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 46) 18:37:52 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 46) 18:37:52 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:37:52 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x0, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:37:52 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x3000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:52 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x1000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:52 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) 18:37:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf0ffffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1895.075413] CPU: 1 PID: 9225 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1895.077353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1895.079789] Call Trace: [ 1895.080340] [ 1895.080814] dump_stack_lvl+0x8b/0xb3 [ 1895.081645] should_fail.cold+0x5/0xa [ 1895.082468] ? create_object.isra.0+0x3a/0xa20 [ 1895.083463] should_failslab+0x5/0x10 [ 1895.084285] kmem_cache_alloc+0x5b/0x480 [ 1895.085177] create_object.isra.0+0x3a/0xa20 [ 1895.086120] ? kasan_unpoison+0x23/0x50 [ 1895.086987] __kmalloc_track_caller+0x25e/0x430 [ 1895.087987] ? setup_mq_sysctls+0x59/0x230 [ 1895.088898] kmemdup+0x23/0x50 [ 1895.089595] setup_mq_sysctls+0x59/0x230 [ 1895.089681] FAULT_INJECTION: forcing a failure. [ 1895.089681] name failslab, interval 1, probability 0, space 0, times 0 [ 1895.090481] copy_ipcs+0x381/0x5d0 [ 1895.090505] ? copy_utsname+0xa9/0x4a0 [ 1895.090551] create_new_namespaces+0x210/0xb30 [ 1895.094251] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1895.095318] ksys_unshare+0x445/0x8d0 [ 1895.096142] ? unshare_fd+0x1c0/0x1c0 [ 1895.096963] ? lock_is_held_type+0xd7/0x130 [ 1895.097911] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1895.099027] __x64_sys_unshare+0x2d/0x40 [ 1895.099911] do_syscall_64+0x3b/0x90 [ 1895.100711] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1895.101827] RIP: 0033:0x7f4b4ea85b19 [ 1895.102622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1895.106552] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1895.108165] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1895.109683] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1895.111210] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1895.112737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1895.114259] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1895.115819] [ 1895.116315] CPU: 0 PID: 9234 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1895.117200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1895.118420] Call Trace: [ 1895.118686] [ 1895.118927] dump_stack_lvl+0x8b/0xb3 [ 1895.119328] should_fail.cold+0x5/0xa [ 1895.119744] ? create_object.isra.0+0x3a/0xa20 [ 1895.120246] should_failslab+0x5/0x10 [ 1895.120666] kmem_cache_alloc+0x5b/0x480 [ 1895.121116] create_object.isra.0+0x3a/0xa20 [ 1895.121589] ? kasan_unpoison+0x23/0x50 [ 1895.122029] __kmalloc_track_caller+0x25e/0x430 [ 1895.122562] ? setup_mq_sysctls+0x59/0x230 [ 1895.123035] kmemdup+0x23/0x50 [ 1895.123389] setup_mq_sysctls+0x59/0x230 [ 1895.123821] copy_ipcs+0x381/0x5d0 [ 1895.124202] ? copy_utsname+0xa9/0x4a0 [ 1895.124622] create_new_namespaces+0x210/0xb30 [ 1895.125124] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1895.125665] ksys_unshare+0x445/0x8d0 [ 1895.126075] ? unshare_fd+0x1c0/0x1c0 [ 1895.126501] ? lock_is_held_type+0xd7/0x130 [ 1895.126987] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1895.127542] __x64_sys_unshare+0x2d/0x40 [ 1895.127994] do_syscall_64+0x3b/0x90 [ 1895.128407] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1895.128978] RIP: 0033:0x7fdbeab6ab19 [ 1895.129376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1895.131372] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1895.132194] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1895.132953] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1895.133725] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1895.134508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1895.135270] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1895.136053] 18:37:52 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfcffffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:52 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 47) [ 1895.167790] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:37:52 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x2000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1895.193993] FAULT_INJECTION: forcing a failure. [ 1895.193993] name failslab, interval 1, probability 0, space 0, times 0 [ 1895.195280] CPU: 0 PID: 9242 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1895.196147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1895.197359] Call Trace: [ 1895.197624] [ 1895.197870] dump_stack_lvl+0x8b/0xb3 [ 1895.198282] should_fail.cold+0x5/0xa [ 1895.198699] ? __register_sysctl_table+0x112/0x1090 [ 1895.199240] should_failslab+0x5/0x10 [ 1895.199655] __kmalloc+0x72/0x440 [ 1895.200026] ? lock_downgrade+0x6d0/0x6d0 [ 1895.200468] __register_sysctl_table+0x112/0x1090 [ 1895.200979] ? proc_sys_evict_inode+0x180/0x180 [ 1895.201479] ? trace_kmalloc+0x29/0xd0 [ 1895.201898] ? __kmalloc_track_caller+0x213/0x430 [ 1895.202441] ? setup_mq_sysctls+0x59/0x230 [ 1895.202901] ? memcpy+0x39/0x60 [ 1895.203258] setup_mq_sysctls+0x13c/0x230 [ 1895.203714] copy_ipcs+0x381/0x5d0 [ 1895.204106] ? copy_utsname+0xa9/0x4a0 [ 1895.204548] create_new_namespaces+0x210/0xb30 [ 1895.205056] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1895.205599] ksys_unshare+0x445/0x8d0 [ 1895.206024] ? unshare_fd+0x1c0/0x1c0 [ 1895.206454] ? lock_is_held_type+0xd7/0x130 [ 1895.206943] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1895.207512] __x64_sys_unshare+0x2d/0x40 [ 1895.207978] do_syscall_64+0x3b/0x90 [ 1895.208389] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1895.208970] RIP: 0033:0x7f4b4ea85b19 [ 1895.209375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1895.211381] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1895.212198] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1895.212991] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1895.213772] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1895.214556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1895.215336] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1895.216135] 18:37:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffff000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:53 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:37:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 48) 18:37:53 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 47) [ 1895.298700] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:37:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x3000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1895.326324] FAULT_INJECTION: forcing a failure. [ 1895.326324] name failslab, interval 1, probability 0, space 0, times 0 [ 1895.327634] CPU: 0 PID: 9254 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1895.328514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1895.329729] Call Trace: [ 1895.329996] [ 1895.330231] dump_stack_lvl+0x8b/0xb3 [ 1895.330651] should_fail.cold+0x5/0xa [ 1895.331062] ? create_object.isra.0+0x3a/0xa20 [ 1895.331556] should_failslab+0x5/0x10 [ 1895.331973] kmem_cache_alloc+0x5b/0x480 [ 1895.332436] create_object.isra.0+0x3a/0xa20 [ 1895.332905] ? kasan_unpoison+0x23/0x50 [ 1895.333361] __kmalloc+0x25b/0x440 [ 1895.333765] __register_sysctl_table+0x112/0x1090 [ 1895.334296] ? proc_sys_evict_inode+0x180/0x180 [ 1895.334839] ? trace_kmalloc+0x29/0xd0 [ 1895.335479] ? __kmalloc_track_caller+0x213/0x430 [ 1895.335998] ? setup_mq_sysctls+0x59/0x230 [ 1895.336457] ? memcpy+0x39/0x60 [ 1895.336819] setup_mq_sysctls+0x13c/0x230 [ 1895.337268] copy_ipcs+0x381/0x5d0 [ 1895.337654] ? copy_utsname+0xa9/0x4a0 [ 1895.338082] create_new_namespaces+0x210/0xb30 [ 1895.338593] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1895.339126] ksys_unshare+0x445/0x8d0 [ 1895.339545] ? unshare_fd+0x1c0/0x1c0 [ 1895.339964] ? lock_is_held_type+0xd7/0x130 [ 1895.340454] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1895.341010] __x64_sys_unshare+0x2d/0x40 [ 1895.341450] do_syscall_64+0x3b/0x90 [ 1895.341859] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1895.342441] RIP: 0033:0x7f4b4ea85b19 [ 1895.342839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1895.344829] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1895.345655] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1895.346438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1895.347209] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1895.347979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1895.348754] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1895.349537] [ 1895.355756] FAULT_INJECTION: forcing a failure. [ 1895.355756] name failslab, interval 1, probability 0, space 0, times 0 [ 1895.357025] CPU: 0 PID: 9257 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1895.357913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1895.359147] Call Trace: [ 1895.359422] [ 1895.359663] dump_stack_lvl+0x8b/0xb3 [ 1895.360088] should_fail.cold+0x5/0xa [ 1895.360511] ? __register_sysctl_table+0x112/0x1090 [ 1895.361056] should_failslab+0x5/0x10 [ 1895.361479] __kmalloc+0x72/0x440 [ 1895.361862] ? lock_downgrade+0x6d0/0x6d0 [ 1895.362323] __register_sysctl_table+0x112/0x1090 [ 1895.362865] ? proc_sys_evict_inode+0x180/0x180 [ 1895.363379] ? trace_kmalloc+0x29/0xd0 [ 1895.363811] ? __kmalloc_track_caller+0x213/0x430 [ 1895.364334] ? setup_mq_sysctls+0x59/0x230 [ 1895.364794] ? memcpy+0x39/0x60 [ 1895.365156] setup_mq_sysctls+0x13c/0x230 [ 1895.365610] copy_ipcs+0x381/0x5d0 [ 1895.365999] ? copy_utsname+0xa9/0x4a0 [ 1895.366453] create_new_namespaces+0x210/0xb30 [ 1895.366976] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1895.367512] ksys_unshare+0x445/0x8d0 [ 1895.367927] ? unshare_fd+0x1c0/0x1c0 [ 1895.368344] ? lock_is_held_type+0xd7/0x130 [ 1895.368828] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1895.369386] __x64_sys_unshare+0x2d/0x40 [ 1895.369830] do_syscall_64+0x3b/0x90 [ 1895.370238] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1895.370814] RIP: 0033:0x7fdbeab6ab19 [ 1895.371209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1895.373208] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1895.374031] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1895.374810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1895.375587] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1895.376366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1895.377140] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1895.377932] 18:38:07 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:38:07 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x5000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:07 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x0, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:38:07 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 48) 18:38:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xffffff7f, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:07 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 49) [ 1909.775441] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:07 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x4000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:07 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}], 0x1, 0x0) 18:38:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xffffff9e, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1909.811562] FAULT_INJECTION: forcing a failure. [ 1909.811562] name failslab, interval 1, probability 0, space 0, times 0 [ 1909.814038] CPU: 0 PID: 9272 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1909.815818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1909.818248] Call Trace: [ 1909.818811] [ 1909.819292] dump_stack_lvl+0x8b/0xb3 [ 1909.820132] should_fail.cold+0x5/0xa [ 1909.820956] ? create_object.isra.0+0x3a/0xa20 [ 1909.821953] should_failslab+0x5/0x10 [ 1909.822808] kmem_cache_alloc+0x5b/0x480 [ 1909.823704] create_object.isra.0+0x3a/0xa20 [ 1909.824653] ? kasan_unpoison+0x23/0x50 18:38:07 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x9000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1909.825515] __kmalloc+0x25b/0x440 [ 1909.826378] __register_sysctl_table+0x112/0x1090 [ 1909.827435] ? proc_sys_evict_inode+0x180/0x180 [ 1909.828431] ? trace_kmalloc+0x29/0xd0 [ 1909.829271] ? __kmalloc_track_caller+0x213/0x430 [ 1909.830309] ? setup_mq_sysctls+0x59/0x230 [ 1909.831232] ? memcpy+0x39/0x60 [ 1909.831946] setup_mq_sysctls+0x13c/0x230 [ 1909.832838] copy_ipcs+0x381/0x5d0 [ 1909.833592] ? copy_utsname+0xa9/0x4a0 [ 1909.834440] create_new_namespaces+0x210/0xb30 [ 1909.835450] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1909.836505] ksys_unshare+0x445/0x8d0 [ 1909.837328] ? unshare_fd+0x1c0/0x1c0 [ 1909.838148] ? lock_is_held_type+0xd7/0x130 [ 1909.839113] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1909.840206] __x64_sys_unshare+0x2d/0x40 [ 1909.841083] do_syscall_64+0x3b/0x90 [ 1909.841878] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1909.842996] RIP: 0033:0x7fdbeab6ab19 [ 1909.843781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1909.847673] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1909.849282] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1909.850799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1909.852303] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1909.853788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1909.855291] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1909.856813] 18:38:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffffff0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1909.874597] FAULT_INJECTION: forcing a failure. [ 1909.874597] name failslab, interval 1, probability 0, space 0, times 0 [ 1909.875906] CPU: 1 PID: 9284 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1909.876804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1909.878012] Call Trace: [ 1909.878291] [ 1909.878538] dump_stack_lvl+0x8b/0xb3 [ 1909.878979] should_fail.cold+0x5/0xa [ 1909.879413] ? __register_sysctl_table+0x9e2/0x1090 [ 1909.879962] should_failslab+0x5/0x10 [ 1909.880379] __kmalloc+0x72/0x440 [ 1909.880755] __register_sysctl_table+0x9e2/0x1090 [ 1909.881273] ? proc_sys_evict_inode+0x180/0x180 [ 1909.881763] ? trace_kmalloc+0x29/0xd0 [ 1909.882172] ? __kmalloc_track_caller+0x213/0x430 [ 1909.882697] ? setup_mq_sysctls+0x59/0x230 [ 1909.883144] ? memcpy+0x39/0x60 [ 1909.883494] setup_mq_sysctls+0x13c/0x230 [ 1909.883937] copy_ipcs+0x381/0x5d0 [ 1909.884328] ? copy_utsname+0xa9/0x4a0 [ 1909.884754] create_new_namespaces+0x210/0xb30 [ 1909.885250] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1909.885770] ksys_unshare+0x445/0x8d0 [ 1909.886181] ? unshare_fd+0x1c0/0x1c0 [ 1909.886591] ? lock_is_held_type+0xd7/0x130 [ 1909.887068] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1909.887612] __x64_sys_unshare+0x2d/0x40 [ 1909.888041] do_syscall_64+0x3b/0x90 [ 1909.888440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1909.888983] RIP: 0033:0x7f4b4ea85b19 [ 1909.889374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1909.891306] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1909.892106] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1909.892862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1909.893597] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1909.894336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1909.895081] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1909.895886] [ 1909.896173] sysctl could not get directory: /fs -12 [ 1909.897404] CPU: 1 PID: 9284 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1909.898261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1909.899507] Call Trace: [ 1909.899785] [ 1909.900027] dump_stack_lvl+0x8b/0xb3 [ 1909.900443] __register_sysctl_table+0xde7/0x1090 [ 1909.900977] ? proc_sys_evict_inode+0x180/0x180 [ 1909.901489] ? trace_kmalloc+0x29/0xd0 [ 1909.901919] ? __kmalloc_track_caller+0x213/0x430 [ 1909.902450] ? setup_mq_sysctls+0x59/0x230 [ 1909.902906] ? memcpy+0x39/0x60 [ 1909.903277] setup_mq_sysctls+0x13c/0x230 [ 1909.903736] copy_ipcs+0x381/0x5d0 [ 1909.904127] ? copy_utsname+0xa9/0x4a0 [ 1909.904566] create_new_namespaces+0x210/0xb30 [ 1909.905059] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1909.905610] ksys_unshare+0x445/0x8d0 [ 1909.906040] ? unshare_fd+0x1c0/0x1c0 [ 1909.906442] ? lock_is_held_type+0xd7/0x130 [ 1909.906943] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1909.907514] __x64_sys_unshare+0x2d/0x40 [ 1909.907962] do_syscall_64+0x3b/0x90 [ 1909.908383] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1909.908958] RIP: 0033:0x7f4b4ea85b19 [ 1909.909365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1909.911292] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1909.912117] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1909.912900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1909.913687] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1909.914469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1909.915264] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1909.916057] 18:38:07 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x6000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:07 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1909.967431] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:21 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 49) 18:38:21 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:21 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:38:21 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5}, {}], 0x2, &(0x7f0000000180)) 18:38:21 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x7000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xfffffffc, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:21 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:38:21 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 50) [ 1923.483412] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1923.500447] FAULT_INJECTION: forcing a failure. [ 1923.500447] name failslab, interval 1, probability 0, space 0, times 0 [ 1923.501680] CPU: 1 PID: 9308 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1923.502526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1923.503722] Call Trace: [ 1923.503985] [ 1923.504221] dump_stack_lvl+0x8b/0xb3 [ 1923.504413] FAULT_INJECTION: forcing a failure. [ 1923.504413] name failslab, interval 1, probability 0, space 0, times 0 [ 1923.504630] should_fail.cold+0x5/0xa [ 1923.507249] ? __register_sysctl_table+0x9e2/0x1090 [ 1923.507776] should_failslab+0x5/0x10 [ 1923.508182] __kmalloc+0x72/0x440 [ 1923.508557] __register_sysctl_table+0x9e2/0x1090 [ 1923.509071] ? proc_sys_evict_inode+0x180/0x180 [ 1923.509560] ? trace_kmalloc+0x29/0xd0 [ 1923.509974] ? __kmalloc_track_caller+0x213/0x430 [ 1923.510478] ? setup_mq_sysctls+0x59/0x230 [ 1923.510940] ? memcpy+0x39/0x60 [ 1923.511292] setup_mq_sysctls+0x13c/0x230 [ 1923.511736] copy_ipcs+0x381/0x5d0 [ 1923.512102] ? copy_utsname+0xa9/0x4a0 [ 1923.512525] create_new_namespaces+0x210/0xb30 [ 1923.513011] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1923.513533] ksys_unshare+0x445/0x8d0 [ 1923.513939] ? unshare_fd+0x1c0/0x1c0 [ 1923.514345] ? lock_is_held_type+0xd7/0x130 [ 1923.514827] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1923.515365] __x64_sys_unshare+0x2d/0x40 [ 1923.515790] do_syscall_64+0x3b/0x90 [ 1923.516186] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1923.516725] RIP: 0033:0x7fdbeab6ab19 [ 1923.517111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1923.519023] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1923.519802] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1923.520538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1923.521277] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1923.522008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1923.522755] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1923.523513] [ 1923.523760] CPU: 0 PID: 9309 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1923.523800] sysctl could not get directory: [ 1923.525436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1923.525454] Call Trace: [ 1923.525906] / [ 1923.528165] [ 1923.528176] dump_stack_lvl+0x8b/0xb3 [ 1923.528469] fs -12 [ 1923.528799] should_fail.cold+0x5/0xa [ 1923.530939] ? create_object.isra.0+0x3a/0xa20 [ 1923.531853] should_failslab+0x5/0x10 [ 1923.532645] kmem_cache_alloc+0x5b/0x480 [ 1923.533479] create_object.isra.0+0x3a/0xa20 [ 1923.534362] ? kasan_unpoison+0x23/0x50 [ 1923.535186] __kmalloc+0x25b/0x440 [ 1923.535916] __register_sysctl_table+0x9e2/0x1090 [ 1923.536921] ? proc_sys_evict_inode+0x180/0x180 [ 1923.537851] ? trace_kmalloc+0x29/0xd0 [ 1923.538631] ? __kmalloc_track_caller+0x213/0x430 [ 1923.539611] ? setup_mq_sysctls+0x59/0x230 [ 1923.540469] ? memcpy+0x39/0x60 [ 1923.541140] setup_mq_sysctls+0x13c/0x230 [ 1923.541998] copy_ipcs+0x381/0x5d0 [ 1923.542713] ? copy_utsname+0xa9/0x4a0 [ 1923.543520] create_new_namespaces+0x210/0xb30 [ 1923.544452] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1923.545437] ksys_unshare+0x445/0x8d0 [ 1923.546209] ? unshare_fd+0x1c0/0x1c0 [ 1923.546997] ? lock_is_held_type+0xd7/0x130 [ 1923.547885] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1923.548906] __x64_sys_unshare+0x2d/0x40 [ 1923.549721] do_syscall_64+0x3b/0x90 [ 1923.550468] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1923.551507] RIP: 0033:0x7f4b4ea85b19 [ 1923.552242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1923.556350] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1923.558086] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1923.559561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1923.561051] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1923.562539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1923.563979] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1923.565429] [ 1923.565893] CPU: 1 PID: 9308 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1923.566761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1923.567949] Call Trace: [ 1923.568211] [ 1923.568449] dump_stack_lvl+0x8b/0xb3 [ 1923.568846] __register_sysctl_table+0xde7/0x1090 [ 1923.569356] ? proc_sys_evict_inode+0x180/0x180 [ 1923.569837] ? trace_kmalloc+0x29/0xd0 [ 1923.570252] ? __kmalloc_track_caller+0x213/0x430 [ 1923.570765] ? setup_mq_sysctls+0x59/0x230 [ 1923.571225] ? memcpy+0x39/0x60 [ 1923.571584] setup_mq_sysctls+0x13c/0x230 [ 1923.572029] copy_ipcs+0x381/0x5d0 [ 1923.572409] ? copy_utsname+0xa9/0x4a0 [ 1923.572820] create_new_namespaces+0x210/0xb30 [ 1923.573315] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1923.573830] ksys_unshare+0x445/0x8d0 [ 1923.574239] ? unshare_fd+0x1c0/0x1c0 [ 1923.574648] ? lock_is_held_type+0xd7/0x130 [ 1923.575128] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1923.575681] __x64_sys_unshare+0x2d/0x40 [ 1923.576107] do_syscall_64+0x3b/0x90 [ 1923.576507] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1923.577056] RIP: 0033:0x7fdbeab6ab19 [ 1923.577449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1923.579357] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1923.580157] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1923.580897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1923.581638] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1923.582433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1923.583194] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1923.583942] 18:38:21 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x47010000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:21 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:38:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:21 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x9000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:21 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 50) 18:38:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xf, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1923.694774] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1923.719572] FAULT_INJECTION: forcing a failure. [ 1923.719572] name failslab, interval 1, probability 0, space 0, times 0 [ 1923.720907] CPU: 1 PID: 9321 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 18:38:21 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x4e230000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1923.721766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1923.723177] Call Trace: [ 1923.723452] [ 1923.723684] dump_stack_lvl+0x8b/0xb3 [ 1923.724110] should_fail.cold+0x5/0xa [ 1923.724515] ? create_object.isra.0+0x3a/0xa20 [ 1923.725016] should_failslab+0x5/0x10 [ 1923.725441] kmem_cache_alloc+0x5b/0x480 [ 1923.725890] create_object.isra.0+0x3a/0xa20 [ 1923.726360] ? kasan_unpoison+0x23/0x50 [ 1923.726825] __kmalloc+0x25b/0x440 [ 1923.727209] __register_sysctl_table+0x9e2/0x1090 [ 1923.727731] ? proc_sys_evict_inode+0x180/0x180 [ 1923.728225] ? trace_kmalloc+0x29/0xd0 [ 1923.728647] ? __kmalloc_track_caller+0x213/0x430 [ 1923.729154] ? setup_mq_sysctls+0x59/0x230 [ 1923.729618] ? memcpy+0x39/0x60 [ 1923.729973] setup_mq_sysctls+0x13c/0x230 [ 1923.730430] copy_ipcs+0x381/0x5d0 [ 1923.730810] ? copy_utsname+0xa9/0x4a0 [ 1923.731231] create_new_namespaces+0x210/0xb30 [ 1923.731732] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1923.732251] ksys_unshare+0x445/0x8d0 [ 1923.732663] ? unshare_fd+0x1c0/0x1c0 [ 1923.733066] ? lock_is_held_type+0xd7/0x130 [ 1923.733545] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1923.734091] __x64_sys_unshare+0x2d/0x40 [ 1923.734527] do_syscall_64+0x3b/0x90 [ 1923.734929] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1923.735478] RIP: 0033:0x7fdbeab6ab19 [ 1923.735863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1923.737773] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1923.738574] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1923.739341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1923.740089] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1923.740845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1923.741591] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1923.742349] 18:38:21 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:38:21 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0xf000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1923.775495] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:21 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x20000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1923.831753] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:33 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 51) 18:38:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:33 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x48000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:33 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 51) 18:38:33 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0x9effffff}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:33 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:38:33 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5}, {}], 0x2, &(0x7f0000000180)) 18:38:33 executing program 2: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) [ 1936.053198] FAULT_INJECTION: forcing a failure. [ 1936.053198] name failslab, interval 1, probability 0, space 0, times 0 [ 1936.055791] CPU: 1 PID: 9336 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1936.056874] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1936.057603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1936.061018] Call Trace: [ 1936.061563] [ 1936.062030] dump_stack_lvl+0x8b/0xb3 [ 1936.062860] should_fail.cold+0x5/0xa [ 1936.063693] ? __register_sysctl_table+0x9e2/0x1090 [ 1936.064775] should_failslab+0x5/0x10 [ 1936.065593] __kmalloc+0x72/0x440 [ 1936.066361] __register_sysctl_table+0x9e2/0x1090 [ 1936.067411] ? proc_sys_evict_inode+0x180/0x180 [ 1936.068405] ? trace_kmalloc+0x29/0xd0 [ 1936.069245] ? __kmalloc_track_caller+0x213/0x430 [ 1936.070288] ? setup_mq_sysctls+0x59/0x230 18:38:33 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x4c000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1936.071200] ? memcpy+0x39/0x60 [ 1936.072029] setup_mq_sysctls+0x13c/0x230 [ 1936.072899] copy_ipcs+0x381/0x5d0 [ 1936.073620] ? copy_utsname+0xa9/0x4a0 [ 1936.074441] create_new_namespaces+0x210/0xb30 [ 1936.075440] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1936.076477] ksys_unshare+0x445/0x8d0 [ 1936.077287] ? unshare_fd+0x1c0/0x1c0 [ 1936.078089] ? lock_is_held_type+0xd7/0x130 [ 1936.079030] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1936.080113] __x64_sys_unshare+0x2d/0x40 [ 1936.080973] do_syscall_64+0x3b/0x90 [ 1936.081775] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1936.082886] RIP: 0033:0x7f4b4ea85b19 [ 1936.083676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1936.083692] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1936.089255] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1936.090837] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1936.092337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1936.093836] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1936.095320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1936.096808] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1936.098309] [ 1936.099007] sysctl could not get directory: /fs/mqueue -12 [ 1936.100869] CPU: 1 PID: 9336 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 18:38:33 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x68000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1936.102609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1936.105074] Call Trace: [ 1936.105613] [ 1936.106078] dump_stack_lvl+0x8b/0xb3 [ 1936.106898] __register_sysctl_table+0xde7/0x1090 [ 1936.107948] ? proc_sys_evict_inode+0x180/0x180 [ 1936.108927] ? trace_kmalloc+0x29/0xd0 [ 1936.109746] ? __kmalloc_track_caller+0x213/0x430 [ 1936.110772] ? setup_mq_sysctls+0x59/0x230 [ 1936.111667] ? memcpy+0x39/0x60 [ 1936.112371] setup_mq_sysctls+0x13c/0x230 [ 1936.113240] copy_ipcs+0x381/0x5d0 [ 1936.113985] ? copy_utsname+0xa9/0x4a0 [ 1936.114812] create_new_namespaces+0x210/0xb30 [ 1936.115800] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1936.116836] ksys_unshare+0x445/0x8d0 [ 1936.117654] ? unshare_fd+0x1c0/0x1c0 [ 1936.118454] ? lock_is_held_type+0xd7/0x130 [ 1936.119412] ? syscall_enter_from_user_mode+0x1d/0x50 18:38:33 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xf0ffffff}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1936.120485] __x64_sys_unshare+0x2d/0x40 [ 1936.121428] do_syscall_64+0x3b/0x90 [ 1936.122194] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1936.123257] RIP: 0033:0x7f4b4ea85b19 [ 1936.124012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1936.127296] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1936.127774] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1936.130236] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1936.131720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1936.133179] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1936.134615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1936.136094] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1936.137583] 18:38:33 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x6c000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1936.171953] FAULT_INJECTION: forcing a failure. [ 1936.171953] name failslab, interval 1, probability 0, space 0, times 0 [ 1936.173197] CPU: 0 PID: 9359 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1936.174091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1936.175317] Call Trace: [ 1936.175591] [ 1936.175825] dump_stack_lvl+0x8b/0xb3 [ 1936.176244] should_fail.cold+0x5/0xa [ 1936.176647] ? __register_sysctl_table+0x9e2/0x1090 [ 1936.177178] should_failslab+0x5/0x10 [ 1936.177585] __kmalloc+0x72/0x440 [ 1936.177969] __register_sysctl_table+0x9e2/0x1090 [ 1936.178499] ? proc_sys_evict_inode+0x180/0x180 [ 1936.179015] ? trace_kmalloc+0x29/0xd0 [ 1936.179438] ? __kmalloc_track_caller+0x213/0x430 [ 1936.179952] ? setup_mq_sysctls+0x59/0x230 [ 1936.180399] ? memcpy+0x39/0x60 [ 1936.180757] setup_mq_sysctls+0x13c/0x230 [ 1936.181237] copy_ipcs+0x381/0x5d0 [ 1936.181637] ? copy_utsname+0xa9/0x4a0 [ 1936.182086] create_new_namespaces+0x210/0xb30 [ 1936.182608] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1936.183178] ksys_unshare+0x445/0x8d0 [ 1936.183613] ? unshare_fd+0x1c0/0x1c0 [ 1936.184045] ? lock_is_held_type+0xd7/0x130 [ 1936.184552] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1936.185125] __x64_sys_unshare+0x2d/0x40 [ 1936.185589] do_syscall_64+0x3b/0x90 [ 1936.186013] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1936.186601] RIP: 0033:0x7fdbeab6ab19 [ 1936.187018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1936.189080] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1936.189924] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1936.190729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1936.191529] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1936.192319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1936.193129] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1936.193934] [ 1936.194314] sysctl could not get directory: /fs/mqueue -12 [ 1936.195377] CPU: 0 PID: 9359 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1936.196304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1936.197575] Call Trace: [ 1936.197860] [ 1936.198112] dump_stack_lvl+0x8b/0xb3 [ 1936.198550] __register_sysctl_table+0xde7/0x1090 [ 1936.199123] ? proc_sys_evict_inode+0x180/0x180 [ 1936.199646] ? trace_kmalloc+0x29/0xd0 [ 1936.200088] ? __kmalloc_track_caller+0x213/0x430 [ 1936.200652] ? setup_mq_sysctls+0x59/0x230 [ 1936.201126] ? memcpy+0x39/0x60 [ 1936.201500] setup_mq_sysctls+0x13c/0x230 [ 1936.201964] copy_ipcs+0x381/0x5d0 [ 1936.202363] ? copy_utsname+0xa9/0x4a0 [ 1936.202802] create_new_namespaces+0x210/0xb30 [ 1936.203335] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1936.203889] ksys_unshare+0x445/0x8d0 [ 1936.204329] ? unshare_fd+0x1c0/0x1c0 [ 1936.204758] ? lock_is_held_type+0xd7/0x130 [ 1936.205254] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1936.205841] __x64_sys_unshare+0x2d/0x40 [ 1936.206288] do_syscall_64+0x3b/0x90 [ 1936.206706] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1936.207298] RIP: 0033:0x7fdbeab6ab19 [ 1936.207709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1936.209789] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1936.210633] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1936.211444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1936.212243] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1936.213044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1936.213830] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1936.214639] 18:38:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0x2c0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:33 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xfcffffff}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1936.245708] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:34 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x74000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1936.294278] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:53 executing program 2: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5, 0x1000}, {}], 0x2, &(0x7f0000000180)) 18:38:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xfffff000}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:53 executing program 4: semget$private(0x0, 0x0, 0x0) semtimedop(0x0, 0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f00000000c0)=[{0x0, 0x5}, {}], 0x2, &(0x7f0000000180)) 18:38:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 52) 18:38:53 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x7a000000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xec0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:53 executing program 1: semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfffd}, {}], 0x2, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{}], 0x1, 0x0) 18:38:53 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 52) [ 1955.863768] FAULT_INJECTION: forcing a failure. [ 1955.863768] name failslab, interval 1, probability 0, space 0, times 0 [ 1955.865000] CPU: 1 PID: 9376 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1955.865864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1955.867052] Call Trace: [ 1955.867333] [ 1955.867566] dump_stack_lvl+0x8b/0xb3 [ 1955.867972] should_fail.cold+0x5/0xa [ 1955.868377] ? create_object.isra.0+0x3a/0xa20 [ 1955.868857] should_failslab+0x5/0x10 [ 1955.869261] kmem_cache_alloc+0x5b/0x480 [ 1955.869689] create_object.isra.0+0x3a/0xa20 [ 1955.870155] ? kasan_unpoison+0x23/0x50 [ 1955.870571] __kmalloc+0x25b/0x440 [ 1955.870950] __register_sysctl_table+0x9e2/0x1090 [ 1955.871466] ? proc_sys_evict_inode+0x180/0x180 [ 1955.871948] ? trace_kmalloc+0x29/0xd0 [ 1955.872357] ? __kmalloc_track_caller+0x213/0x430 [ 1955.872862] ? setup_mq_sysctls+0x59/0x230 [ 1955.873303] ? memcpy+0x39/0x60 [ 1955.873649] setup_mq_sysctls+0x13c/0x230 [ 1955.874085] copy_ipcs+0x381/0x5d0 [ 1955.874453] ? copy_utsname+0xa9/0x4a0 [ 1955.874868] create_new_namespaces+0x210/0xb30 [ 1955.875371] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1955.875888] ksys_unshare+0x445/0x8d0 [ 1955.876294] ? unshare_fd+0x1c0/0x1c0 [ 1955.876691] ? lock_is_held_type+0xd7/0x130 [ 1955.877156] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1955.877694] __x64_sys_unshare+0x2d/0x40 [ 1955.878120] do_syscall_64+0x3b/0x90 [ 1955.878515] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1955.879059] RIP: 0033:0x7fdbeab6ab19 [ 1955.879451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1955.881359] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1955.882147] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1955.882888] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1955.883634] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1955.884374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1955.885110] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1955.885856] [ 1955.893797] FAULT_INJECTION: forcing a failure. [ 1955.893797] name failslab, interval 1, probability 0, space 0, times 0 [ 1955.896184] CPU: 0 PID: 9386 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1955.897827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1955.900094] Call Trace: [ 1955.900603] [ 1955.901046] dump_stack_lvl+0x8b/0xb3 [ 1955.901818] should_fail.cold+0x5/0xa [ 1955.902586] ? create_object.isra.0+0x3a/0xa20 [ 1955.903510] should_failslab+0x5/0x10 [ 1955.904277] kmem_cache_alloc+0x5b/0x480 [ 1955.905099] create_object.isra.0+0x3a/0xa20 [ 1955.905970] ? kasan_unpoison+0x23/0x50 [ 1955.906761] __kmalloc+0x25b/0x440 [ 1955.907494] __register_sysctl_table+0x9e2/0x1090 [ 1955.908466] ? proc_sys_evict_inode+0x180/0x180 [ 1955.909384] ? trace_kmalloc+0x29/0xd0 [ 1955.910167] ? __kmalloc_track_caller+0x213/0x430 [ 1955.911136] ? setup_mq_sysctls+0x59/0x230 [ 1955.911987] ? memcpy+0x39/0x60 [ 1955.912652] setup_mq_sysctls+0x13c/0x230 [ 1955.913476] copy_ipcs+0x381/0x5d0 18:38:53 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 53) [ 1955.914184] ? copy_utsname+0xa9/0x4a0 [ 1955.915063] create_new_namespaces+0x210/0xb30 [ 1955.915998] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1955.916971] ksys_unshare+0x445/0x8d0 [ 1955.917729] ? unshare_fd+0x1c0/0x1c0 [ 1955.918485] ? lock_is_held_type+0xd7/0x130 [ 1955.919374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1955.920394] __x64_sys_unshare+0x2d/0x40 [ 1955.921196] do_syscall_64+0x3b/0x90 [ 1955.921928] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1955.922941] RIP: 0033:0x7f4b4ea85b19 [ 1955.923667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1955.927225] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1955.927935] FAULT_INJECTION: forcing a failure. [ 1955.927935] name failslab, interval 1, probability 0, space 0, times 0 [ 1955.928715] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1955.928735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1955.928750] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1955.934062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1955.935454] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1955.936868] [ 1955.937324] CPU: 1 PID: 9391 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1955.938222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1955.939455] Call Trace: [ 1955.939725] [ 1955.939967] dump_stack_lvl+0x8b/0xb3 [ 1955.940370] should_fail.cold+0x5/0xa [ 1955.940772] should_failslab+0x5/0x10 [ 1955.941173] __kmalloc_track_caller+0x79/0x430 [ 1955.941659] ? setup_ipc_sysctls+0x59/0x2f0 [ 1955.942129] kmemdup+0x23/0x50 [ 1955.942475] setup_ipc_sysctls+0x59/0x2f0 [ 1955.942914] copy_ipcs+0x482/0x5d0 [ 1955.943292] ? copy_utsname+0xa9/0x4a0 [ 1955.943718] create_new_namespaces+0x210/0xb30 [ 1955.944204] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1955.944725] ksys_unshare+0x445/0x8d0 [ 1955.945134] ? unshare_fd+0x1c0/0x1c0 [ 1955.945540] ? lock_is_held_type+0xd7/0x130 [ 1955.946000] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1955.946540] __x64_sys_unshare+0x2d/0x40 [ 1955.946973] do_syscall_64+0x3b/0x90 [ 1955.947373] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1955.947918] RIP: 0033:0x7fdbeab6ab19 [ 1955.948298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1955.949987] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1955.950181] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1955.950198] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1955.954134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1955.954866] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1955.955599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1955.956329] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1955.957069] 18:38:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0x33fe0, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) 18:38:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 53) 18:38:53 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 54) 18:38:53 executing program 7: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback={0xffffff7f}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1956.048891] FAULT_INJECTION: forcing a failure. [ 1956.048891] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.050260] CPU: 1 PID: 9398 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1956.051130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1956.052401] Call Trace: [ 1956.052672] [ 1956.052923] dump_stack_lvl+0x8b/0xb3 [ 1956.053368] should_fail.cold+0x5/0xa [ 1956.053793] should_failslab+0x5/0x10 [ 1956.054218] __kmalloc_track_caller+0x79/0x430 [ 1956.054729] ? setup_ipc_sysctls+0x59/0x2f0 [ 1956.055199] kmemdup+0x23/0x50 [ 1956.055581] setup_ipc_sysctls+0x59/0x2f0 [ 1956.056048] copy_ipcs+0x482/0x5d0 [ 1956.056432] ? copy_utsname+0xa9/0x4a0 [ 1956.056875] create_new_namespaces+0x210/0xb30 [ 1956.057382] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1956.057931] ksys_unshare+0x445/0x8d0 [ 1956.058353] ? unshare_fd+0x1c0/0x1c0 [ 1956.058784] ? lock_is_held_type+0xd7/0x130 [ 1956.059277] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1956.059862] __x64_sys_unshare+0x2d/0x40 [ 1956.060306] do_syscall_64+0x3b/0x90 [ 1956.060732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1956.061287] RIP: 0033:0x7f4b4ea85b19 [ 1956.061712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1956.063666] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1956.064506] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1956.065257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1956.066058] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1956.066858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1956.067672] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1956.068485] 18:38:53 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x84010000, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1956.086373] FAULT_INJECTION: forcing a failure. [ 1956.086373] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.087700] CPU: 1 PID: 9402 Comm: syz-executor.6 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1956.088591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1956.089841] Call Trace: [ 1956.090122] [ 1956.090369] dump_stack_lvl+0x8b/0xb3 [ 1956.090801] should_fail.cold+0x5/0xa [ 1956.091221] ? create_object.isra.0+0x3a/0xa20 [ 1956.091749] should_failslab+0x5/0x10 [ 1956.092181] kmem_cache_alloc+0x5b/0x480 [ 1956.092638] create_object.isra.0+0x3a/0xa20 [ 1956.093130] ? kasan_unpoison+0x23/0x50 [ 1956.093575] __kmalloc_track_caller+0x25e/0x430 [ 1956.094099] ? setup_ipc_sysctls+0x59/0x2f0 [ 1956.094594] kmemdup+0x23/0x50 [ 1956.094955] setup_ipc_sysctls+0x59/0x2f0 [ 1956.095436] copy_ipcs+0x482/0x5d0 [ 1956.095840] ? copy_utsname+0xa9/0x4a0 [ 1956.096289] create_new_namespaces+0x210/0xb30 [ 1956.096809] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1956.097362] ksys_unshare+0x445/0x8d0 [ 1956.097787] ? unshare_fd+0x1c0/0x1c0 [ 1956.098211] ? lock_is_held_type+0xd7/0x130 [ 1956.098706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1956.099298] __x64_sys_unshare+0x2d/0x40 [ 1956.099755] do_syscall_64+0x3b/0x90 [ 1956.100169] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1956.100756] RIP: 0033:0x7fdbeab6ab19 [ 1956.101167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1956.103175] RSP: 002b:00007fdbe80e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1956.104013] RAX: ffffffffffffffda RBX: 00007fdbeac7df60 RCX: 00007fdbeab6ab19 [ 1956.104795] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1956.105580] RBP: 00007fdbe80e01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1956.106363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1956.107140] R13: 00007ffe00df362f R14: 00007fdbe80e0300 R15: 0000000000022000 [ 1956.107965] 18:38:53 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@updpolicy={0x7ffff000, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) [ 1956.129894] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'. 18:38:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) (fail_nth: 54) [ 1956.171414] FAULT_INJECTION: forcing a failure. [ 1956.171414] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.172715] CPU: 1 PID: 9407 Comm: syz-executor.0 Not tainted 5.18.0-rc2-next-20220413 #1 [ 1956.173611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1956.174843] Call Trace: [ 1956.175116] [ 1956.175368] dump_stack_lvl+0x8b/0xb3 [ 1956.175797] should_fail.cold+0x5/0xa [ 1956.176216] ? create_object.isra.0+0x3a/0xa20 [ 1956.176722] should_failslab+0x5/0x10 [ 1956.177144] kmem_cache_alloc+0x5b/0x480 [ 1956.177606] create_object.isra.0+0x3a/0xa20 [ 1956.178097] ? kasan_unpoison+0x23/0x50 [ 1956.178536] __kmalloc_track_caller+0x25e/0x430 [ 1956.179056] ? setup_ipc_sysctls+0x59/0x2f0 [ 1956.179560] kmemdup+0x23/0x50 [ 1956.179928] setup_ipc_sysctls+0x59/0x2f0 [ 1956.180388] copy_ipcs+0x482/0x5d0 [ 1956.180774] ? copy_utsname+0xa9/0x4a0 [ 1956.181215] create_new_namespaces+0x210/0xb30 [ 1956.181723] unshare_nsproxy_namespaces+0xc1/0x1f0 [ 1956.182268] ksys_unshare+0x445/0x8d0 [ 1956.182691] ? unshare_fd+0x1c0/0x1c0 [ 1956.183113] ? lock_is_held_type+0xd7/0x130 [ 1956.183608] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1956.184173] __x64_sys_unshare+0x2d/0x40 [ 1956.184625] do_syscall_64+0x3b/0x90 [ 1956.185034] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1956.185604] RIP: 0033:0x7f4b4ea85b19 [ 1956.186009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1956.188028] RSP: 002b:00007f4b4bffb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1956.188866] RAX: ffffffffffffffda RBX: 00007f4b4eb98f60 RCX: 00007f4b4ea85b19 [ 1956.189649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1956.190421] RBP: 00007f4b4bffb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1956.191195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1956.191994] R13: 00007fffc9bf7f7f R14: 00007f4b4bffb300 R15: 0000000000022000 [ 1956.192791] [ 1972.530509] kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88800eb19800 (size 512): comm "syz-executor.6", pid 9391, jiffies 4296622771 (age 24.738s) hex dump (first 32 bytes): 20 18 7a 84 ff ff ff ff 8c 07 22 42 80 88 ff ff .z......."B.... 04 00 00 00 a4 01 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000a76bb9ac>] kmemdup+0x23/0x50 [<00000000ea98475f>] setup_mq_sysctls+0x59/0x230 [<0000000095833787>] copy_ipcs+0x381/0x5d0 [<00000000398e1f8b>] create_new_namespaces+0x210/0xb30 [<000000006df37af2>] unshare_nsproxy_namespaces+0xc1/0x1f0 [<000000007fd439c5>] ksys_unshare+0x445/0x8d0 [<0000000029a6ca6e>] __x64_sys_unshare+0x2d/0x40 [<000000007e6c075b>] do_syscall_64+0x3b/0x90 [<0000000040845a76>] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff88801d123c00 (size 256): comm "syz-executor.6", pid 9391, jiffies 4296622771 (age 24.738s) hex dump (first 32 bytes): 00 98 b1 0e 80 88 ff ff 00 00 00 00 01 00 00 00 ................ 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000027a65640>] __register_sysctl_table+0x112/0x1090 [<0000000060e2eb71>] setup_mq_sysctls+0x13c/0x230 [<0000000095833787>] copy_ipcs+0x381/0x5d0 [<00000000398e1f8b>] create_new_namespaces+0x210/0xb30 [<000000006df37af2>] unshare_nsproxy_namespaces+0xc1/0x1f0 [<000000007fd439c5>] ksys_unshare+0x445/0x8d0 [<0000000029a6ca6e>] __x64_sys_unshare+0x2d/0x40 [<000000007e6c075b>] do_syscall_64+0x3b/0x90 [<0000000040845a76>] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff88801d123400 (size 256): comm "syz-executor.6", pid 9391, jiffies 4296622771 (age 24.738s) hex dump (first 32 bytes): 78 34 12 1d 80 88 ff ff 00 00 00 00 01 00 00 00 x4.............. 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e8446ab5>] __register_sysctl_table+0x9e2/0x1090 [<0000000060e2eb71>] setup_mq_sysctls+0x13c/0x230 [<0000000095833787>] copy_ipcs+0x381/0x5d0 [<00000000398e1f8b>] create_new_namespaces+0x210/0xb30 [<000000006df37af2>] unshare_nsproxy_namespaces+0xc1/0x1f0 [<000000007fd439c5>] ksys_unshare+0x445/0x8d0 [<0000000029a6ca6e>] __x64_sys_unshare+0x2d/0x40 [<000000007e6c075b>] do_syscall_64+0x3b/0x90 [<0000000040845a76>] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff88800cebfa00 (size 256): comm "syz-executor.6", pid 9391, jiffies 4296622771 (age 24.738s) hex dump (first 32 bytes): 78 fa eb 0c 80 88 ff ff 00 00 00 00 01 00 00 00 x............... 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e8446ab5>] __register_sysctl_table+0x9e2/0x1090 [<0000000060e2eb71>] setup_mq_sysctls+0x13c/0x230 [<0000000095833787>] copy_ipcs+0x381/0x5d0 [<00000000398e1f8b>] create_new_namespaces+0x210/0xb30 [<000000006df37af2>] unshare_nsproxy_namespaces+0xc1/0x1f0 [<000000007fd439c5>] ksys_unshare+0x445/0x8d0 [<0000000029a6ca6e>] __x64_sys_unshare+0x2d/0x40 [<000000007e6c075b>] do_syscall_64+0x3b/0x90 [<0000000040845a76>] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: memory leak unreferenced object 0xffff888021997c00 (size 512): comm "syz-executor.0", pid 9398, jiffies 4296622892 (age 24.618s) hex dump (first 32 bytes): 20 18 7a 84 ff ff ff ff 8c 87 56 41 80 88 ff ff .z.......VA.... 04 00 00 00 a4 01 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000a76bb9ac>] kmemdup+0x23/0x50 [<00000000ea98475f>] setup_mq_sysctls+0x59/0x230 [<0000000095833787>] copy_ipcs+0x381/0x5d0 [<00000000398e1f8b>] create_new_namespaces+0x210/0xb30 [<000000006df37af2>] unshare_nsproxy_namespaces+0xc1/0x1f0 [<000000007fd439c5>] ksys_unshare+0x445/0x8d0 [<0000000029a6ca6e>] __x64_sys_unshare+0x2d/0x40 [<000000007e6c075b>] do_syscall_64+0x3b/0x90 [<0000000040845a76>] entry_SYSCALL_64_after_hwframe+0x44/0xae BUG: leak checking failed VM DIAGNOSIS: 18:39:18 Registers: info registers vcpu 0 RAX=ffffffff84154810 RBX=ffffffff85032800 RCX=ffffffff84136ca1 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff85007e40 R8 =0000000000000001 R9 =ffff88806ce38d13 R10=ffffed100d9c71a2 R11=0000000000000001 R12=fffffbfff0a06500 R13=ffffffff858de350 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff8415481b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f5ea20ebb28 CR3=000000000d00a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 656a626f20646563 6e6572656665726e YMM02=0000000000000000 0000000000000000 2932313520657a69 7328203030383931 YMM03=0000000000000000 0000000000000000 3920646970202c22 362e726f74756365 YMM04=0000000000000000 0000000000000000 2e2e2e2e2e7a2e20 2020666620666620 YMM05=0000000000000000 0000000000000000 3820666620666620 6666206666203438 YMM06=0000000000000000 0000000000000000 7365747962203233 2074737269662820 YMM07=0000000000000000 0000000000000000 2e34322065676128 2031373732323636 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=ffffffff84154810 RBX=ffff8880081e3580 RCX=ffffffff84136ca1 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000001 RSP=ffff88800820fe78 R8 =0000000000000001 R9 =ffff88806cf38d13 R10=ffffed100d9e71a2 R11=0000000000000001 R12=ffffed100103c6b0 R13=ffffffff858de350 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff8415481b RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffdbf0f09d0 CR3=000000000d00a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 656a626f20646563 6e6572656665726e YMM02=0000000000000000 0000000000000000 2932313520657a69 7328203030383931 YMM03=0000000000000000 0000000000000000 3920646970202c22 362e726f74756365 YMM04=0000000000000000 0000000000000000 2e2e2e2e2e7a2e20 2020666620666620 YMM05=0000000000000000 0000000000000000 3820666620666620 6666206666203438 YMM06=0000000000000000 0000000000000000 7365747962203233 2074737269662820 YMM07=0000000000000000 0000000000000000 2e34322065676128 2031373732323636 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000