25] ? find_held_lock+0x2c/0x110 [ 2173.342552] ? jbd2_transaction_committed+0x111/0x150 [ 2173.343211] ? lock_downgrade+0x6d0/0x6d0 [ 2173.343742] ? ext4_map_blocks+0x87c/0x1910 [ 2173.344306] alloc_pages_current+0x187/0x280 [ 2173.344867] push_pipe+0x2b5/0x6d0 [ 2173.345334] iov_iter_zero+0x418/0xef0 [ 2173.345836] ? ext4_iomap_begin+0x1a0/0x700 [ 2173.346398] ? iov_iter_copy_from_user_atomic+0xdb0/0xdb0 [ 2173.347105] ? ext4_iomap_begin_report+0x5a0/0x5a0 [ 2173.347742] iomap_dio_actor+0x40f/0x560 [ 2173.348272] iomap_apply+0x289/0x810 [ 2173.348757] ? iomap_dio_rw+0x90/0x90 [ 2173.349250] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 2173.349998] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2173.350672] ? mark_held_locks+0x9e/0xe0 [ 2173.351203] ? filemap_check_errors+0xa5/0x150 [ 2173.351784] __iomap_dio_rw+0x6cd/0x1110 [ 2173.352307] ? iomap_dio_rw+0x90/0x90 [ 2173.352804] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2173.353392] ? down_read+0x10f/0x430 [ 2173.353860] ? lock_chain_count+0x20/0x20 [ 2173.354390] ? down_write+0x160/0x160 [ 2173.354871] iomap_dio_rw+0x31/0x90 [ 2173.355347] ext4_file_read_iter+0x2c7/0x4c0 [ 2173.355902] generic_file_splice_read+0x455/0x6d0 [ 2173.356520] ? pipe_to_user+0x170/0x170 [ 2173.357029] ? fsnotify_perm.part.0+0x22d/0x620 [ 2173.357631] ? security_file_permission+0xb1/0xe0 [ 2173.358241] ? pipe_to_user+0x170/0x170 [ 2173.358751] do_splice_to+0x10e/0x160 [ 2173.359235] splice_direct_to_actor+0x2fe/0x980 [ 2173.359830] ? pipe_to_sendpage+0x380/0x380 [ 2173.360378] ? do_splice_to+0x160/0x160 [ 2173.360884] ? security_file_permission+0xb1/0xe0 [ 2173.361509] do_splice_direct+0x1c4/0x290 [ 2173.362045] ? splice_direct_to_actor+0x980/0x980 [ 2173.362663] ? avc_policy_seqno+0x9/0x70 [ 2173.363183] ? security_file_permission+0xb1/0xe0 [ 2173.363795] do_sendfile+0x553/0x11e0 [ 2173.364290] ? do_pwritev+0x270/0x270 [ 2173.364774] ? wait_for_completion_io+0x270/0x270 [ 2173.365384] ? rcu_read_lock_any_held+0x75/0xa0 [ 2173.365964] ? vfs_write+0x354/0xb10 [ 2173.366441] __x64_sys_sendfile64+0x1d1/0x210 [ 2173.367001] ? __ia32_sys_sendfile+0x220/0x220 [ 2173.367576] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2173.368233] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2173.368886] do_syscall_64+0x33/0x40 [ 2173.369359] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2173.370005] RIP: 0033:0x7f32880cdb19 [ 2173.370485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2173.372805] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2173.373759] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2173.374649] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2173.375545] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2173.376431] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2173.377336] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 02:59:17 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff002) 02:59:17 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xb00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x900, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2173.399800] 9pnet: Insufficient options for proto=fd 02:59:17 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x2, &(0x7f0000000640)=@string={0x2}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2173.441479] 9pnet: Insufficient options for proto=fd 02:59:17 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff003) [ 2173.465205] udc-core: couldn't find an available UDC or it's busy [ 2173.466182] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 02:59:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) (fail_nth: 29) [ 2173.490601] FAULT_INJECTION: forcing a failure. [ 2173.490601] name failslab, interval 1, probability 0, space 0, times 0 [ 2173.492195] CPU: 1 PID: 10281 Comm: syz-executor.5 Not tainted 5.10.238 #1 [ 2173.493015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2173.494002] Call Trace: [ 2173.494317] dump_stack+0x107/0x167 [ 2173.494747] should_fail.cold+0x5/0xa [ 2173.495198] ? create_object.isra.0+0x3a/0xa20 [ 2173.495738] should_failslab+0x5/0x20 [ 2173.496194] kmem_cache_alloc+0x5b/0x310 [ 2173.496682] create_object.isra.0+0x3a/0xa20 [ 2173.497203] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2173.497810] __kmalloc_track_caller+0x177/0x370 [ 2173.498361] ? match_number+0xaf/0x1d0 [ 2173.498821] kmemdup_nul+0x2d/0xa0 [ 2173.499245] match_number+0xaf/0x1d0 [ 2173.499702] ? match_u64+0x190/0x190 [ 2173.500152] ? __kmalloc_track_caller+0x2c6/0x370 [ 2173.500740] ? memcpy+0x39/0x60 [ 2173.501137] parse_opts.part.0+0x1f3/0x340 [ 2173.501647] ? p9_fd_show_options+0x1c0/0x1c0 [ 2173.502184] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2173.502805] ? trace_hardirqs_on+0x5b/0x180 [ 2173.503318] ? kfree+0xd7/0x340 [ 2173.503713] p9_fd_create+0x98/0x4a0 [ 2173.504159] ? p9_conn_create+0x510/0x510 [ 2173.504647] ? p9_client_create+0x798/0x1230 [ 2173.505166] ? kfree+0xd7/0x340 [ 2173.505558] ? do_raw_spin_unlock+0x4f/0x220 [ 2173.506078] p9_client_create+0x7ff/0x1230 [ 2173.506584] ? p9_client_flush+0x430/0x430 [ 2173.507081] ? trace_hardirqs_on+0x5b/0x180 [ 2173.507590] ? lockdep_init_map_type+0x2c7/0x780 [ 2173.508149] ? __raw_spin_lock_init+0x36/0x110 [ 2173.508689] v9fs_session_init+0x1dd/0x1680 [ 2173.509200] ? lock_release+0x680/0x680 [ 2173.509683] ? kmem_cache_alloc_trace+0x151/0x320 [ 2173.510252] ? v9fs_show_options+0x690/0x690 [ 2173.510775] ? trace_hardirqs_on+0x5b/0x180 [ 2173.511283] ? kasan_unpoison_shadow+0x33/0x50 [ 2173.511817] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2173.512414] v9fs_mount+0x79/0x8f0 [ 2173.512835] ? v9fs_write_inode+0x60/0x60 [ 2173.513333] legacy_get_tree+0x105/0x220 [ 2173.513820] vfs_get_tree+0x8e/0x300 [ 2173.514257] path_mount+0x1429/0x2120 [ 2173.514709] ? strncpy_from_user+0x9e/0x470 [ 2173.515215] ? finish_automount+0xa90/0xa90 [ 2173.515724] ? getname_flags.part.0+0x1dd/0x4f0 [ 2173.516276] ? _copy_from_user+0xfb/0x1b0 [ 2173.516772] __x64_sys_mount+0x282/0x300 [ 2173.517256] ? copy_mnt_ns+0xa00/0xa00 [ 2173.517712] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2173.518327] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2173.518936] do_syscall_64+0x33/0x40 [ 2173.519379] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2173.519974] RIP: 0033:0x7fbe38921b19 [ 2173.520410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2173.522559] RSP: 002b:00007fbe35e97188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2173.523455] RAX: ffffffffffffffda RBX: 00007fbe38a34f60 RCX: 00007fbe38921b19 [ 2173.524294] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2173.525125] RBP: 00007fbe35e971d0 R08: 0000000020000280 R09: 0000000000000000 [ 2173.525969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2173.526803] R13: 00007ffe3610591f R14: 00007fbe35e97300 R15: 0000000000022000 02:59:17 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 29) 02:59:17 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x1020, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2173.611106] FAULT_INJECTION: forcing a failure. [ 2173.611106] name failslab, interval 1, probability 0, space 0, times 0 [ 2173.612577] CPU: 1 PID: 10288 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2173.613586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2173.614651] Call Trace: [ 2173.614996] dump_stack+0x107/0x167 [ 2173.615480] should_fail.cold+0x5/0xa [ 2173.615935] ? create_object.isra.0+0x3a/0xa20 [ 2173.616618] should_failslab+0x5/0x20 [ 2173.617120] kmem_cache_alloc+0x5b/0x310 [ 2173.617633] create_object.isra.0+0x3a/0xa20 [ 2173.618166] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2173.618788] __kmalloc_track_caller+0x177/0x370 [ 2173.619341] ? match_number+0xaf/0x1d0 [ 2173.619815] kmemdup_nul+0x2d/0xa0 [ 2173.620245] match_number+0xaf/0x1d0 [ 2173.620707] ? match_u64+0x190/0x190 [ 2173.621190] ? __kmalloc_track_caller+0x2c6/0x370 [ 2173.621918] ? memcpy+0x39/0x60 [ 2173.622306] parse_opts.part.0+0x1f3/0x340 [ 2173.622795] ? p9_fd_show_options+0x1c0/0x1c0 [ 2173.623326] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2173.624067] ? trace_hardirqs_on+0x5b/0x180 [ 2173.624726] ? kfree+0xd7/0x340 [ 2173.625109] p9_fd_create+0x98/0x4a0 [ 2173.625615] ? p9_conn_create+0x510/0x510 [ 2173.626193] ? p9_client_create+0x798/0x1230 [ 2173.626801] ? kfree+0xd7/0x340 [ 2173.627150] ? do_raw_spin_unlock+0x4f/0x220 [ 2173.627617] p9_client_create+0x7ff/0x1230 [ 2173.628069] ? p9_client_flush+0x430/0x430 [ 2173.628542] ? trace_hardirqs_on+0x5b/0x180 [ 2173.629035] ? lockdep_init_map_type+0x2c7/0x780 [ 2173.629598] ? __raw_spin_lock_init+0x36/0x110 [ 2173.630119] v9fs_session_init+0x1dd/0x1680 [ 2173.630606] ? lock_release+0x680/0x680 [ 2173.631069] ? kmem_cache_alloc_trace+0x151/0x320 [ 2173.631630] ? v9fs_show_options+0x690/0x690 [ 2173.632271] ? trace_hardirqs_on+0x5b/0x180 [ 2173.632770] ? kasan_unpoison_shadow+0x33/0x50 [ 2173.633295] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2173.633888] v9fs_mount+0x79/0x8f0 [ 2173.634295] ? v9fs_write_inode+0x60/0x60 [ 2173.634774] legacy_get_tree+0x105/0x220 [ 2173.635242] vfs_get_tree+0x8e/0x300 [ 2173.635665] path_mount+0x1429/0x2120 [ 2173.636105] ? strncpy_from_user+0x9e/0x470 [ 2173.636599] ? finish_automount+0xa90/0xa90 [ 2173.637097] ? getname_flags.part.0+0x1dd/0x4f0 [ 2173.637638] ? _copy_from_user+0xfb/0x1b0 [ 2173.638125] __x64_sys_mount+0x282/0x300 [ 2173.638601] ? copy_mnt_ns+0xa00/0xa00 [ 2173.639047] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2173.639654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2173.640245] do_syscall_64+0x33/0x40 [ 2173.640678] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2173.641285] RIP: 0033:0x7f96c0f0ab19 [ 2173.641727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2173.643874] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2173.644743] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2173.645572] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2173.646394] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2173.647214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2173.648039] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 02:59:31 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 02:59:31 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x42, &(0x7f0000000640)=@string={0x42, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb2"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:59:31 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xa00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 24) 02:59:31 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 30) 02:59:31 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff004) 02:59:31 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2187.480946] udc-core: couldn't find an available UDC or it's busy [ 2187.481927] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 02:59:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) (fail_nth: 30) [ 2187.505845] udc-core: couldn't find an available UDC or it's busy [ 2187.507585] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2187.514017] FAULT_INJECTION: forcing a failure. [ 2187.514017] name failslab, interval 1, probability 0, space 0, times 0 02:59:31 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xb00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2187.516835] CPU: 1 PID: 10304 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2187.518553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2187.520392] Call Trace: [ 2187.520989] dump_stack+0x107/0x167 [ 2187.521811] should_fail.cold+0x5/0xa [ 2187.522673] ? create_object.isra.0+0x3a/0xa20 [ 2187.523699] should_failslab+0x5/0x20 [ 2187.524557] kmem_cache_alloc+0x5b/0x310 [ 2187.525491] create_object.isra.0+0x3a/0xa20 [ 2187.526472] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2187.527616] __kmalloc_track_caller+0x177/0x370 [ 2187.528681] ? match_number+0xaf/0x1d0 [ 2187.529585] kmemdup_nul+0x2d/0xa0 [ 2187.530389] match_number+0xaf/0x1d0 [ 2187.531227] ? match_u64+0x190/0x190 [ 2187.532070] ? __kmalloc_track_caller+0x2c6/0x370 [ 2187.533162] ? memcpy+0x39/0x60 [ 2187.533933] parse_opts.part.0+0x1f3/0x340 [ 2187.534910] ? p9_fd_show_options+0x1c0/0x1c0 [ 2187.535965] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2187.537195] ? trace_hardirqs_on+0x5b/0x180 [ 2187.538211] ? kfree+0xd7/0x340 [ 2187.538988] p9_fd_create+0x98/0x4a0 [ 2187.539846] ? p9_conn_create+0x510/0x510 [ 2187.540796] ? p9_client_create+0x798/0x1230 [ 2187.541829] ? kfree+0xd7/0x340 02:59:31 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x42, &(0x7f0000000640)=@string={0x42, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb2"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2187.542588] ? do_raw_spin_unlock+0x4f/0x220 [ 2187.543812] p9_client_create+0x7ff/0x1230 [ 2187.544793] ? p9_client_flush+0x430/0x430 [ 2187.545769] ? trace_hardirqs_on+0x5b/0x180 [ 2187.546756] ? lockdep_init_map_type+0x2c7/0x780 [ 2187.547842] ? __raw_spin_lock_init+0x36/0x110 [ 2187.548893] v9fs_session_init+0x1dd/0x1680 [ 2187.549894] ? lock_release+0x680/0x680 [ 2187.550821] ? kmem_cache_alloc_trace+0x151/0x320 [ 2187.551930] ? v9fs_show_options+0x690/0x690 [ 2187.552977] ? trace_hardirqs_on+0x5b/0x180 [ 2187.553980] ? kasan_unpoison_shadow+0x33/0x50 [ 2187.555032] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2187.556200] v9fs_mount+0x79/0x8f0 [ 2187.557028] ? v9fs_write_inode+0x60/0x60 [ 2187.558000] legacy_get_tree+0x105/0x220 [ 2187.558967] vfs_get_tree+0x8e/0x300 [ 2187.559831] path_mount+0x1429/0x2120 [ 2187.560723] ? strncpy_from_user+0x9e/0x470 [ 2187.561748] ? finish_automount+0xa90/0xa90 [ 2187.562660] ? getname_flags.part.0+0x1dd/0x4f0 02:59:31 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1020, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2187.563632] ? _copy_from_user+0xfb/0x1b0 [ 2187.564811] __x64_sys_mount+0x282/0x300 [ 2187.565664] FAULT_INJECTION: forcing a failure. [ 2187.565664] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2187.568068] ? copy_mnt_ns+0xa00/0xa00 [ 2187.568891] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2187.569994] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2187.571094] do_syscall_64+0x33/0x40 [ 2187.571885] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2187.572976] RIP: 0033:0x7f96c0f0ab19 [ 2187.573777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2187.577665] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2187.579285] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2187.580807] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2187.582324] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2187.583812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2187.585326] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2187.586873] CPU: 0 PID: 10320 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2187.587773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2187.588792] Call Trace: [ 2187.589119] dump_stack+0x107/0x167 [ 2187.589574] should_fail.cold+0x5/0xa [ 2187.590047] __alloc_pages_nodemask+0x182/0x600 [ 2187.590623] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2187.591356] ? lock_acquire+0x197/0x470 [ 2187.591842] ? find_held_lock+0x2c/0x110 [ 2187.592347] ? jbd2_transaction_committed+0x111/0x150 [ 2187.592980] ? lock_downgrade+0x6d0/0x6d0 [ 2187.593499] ? ext4_map_blocks+0x87c/0x1910 [ 2187.594033] alloc_pages_current+0x187/0x280 [ 2187.594561] push_pipe+0x2b5/0x6d0 [ 2187.594990] iov_iter_zero+0x418/0xef0 [ 2187.595461] ? ext4_iomap_begin+0x1a0/0x700 [ 2187.595988] ? iov_iter_copy_from_user_atomic+0xdb0/0xdb0 [ 2187.596650] ? ext4_iomap_begin_report+0x5a0/0x5a0 [ 2187.597242] iomap_dio_actor+0x40f/0x560 [ 2187.597759] iomap_apply+0x289/0x810 [ 2187.598212] ? iomap_dio_rw+0x90/0x90 [ 2187.598688] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 2187.599409] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2187.600063] ? mark_held_locks+0x9e/0xe0 [ 2187.600575] ? filemap_check_errors+0xa5/0x150 [ 2187.601138] __iomap_dio_rw+0x6cd/0x1110 [ 2187.601645] ? iomap_dio_rw+0x90/0x90 [ 2187.602125] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2187.602689] ? down_read+0x10f/0x430 [ 2187.603145] ? lock_chain_count+0x20/0x20 [ 2187.603662] ? down_write+0x160/0x160 [ 2187.604133] iomap_dio_rw+0x31/0x90 [ 2187.604585] ext4_file_read_iter+0x2c7/0x4c0 [ 2187.605126] generic_file_splice_read+0x455/0x6d0 [ 2187.605728] ? pipe_to_user+0x170/0x170 [ 2187.606203] ? fsnotify_perm.part.0+0x22d/0x620 [ 2187.606748] ? security_file_permission+0xb1/0xe0 [ 2187.607343] ? pipe_to_user+0x170/0x170 [ 2187.607825] do_splice_to+0x10e/0x160 [ 2187.608294] splice_direct_to_actor+0x2fe/0x980 [ 2187.608873] ? pipe_to_sendpage+0x380/0x380 [ 2187.609416] ? do_splice_to+0x160/0x160 [ 2187.609904] ? security_file_permission+0xb1/0xe0 [ 2187.610699] do_splice_direct+0x1c4/0x290 [ 2187.611207] ? splice_direct_to_actor+0x980/0x980 [ 2187.611799] ? avc_policy_seqno+0x9/0x70 [ 2187.612298] ? security_file_permission+0xb1/0xe0 [ 2187.612881] do_sendfile+0x553/0x11e0 [ 2187.613358] ? do_pwritev+0x270/0x270 [ 2187.613832] ? wait_for_completion_io+0x270/0x270 [ 2187.614432] ? rcu_read_lock_any_held+0x75/0xa0 [ 2187.614994] ? vfs_write+0x354/0xb10 [ 2187.615455] __x64_sys_sendfile64+0x1d1/0x210 [ 2187.615998] ? __ia32_sys_sendfile+0x220/0x220 [ 2187.616548] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2187.617186] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2187.617809] do_syscall_64+0x33/0x40 [ 2187.618259] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2187.618890] RIP: 0033:0x7f32880cdb19 [ 2187.619344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2187.621578] RSP: 002b:00007f3285622188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2187.622501] RAX: ffffffffffffffda RBX: 00007f32881e1020 RCX: 00007f32880cdb19 [ 2187.623344] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2187.624226] RBP: 00007f32856221d0 R08: 0000000000000000 R09: 0000000000000000 [ 2187.625099] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2187.625947] R13: 00007ffca1cc64ef R14: 00007f3285622300 R15: 0000000000022000 02:59:31 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 02:59:31 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2010, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:45 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 02:59:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x2000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:45 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2e00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:45 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 31) 02:59:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff005) 02:59:45 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x42, &(0x7f0000000640)=@string={0x42, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb2"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:59:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 02:59:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 25) [ 2201.645439] udc-core: couldn't find an available UDC or it's busy [ 2201.646194] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2201.673904] FAULT_INJECTION: forcing a failure. [ 2201.673904] name failslab, interval 1, probability 0, space 0, times 0 [ 2201.675326] CPU: 1 PID: 10350 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2201.676136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2201.677110] Call Trace: [ 2201.677416] dump_stack+0x107/0x167 [ 2201.677837] should_fail.cold+0x5/0xa [ 2201.678270] ? create_object.isra.0+0x3a/0xa20 [ 2201.678793] should_failslab+0x5/0x20 [ 2201.679224] kmem_cache_alloc+0x5b/0x310 [ 2201.679688] create_object.isra.0+0x3a/0xa20 [ 2201.680189] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2201.680773] __kmalloc_track_caller+0x177/0x370 [ 2201.681301] ? match_number+0xaf/0x1d0 [ 2201.681760] kmemdup_nul+0x2d/0xa0 [ 2201.682165] match_number+0xaf/0x1d0 [ 2201.682582] ? match_u64+0x190/0x190 [ 2201.683004] ? __kmalloc_track_caller+0x2c6/0x370 [ 2201.683551] ? memcpy+0x39/0x60 [ 2201.683932] parse_opts.part.0+0x1f3/0x340 [ 2201.684415] ? p9_fd_show_options+0x1c0/0x1c0 [ 2201.684929] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2201.685517] ? trace_hardirqs_on+0x5b/0x180 [ 2201.686019] ? kfree+0xd7/0x340 [ 2201.686401] p9_fd_create+0x98/0x4a0 [ 2201.686824] ? p9_conn_create+0x510/0x510 [ 2201.687298] ? p9_client_create+0x798/0x1230 [ 2201.687788] ? kfree+0xd7/0x340 [ 2201.688154] ? do_raw_spin_unlock+0x4f/0x220 [ 2201.688649] p9_client_create+0x7ff/0x1230 [ 2201.689127] ? p9_client_flush+0x430/0x430 [ 2201.689620] ? trace_hardirqs_on+0x5b/0x180 [ 2201.690106] ? lockdep_init_map_type+0x2c7/0x780 [ 2201.690638] ? __raw_spin_lock_init+0x36/0x110 [ 2201.691163] v9fs_session_init+0x1dd/0x1680 [ 2201.691660] ? lock_release+0x680/0x680 [ 2201.692123] ? kmem_cache_alloc_trace+0x151/0x320 [ 2201.692670] ? v9fs_show_options+0x690/0x690 [ 2201.693164] ? trace_hardirqs_on+0x5b/0x180 [ 2201.693672] ? kasan_unpoison_shadow+0x33/0x50 [ 2201.694182] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2201.694758] v9fs_mount+0x79/0x8f0 [ 2201.695161] ? v9fs_write_inode+0x60/0x60 [ 2201.695631] legacy_get_tree+0x105/0x220 [ 2201.696088] vfs_get_tree+0x8e/0x300 [ 2201.696509] path_mount+0x1429/0x2120 [ 2201.696942] ? strncpy_from_user+0x9e/0x470 [ 2201.697425] ? finish_automount+0xa90/0xa90 [ 2201.697933] ? getname_flags.part.0+0x1dd/0x4f0 [ 2201.698456] ? _copy_from_user+0xfb/0x1b0 [ 2201.698929] __x64_sys_mount+0x282/0x300 [ 2201.699386] ? copy_mnt_ns+0xa00/0xa00 [ 2201.699826] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2201.700417] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2201.701002] do_syscall_64+0x33/0x40 [ 2201.701417] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2201.702001] RIP: 0033:0x7f96c0f0ab19 [ 2201.702426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2201.704564] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2201.705428] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2201.706259] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2201.707098] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2201.707936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2201.708745] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2201.709612] FAULT_INJECTION: forcing a failure. [ 2201.709612] name failslab, interval 1, probability 0, space 0, times 0 [ 2201.712523] CPU: 0 PID: 10356 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2201.714029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2201.715832] Call Trace: [ 2201.716405] dump_stack+0x107/0x167 [ 2201.717196] should_fail.cold+0x5/0xa [ 2201.718033] ? jbd2__journal_start+0x190/0x7e0 [ 2201.719028] should_failslab+0x5/0x20 [ 2201.719854] kmem_cache_alloc+0x5b/0x310 [ 2201.720744] jbd2__journal_start+0x190/0x7e0 [ 2201.721712] __ext4_journal_start_sb+0x214/0x390 [ 2201.722747] ext4_dirty_inode+0xbc/0x130 [ 2201.723627] ? ext4_setattr+0x20f0/0x20f0 [ 2201.724525] __mark_inode_dirty+0x492/0xd40 [ 2201.725468] touch_atime+0x5ea/0x6e0 [ 2201.726285] ? atime_needs_update+0x600/0x600 [ 2201.727277] ext4_file_read_iter+0x344/0x4c0 [ 2201.728239] generic_file_splice_read+0x455/0x6d0 [ 2201.729288] ? pipe_to_user+0x170/0x170 [ 2201.730174] ? fsnotify_perm.part.0+0x22d/0x620 [ 2201.731186] ? security_file_permission+0xb1/0xe0 [ 2201.732214] ? pipe_to_user+0x170/0x170 [ 2201.733062] do_splice_to+0x10e/0x160 [ 2201.733901] splice_direct_to_actor+0x2fe/0x980 [ 2201.734919] ? pipe_to_sendpage+0x380/0x380 [ 2201.735859] ? do_splice_to+0x160/0x160 [ 2201.736720] ? security_file_permission+0xb1/0xe0 [ 2201.737784] do_splice_direct+0x1c4/0x290 [ 2201.738686] ? splice_direct_to_actor+0x980/0x980 [ 2201.739737] ? avc_policy_seqno+0x9/0x70 [ 2201.740625] ? security_file_permission+0xb1/0xe0 [ 2201.741691] do_sendfile+0x553/0x11e0 [ 2201.742527] ? do_pwritev+0x270/0x270 [ 2201.743357] ? wait_for_completion_io+0x270/0x270 [ 2201.744368] ? rcu_read_lock_any_held+0x75/0xa0 [ 2201.745360] ? vfs_write+0x354/0xb10 [ 2201.746166] __x64_sys_sendfile64+0x1d1/0x210 [ 2201.747117] ? __ia32_sys_sendfile+0x220/0x220 [ 2201.748096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2201.749193] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2201.750285] do_syscall_64+0x33/0x40 [ 2201.751063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2201.752132] RIP: 0033:0x7f32880cdb19 [ 2201.752925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2201.756804] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2201.758433] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2201.759946] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2201.761458] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2201.762974] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2201.764510] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2201.774665] udc-core: couldn't find an available UDC or it's busy [ 2201.775465] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2201.816839] udc-core: couldn't find an available UDC or it's busy [ 2201.817734] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 02:59:45 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x62, &(0x7f0000000640)=@string={0x62, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d0228"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:59:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x3, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 02:59:45 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x3f00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x2010, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 02:59:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff006) 02:59:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 26) 02:59:45 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2201.989022] FAULT_INJECTION: forcing a failure. [ 2201.989022] name failslab, interval 1, probability 0, space 0, times 0 [ 2201.990577] CPU: 1 PID: 10382 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2201.991401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2201.992377] Call Trace: [ 2201.992686] dump_stack+0x107/0x167 [ 2201.993111] should_fail.cold+0x5/0xa [ 2201.993561] ? create_object.isra.0+0x3a/0xa20 [ 2201.994102] should_failslab+0x5/0x20 [ 2201.994561] kmem_cache_alloc+0x5b/0x310 [ 2201.995040] create_object.isra.0+0x3a/0xa20 [ 2201.995538] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2201.996124] kmem_cache_alloc+0x159/0x310 [ 2201.996614] jbd2__journal_start+0x190/0x7e0 [ 2201.997128] __ext4_journal_start_sb+0x214/0x390 [ 2201.997693] ext4_dirty_inode+0xbc/0x130 [ 2201.998167] ? ext4_setattr+0x20f0/0x20f0 [ 2201.998660] __mark_inode_dirty+0x492/0xd40 [ 2201.999171] touch_atime+0x5ea/0x6e0 [ 2201.999608] ? atime_needs_update+0x600/0x600 [ 2202.000153] ext4_file_read_iter+0x344/0x4c0 [ 2202.000665] generic_file_splice_read+0x455/0x6d0 [ 2202.001233] ? pipe_to_user+0x170/0x170 [ 2202.001705] ? fsnotify_perm.part.0+0x22d/0x620 [ 2202.002256] ? security_file_permission+0xb1/0xe0 [ 2202.002817] ? pipe_to_user+0x170/0x170 [ 2202.003275] do_splice_to+0x10e/0x160 [ 2202.003725] splice_direct_to_actor+0x2fe/0x980 [ 2202.004266] ? pipe_to_sendpage+0x380/0x380 [ 2202.004767] ? do_splice_to+0x160/0x160 [ 2202.005221] ? security_file_permission+0xb1/0xe0 [ 2202.005784] do_splice_direct+0x1c4/0x290 [ 2202.006277] ? splice_direct_to_actor+0x980/0x980 [ 2202.006852] ? avc_policy_seqno+0x9/0x70 [ 2202.007329] ? security_file_permission+0xb1/0xe0 [ 2202.007897] do_sendfile+0x553/0x11e0 [ 2202.008360] ? do_pwritev+0x270/0x270 [ 2202.008816] ? wait_for_completion_io+0x270/0x270 [ 2202.009390] ? rcu_read_lock_any_held+0x75/0xa0 [ 2202.009943] ? vfs_write+0x354/0xb10 [ 2202.010377] __x64_sys_sendfile64+0x1d1/0x210 [ 2202.010903] ? __ia32_sys_sendfile+0x220/0x220 [ 2202.011446] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2202.012043] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2202.012633] do_syscall_64+0x33/0x40 [ 2202.013068] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2202.013656] RIP: 0033:0x7f32880cdb19 [ 2202.014086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2202.016256] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2202.017138] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2202.017980] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2202.018803] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2202.019612] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2202.020425] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 02:59:58 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 02:59:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x2e00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2214.517033] FAULT_INJECTION: forcing a failure. [ 2214.517033] name failslab, interval 1, probability 0, space 0, times 0 [ 2214.518738] CPU: 1 PID: 10400 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2214.519600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.520599] Call Trace: [ 2214.520935] dump_stack+0x107/0x167 [ 2214.521395] should_fail.cold+0x5/0xa [ 2214.521888] ? p9_fd_create+0x161/0x4a0 [ 2214.522369] should_failslab+0x5/0x20 [ 2214.522842] kmem_cache_alloc_trace+0x55/0x320 [ 2214.523391] p9_fd_create+0x161/0x4a0 [ 2214.523861] ? p9_conn_create+0x510/0x510 [ 2214.524361] ? p9_client_create+0x798/0x1230 [ 2214.524738] udc-core: couldn't find an available UDC or it's busy [ 2214.524907] ? kfree+0xd7/0x340 [ 2214.524927] ? do_raw_spin_unlock+0x4f/0x220 [ 2214.526531] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2214.526729] p9_client_create+0x7ff/0x1230 [ 2214.529011] ? p9_client_flush+0x430/0x430 [ 2214.529535] ? trace_hardirqs_on+0x5b/0x180 [ 2214.530081] ? lockdep_init_map_type+0x2c7/0x780 [ 2214.530667] ? __raw_spin_lock_init+0x36/0x110 [ 2214.531238] v9fs_session_init+0x1dd/0x1680 [ 2214.531777] ? lock_release+0x680/0x680 [ 2214.532274] ? kmem_cache_alloc_trace+0x151/0x320 [ 2214.532868] ? v9fs_show_options+0x690/0x690 [ 2214.533416] ? trace_hardirqs_on+0x5b/0x180 [ 2214.533960] ? kasan_unpoison_shadow+0x33/0x50 [ 2214.534538] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2214.535158] v9fs_mount+0x79/0x8f0 [ 2214.535595] ? v9fs_write_inode+0x60/0x60 [ 2214.536106] legacy_get_tree+0x105/0x220 [ 2214.536607] vfs_get_tree+0x8e/0x300 [ 2214.537072] path_mount+0x1429/0x2120 [ 2214.537549] ? strncpy_from_user+0x9e/0x470 [ 2214.538088] ? finish_automount+0xa90/0xa90 [ 2214.538618] ? getname_flags.part.0+0x1dd/0x4f0 [ 2214.539201] ? _copy_from_user+0xfb/0x1b0 [ 2214.539717] __x64_sys_mount+0x282/0x300 [ 2214.540219] ? copy_mnt_ns+0xa00/0xa00 [ 2214.540706] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.541356] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.542012] do_syscall_64+0x33/0x40 [ 2214.542480] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.543116] RIP: 0033:0x7f96c0f0ab19 [ 2214.543583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.545894] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2214.546876] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2214.547800] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2214.548721] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2214.549651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2214.550585] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 02:59:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff007) 02:59:58 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 32) 02:59:58 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x62, &(0x7f0000000640)=@string={0x62, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d0228"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:59:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x5, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 02:59:58 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4084, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 27) [ 2214.556665] udc-core: couldn't find an available UDC or it's busy [ 2214.558157] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2214.567467] FAULT_INJECTION: forcing a failure. [ 2214.567467] name failslab, interval 1, probability 0, space 0, times 0 [ 2214.570070] CPU: 0 PID: 10402 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2214.571575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.573392] Call Trace: [ 2214.573981] dump_stack+0x107/0x167 [ 2214.574778] should_fail.cold+0x5/0xa [ 2214.575606] ? iter_file_splice_write+0x165/0xc90 [ 2214.576652] should_failslab+0x5/0x20 [ 2214.577476] __kmalloc+0x72/0x390 [ 2214.578239] iter_file_splice_write+0x165/0xc90 [ 2214.579261] ? generic_splice_sendpage+0x140/0x140 [ 2214.580320] ? pipe_to_user+0x170/0x170 [ 2214.581193] ? security_file_permission+0xb1/0xe0 [ 2214.582244] ? generic_splice_sendpage+0x140/0x140 [ 2214.583308] direct_splice_actor+0x10f/0x170 [ 2214.584258] splice_direct_to_actor+0x387/0x980 [ 2214.585264] ? pipe_to_sendpage+0x380/0x380 [ 2214.586213] ? do_splice_to+0x160/0x160 [ 2214.587071] ? security_file_permission+0xb1/0xe0 [ 2214.588123] do_splice_direct+0x1c4/0x290 [ 2214.589016] ? splice_direct_to_actor+0x980/0x980 [ 2214.590063] ? avc_policy_seqno+0x9/0x70 [ 2214.590942] ? security_file_permission+0xb1/0xe0 [ 2214.591991] do_sendfile+0x553/0x11e0 [ 2214.592827] ? do_pwritev+0x270/0x270 [ 2214.593653] ? wait_for_completion_io+0x270/0x270 [ 2214.594718] ? rcu_read_lock_any_held+0x75/0xa0 [ 2214.595882] ? vfs_write+0x354/0xb10 [ 2214.596689] __x64_sys_sendfile64+0x1d1/0x210 [ 2214.597649] ? __ia32_sys_sendfile+0x220/0x220 [ 2214.598645] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.599770] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.600878] do_syscall_64+0x33/0x40 [ 2214.601689] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.602791] RIP: 0033:0x7f32880cdb19 [ 2214.603589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.607550] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2214.609188] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2214.610726] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2214.612253] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2214.613787] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2214.615316] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 02:59:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x3f00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:58 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 33) 02:59:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 28) 02:59:58 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4800, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 02:59:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x6, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 02:59:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x4000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2214.721084] FAULT_INJECTION: forcing a failure. [ 2214.721084] name failslab, interval 1, probability 0, space 0, times 0 02:59:58 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x62, &(0x7f0000000640)=@string={0x62, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d0228"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2214.723820] CPU: 0 PID: 10416 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2214.725386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.727147] Call Trace: [ 2214.727700] dump_stack+0x107/0x167 [ 2214.728466] should_fail.cold+0x5/0xa [ 2214.729267] ? create_object.isra.0+0x3a/0xa20 [ 2214.730239] should_failslab+0x5/0x20 [ 2214.731037] kmem_cache_alloc+0x5b/0x310 [ 2214.731887] ? p9_fd_show_options+0x1c0/0x1c0 [ 2214.732830] create_object.isra.0+0x3a/0xa20 [ 2214.733760] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2214.734829] kmem_cache_alloc_trace+0x151/0x320 [ 2214.735814] p9_fd_create+0x161/0x4a0 [ 2214.736608] ? p9_conn_create+0x510/0x510 02:59:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff008) [ 2214.737482] ? p9_client_create+0x798/0x1230 [ 2214.738472] ? kfree+0xd7/0x340 [ 2214.739165] ? do_raw_spin_unlock+0x4f/0x220 [ 2214.740102] p9_client_create+0x7ff/0x1230 [ 2214.741002] ? p9_client_flush+0x430/0x430 [ 2214.741898] ? trace_hardirqs_on+0x5b/0x180 [ 2214.742805] ? lockdep_init_map_type+0x2c7/0x780 [ 2214.743798] ? __raw_spin_lock_init+0x36/0x110 [ 2214.744765] v9fs_session_init+0x1dd/0x1680 [ 2214.745679] ? lock_release+0x680/0x680 [ 2214.746522] ? kmem_cache_alloc_trace+0x151/0x320 [ 2214.747530] ? v9fs_show_options+0x690/0x690 [ 2214.748458] ? trace_hardirqs_on+0x5b/0x180 [ 2214.749369] ? kasan_unpoison_shadow+0x33/0x50 [ 2214.750335] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2214.751393] v9fs_mount+0x79/0x8f0 [ 2214.752136] ? v9fs_write_inode+0x60/0x60 [ 2214.753007] legacy_get_tree+0x105/0x220 [ 2214.753875] vfs_get_tree+0x8e/0x300 [ 2214.754658] path_mount+0x1429/0x2120 [ 2214.755466] ? strncpy_from_user+0x9e/0x470 [ 2214.756373] ? finish_automount+0xa90/0xa90 [ 2214.757279] ? getname_flags.part.0+0x1dd/0x4f0 [ 2214.758271] ? _copy_from_user+0xfb/0x1b0 [ 2214.759150] __x64_sys_mount+0x282/0x300 [ 2214.760001] ? copy_mnt_ns+0xa00/0xa00 [ 2214.760819] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.761931] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.763023] do_syscall_64+0x33/0x40 [ 2214.763807] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.764885] RIP: 0033:0x7f96c0f0ab19 [ 2214.765532] udc-core: couldn't find an available UDC or it's busy [ 2214.765680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.765695] RSP: 002b:00007f96be480188 EFLAGS: 00000246 [ 2214.766461] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2214.770284] ORIG_RAX: 00000000000000a5 [ 2214.773099] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2214.774623] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2214.776133] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2214.777640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2214.779147] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2214.938429] FAULT_INJECTION: forcing a failure. [ 2214.938429] name failslab, interval 1, probability 0, space 0, times 0 [ 2214.939945] CPU: 1 PID: 10435 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2214.940740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.941686] Call Trace: [ 2214.942009] dump_stack+0x107/0x167 [ 2214.942425] should_fail.cold+0x5/0xa [ 2214.942860] ? create_object.isra.0+0x3a/0xa20 [ 2214.943379] should_failslab+0x5/0x20 [ 2214.943813] kmem_cache_alloc+0x5b/0x310 [ 2214.944278] create_object.isra.0+0x3a/0xa20 [ 2214.944775] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2214.945364] __kmalloc+0x16e/0x390 [ 2214.945782] iter_file_splice_write+0x165/0xc90 [ 2214.946318] ? generic_splice_sendpage+0x140/0x140 [ 2214.946872] ? pipe_to_user+0x170/0x170 [ 2214.947338] ? security_file_permission+0xb1/0xe0 [ 2214.947888] ? generic_splice_sendpage+0x140/0x140 [ 2214.948447] direct_splice_actor+0x10f/0x170 [ 2214.948948] splice_direct_to_actor+0x387/0x980 [ 2214.949479] ? pipe_to_sendpage+0x380/0x380 [ 2214.949977] ? do_splice_to+0x160/0x160 [ 2214.950427] ? security_file_permission+0xb1/0xe0 [ 2214.950984] do_splice_direct+0x1c4/0x290 [ 2214.951460] ? splice_direct_to_actor+0x980/0x980 [ 2214.952006] ? avc_policy_seqno+0x9/0x70 [ 2214.952470] ? security_file_permission+0xb1/0xe0 [ 2214.953026] do_sendfile+0x553/0x11e0 [ 2214.953469] ? do_pwritev+0x270/0x270 [ 2214.953912] ? wait_for_completion_io+0x270/0x270 [ 2214.954463] ? rcu_read_lock_any_held+0x75/0xa0 [ 2214.954991] ? vfs_write+0x354/0xb10 [ 2214.955417] __x64_sys_sendfile64+0x1d1/0x210 [ 2214.955926] ? __ia32_sys_sendfile+0x220/0x220 [ 2214.956448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.957042] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.957630] do_syscall_64+0x33/0x40 [ 2214.958059] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.958644] RIP: 0033:0x7f32880cdb19 [ 2214.959067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.961158] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2214.962029] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2214.962837] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2214.963648] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2214.964454] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2214.965264] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:00:12 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:00:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x4084, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 29) 03:00:12 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff009) 03:00:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x7, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:12 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4c00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:12 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 34) 03:00:12 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x72, &(0x7f0000000640)=@string={0x72, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d4352"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2228.476167] udc-core: couldn't find an available UDC or it's busy [ 2228.477804] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2228.501650] FAULT_INJECTION: forcing a failure. [ 2228.501650] name failslab, interval 1, probability 0, space 0, times 0 [ 2228.504638] CPU: 0 PID: 10450 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2228.506185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2228.507208] udc-core: couldn't find an available UDC or it's busy [ 2228.508023] Call Trace: [ 2228.508064] dump_stack+0x107/0x167 [ 2228.508086] should_fail.cold+0x5/0xa [ 2228.508107] ? jbd2__journal_start+0x190/0x7e0 [ 2228.508129] should_failslab+0x5/0x20 [ 2228.508147] kmem_cache_alloc+0x5b/0x310 [ 2228.508172] jbd2__journal_start+0x190/0x7e0 [ 2228.509486] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2228.510000] __ext4_journal_start_sb+0x214/0x390 [ 2228.517627] ext4_dirty_inode+0xbc/0x130 [ 2228.518525] ? ext4_setattr+0x20f0/0x20f0 [ 2228.519426] __mark_inode_dirty+0x492/0xd40 [ 2228.520379] generic_update_time+0x21c/0x370 [ 2228.521346] file_update_time+0x43a/0x520 [ 2228.522271] ? evict_inodes+0x470/0x470 [ 2228.523143] ? down_write_killable+0x180/0x180 [ 2228.524139] ? __kernel_text_address+0x9/0x40 [ 2228.525122] file_modified+0x7d/0xa0 [ 2228.525943] ext4_buffered_write_iter+0xf9/0x4a0 [ 2228.526985] ext4_file_write_iter+0x3ab/0x1530 [ 2228.527982] ? stack_trace_save+0x8c/0xc0 [ 2228.528883] ? stack_trace_consume_entry+0x160/0x160 [ 2228.530007] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2228.531008] ? kasan_save_stack+0x32/0x40 [ 2228.531896] ? kasan_save_stack+0x1b/0x40 [ 2228.532792] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2228.533889] ? iter_file_splice_write+0x165/0xc90 [ 2228.534931] ? direct_splice_actor+0x10f/0x170 [ 2228.535919] ? splice_direct_to_actor+0x387/0x980 [ 2228.536956] ? do_splice_direct+0x1c4/0x290 [ 2228.537896] ? do_sendfile+0x553/0x11e0 [ 2228.538750] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2228.539744] ? do_syscall_64+0x33/0x40 [ 2228.540574] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2228.541724] do_iter_readv_writev+0x476/0x750 [ 2228.542693] ? new_sync_write+0x660/0x660 [ 2228.543584] ? avc_policy_seqno+0x9/0x70 [ 2228.544451] ? selinux_file_permission+0x92/0x520 [ 2228.545485] ? security_file_permission+0xb1/0xe0 [ 2228.546535] do_iter_write+0x191/0x700 [ 2228.547374] ? trace_hardirqs_on+0x5b/0x180 [ 2228.548310] vfs_iter_write+0x70/0xa0 [ 2228.549129] iter_file_splice_write+0x726/0xc90 [ 2228.550189] ? generic_splice_sendpage+0x140/0x140 [ 2228.551387] ? security_file_permission+0xb1/0xe0 [ 2228.552553] ? generic_splice_sendpage+0x140/0x140 [ 2228.553732] direct_splice_actor+0x10f/0x170 [ 2228.554804] splice_direct_to_actor+0x387/0x980 [ 2228.555928] ? pipe_to_sendpage+0x380/0x380 [ 2228.556967] ? do_splice_to+0x160/0x160 [ 2228.557928] ? security_file_permission+0xb1/0xe0 [ 2228.559096] do_splice_direct+0x1c4/0x290 [ 2228.560094] ? splice_direct_to_actor+0x980/0x980 [ 2228.561238] ? avc_policy_seqno+0x9/0x70 [ 2228.562348] ? security_file_permission+0xb1/0xe0 [ 2228.563516] do_sendfile+0x553/0x11e0 [ 2228.564445] ? do_pwritev+0x270/0x270 [ 2228.565354] ? wait_for_completion_io+0x270/0x270 [ 2228.566518] ? rcu_read_lock_any_held+0x75/0xa0 [ 2228.567621] ? vfs_write+0x354/0xb10 [ 2228.568513] __x64_sys_sendfile64+0x1d1/0x210 [ 2228.569580] ? __ia32_sys_sendfile+0x220/0x220 [ 2228.570683] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2228.571925] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2228.573152] do_syscall_64+0x33/0x40 03:00:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x4603, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2228.574042] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2228.575379] RIP: 0033:0x7f32880cdb19 [ 2228.576263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2228.580626] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2228.582551] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2228.584326] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2228.586074] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2228.587758] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2228.589444] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:00:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x8, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2228.602063] FAULT_INJECTION: forcing a failure. [ 2228.602063] name failslab, interval 1, probability 0, space 0, times 0 [ 2228.604769] CPU: 0 PID: 10459 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2228.606395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2228.608319] Call Trace: [ 2228.608934] dump_stack+0x107/0x167 [ 2228.609780] should_fail.cold+0x5/0xa [ 2228.610685] ? p9_client_prepare_req.part.0+0x3a/0xac0 [ 2228.611907] should_failslab+0x5/0x20 [ 2228.612790] kmem_cache_alloc+0x5b/0x310 [ 2228.613738] p9_client_prepare_req.part.0+0x3a/0xac0 [ 2228.614929] p9_client_rpc+0x220/0x1370 [ 2228.615852] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2228.617085] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2228.618327] ? pipe_poll+0x21b/0x800 [ 2228.619183] ? p9_fd_close+0x4a0/0x4a0 [ 2228.620083] ? wait_for_partner+0x3c0/0x3c0 [ 2228.621078] ? p9_fd_poll+0x1e0/0x2c0 [ 2228.621970] ? p9_fd_create+0x357/0x4a0 [ 2228.622887] ? p9_conn_create+0x510/0x510 [ 2228.623839] ? p9_client_create+0x798/0x1230 [ 2228.624845] ? kfree+0xd7/0x340 [ 2228.625597] ? do_raw_spin_unlock+0x4f/0x220 [ 2228.626619] p9_client_create+0xa76/0x1230 [ 2228.627598] ? p9_client_flush+0x430/0x430 [ 2228.628568] ? trace_hardirqs_on+0x5b/0x180 [ 2228.629558] ? lockdep_init_map_type+0x2c7/0x780 [ 2228.630653] ? __raw_spin_lock_init+0x36/0x110 [ 2228.631734] v9fs_session_init+0x1dd/0x1680 [ 2228.632787] ? lock_release+0x680/0x680 [ 2228.633765] ? kmem_cache_alloc_trace+0x151/0x320 [ 2228.634949] ? v9fs_show_options+0x690/0x690 [ 2228.636028] ? trace_hardirqs_on+0x5b/0x180 [ 2228.637072] ? kasan_unpoison_shadow+0x33/0x50 [ 2228.638140] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2228.639308] v9fs_mount+0x79/0x8f0 [ 2228.640131] ? v9fs_write_inode+0x60/0x60 [ 2228.641086] legacy_get_tree+0x105/0x220 [ 2228.642040] vfs_get_tree+0x8e/0x300 [ 2228.642899] path_mount+0x1429/0x2120 [ 2228.643780] ? strncpy_from_user+0x9e/0x470 [ 2228.644765] ? finish_automount+0xa90/0xa90 [ 2228.645761] ? getname_flags.part.0+0x1dd/0x4f0 [ 2228.646837] ? _copy_from_user+0xfb/0x1b0 [ 2228.647798] __x64_sys_mount+0x282/0x300 [ 2228.648731] ? copy_mnt_ns+0xa00/0xa00 [ 2228.649629] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2228.650844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2228.652033] do_syscall_64+0x33/0x40 [ 2228.652889] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2228.654086] RIP: 0033:0x7f96c0f0ab19 [ 2228.654943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2228.659215] RSP: 002b:00007f96be45f188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2228.660965] RAX: ffffffffffffffda RBX: 00007f96c101e020 RCX: 00007f96c0f0ab19 [ 2228.662621] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2228.664260] RBP: 00007f96be45f1d0 R08: 0000000020000280 R09: 0000000000000000 [ 2228.665909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2228.667547] R13: 00007ffd1e2c8abf R14: 00007f96be45f300 R15: 0000000000022000 03:00:12 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x72, &(0x7f0000000640)=@string={0x72, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d4352"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:00:12 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff00a) 03:00:12 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x6800, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x9, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x4800, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2228.811178] udc-core: couldn't find an available UDC or it's busy [ 2228.812338] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:00:12 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 35) [ 2228.890912] FAULT_INJECTION: forcing a failure. [ 2228.890912] name failslab, interval 1, probability 0, space 0, times 0 [ 2228.893797] CPU: 0 PID: 10485 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2228.895457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2228.897358] Call Trace: [ 2228.897982] dump_stack+0x107/0x167 [ 2228.898821] should_fail.cold+0x5/0xa [ 2228.899696] ? create_object.isra.0+0x3a/0xa20 [ 2228.900746] should_failslab+0x5/0x20 [ 2228.901619] kmem_cache_alloc+0x5b/0x310 [ 2228.902569] create_object.isra.0+0x3a/0xa20 [ 2228.903573] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2228.904741] kmem_cache_alloc+0x159/0x310 [ 2228.905702] p9_client_prepare_req.part.0+0x3a/0xac0 [ 2228.906886] p9_client_rpc+0x220/0x1370 [ 2228.907799] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2228.909016] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2228.910256] ? pipe_poll+0x21b/0x800 [ 2228.911106] ? p9_fd_close+0x4a0/0x4a0 [ 2228.912002] ? wait_for_partner+0x3c0/0x3c0 [ 2228.912991] ? p9_fd_poll+0x1e0/0x2c0 [ 2228.913879] ? p9_fd_create+0x357/0x4a0 [ 2228.914788] ? p9_conn_create+0x510/0x510 [ 2228.915739] ? p9_client_create+0x798/0x1230 [ 2228.916745] ? kfree+0xd7/0x340 [ 2228.917503] ? do_raw_spin_unlock+0x4f/0x220 [ 2228.918526] p9_client_create+0xa76/0x1230 [ 2228.919509] ? p9_client_flush+0x430/0x430 [ 2228.920482] ? trace_hardirqs_on+0x5b/0x180 [ 2228.921475] ? lockdep_init_map_type+0x2c7/0x780 [ 2228.922573] ? __raw_spin_lock_init+0x36/0x110 [ 2228.923629] v9fs_session_init+0x1dd/0x1680 [ 2228.924626] ? lock_release+0x680/0x680 [ 2228.925549] ? kmem_cache_alloc_trace+0x151/0x320 [ 2228.926661] ? v9fs_show_options+0x690/0x690 [ 2228.927680] ? trace_hardirqs_on+0x5b/0x180 [ 2228.928670] ? kasan_unpoison_shadow+0x33/0x50 [ 2228.929718] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2228.930894] v9fs_mount+0x79/0x8f0 [ 2228.931708] ? v9fs_write_inode+0x60/0x60 [ 2228.932664] legacy_get_tree+0x105/0x220 [ 2228.933597] vfs_get_tree+0x8e/0x300 [ 2228.934457] path_mount+0x1429/0x2120 [ 2228.935342] ? strncpy_from_user+0x9e/0x470 [ 2228.936331] ? finish_automount+0xa90/0xa90 [ 2228.937321] ? getname_flags.part.0+0x1dd/0x4f0 [ 2228.938398] ? _copy_from_user+0xfb/0x1b0 [ 2228.939358] __x64_sys_mount+0x282/0x300 [ 2228.940289] ? copy_mnt_ns+0xa00/0xa00 [ 2228.941189] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2228.942399] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2228.943582] do_syscall_64+0x33/0x40 [ 2228.944437] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2228.945615] RIP: 0033:0x7f96c0f0ab19 [ 2228.946479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2228.950711] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2228.952458] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2228.954105] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2228.955744] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2228.957386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2228.959028] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:00:26 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e1399"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:00:26 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 36) 03:00:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x4c00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:26 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x72, &(0x7f0000000640)=@string={0x72, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d4352"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:00:26 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x6c00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 30) 03:00:26 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff00b) 03:00:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xa, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2242.401153] udc-core: couldn't find an available UDC or it's busy [ 2242.402333] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2242.404766] udc-core: couldn't find an available UDC or it's busy [ 2242.405722] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2242.435748] FAULT_INJECTION: forcing a failure. [ 2242.435748] name failslab, interval 1, probability 0, space 0, times 0 [ 2242.439016] CPU: 1 PID: 10507 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2242.440888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2242.443103] Call Trace: [ 2242.443816] dump_stack+0x107/0x167 [ 2242.444805] should_fail.cold+0x5/0xa [ 2242.445834] ? create_object.isra.0+0x3a/0xa20 [ 2242.447070] should_failslab+0x5/0x20 [ 2242.448028] kmem_cache_alloc+0x5b/0x310 [ 2242.448912] ? igrab+0xc0/0xc0 [ 2242.449617] create_object.isra.0+0x3a/0xa20 [ 2242.450580] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2242.451688] __kmalloc+0x16e/0x390 [ 2242.452471] iter_file_splice_write+0x165/0xc90 [ 2242.453516] ? generic_splice_sendpage+0x140/0x140 [ 2242.454595] ? pipe_to_user+0x170/0x170 [ 2242.455462] ? trace_hardirqs_on+0x5b/0x180 [ 2242.456407] ? generic_splice_sendpage+0x140/0x140 [ 2242.457470] direct_splice_actor+0x10f/0x170 [ 2242.458433] splice_direct_to_actor+0x387/0x980 [ 2242.459438] ? pipe_to_sendpage+0x380/0x380 [ 2242.460369] ? do_splice_to+0x160/0x160 [ 2242.461248] ? security_file_permission+0xb1/0xe0 [ 2242.462312] do_splice_direct+0x1c4/0x290 [ 2242.463209] ? splice_direct_to_actor+0x980/0x980 [ 2242.464243] ? avc_policy_seqno+0x9/0x70 [ 2242.465139] ? security_file_permission+0xb1/0xe0 [ 2242.466204] do_sendfile+0x553/0x11e0 [ 2242.467025] ? do_pwritev+0x270/0x270 [ 2242.467833] ? wait_for_completion_io+0x270/0x270 [ 2242.468879] ? rcu_read_lock_any_held+0x75/0xa0 [ 2242.469920] ? vfs_write+0x354/0xb10 [ 2242.470732] __x64_sys_sendfile64+0x1d1/0x210 [ 2242.471716] ? __ia32_sys_sendfile+0x220/0x220 [ 2242.472728] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2242.473057] FAULT_INJECTION: forcing a failure. [ 2242.473057] name failslab, interval 1, probability 0, space 0, times 0 [ 2242.473898] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2242.473931] do_syscall_64+0x33/0x40 [ 2242.473951] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2242.473983] RIP: 0033:0x7f32880cdb19 [ 2242.474004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2242.474015] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2242.474037] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2242.474056] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2242.488215] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2242.489760] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2242.491318] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2242.492876] CPU: 0 PID: 10501 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2242.493908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2242.495111] Call Trace: [ 2242.495490] dump_stack+0x107/0x167 [ 2242.496029] should_fail.cold+0x5/0xa [ 2242.496587] ? p9_fcall_init+0x97/0x290 [ 2242.497164] should_failslab+0x5/0x20 [ 2242.497724] __kmalloc+0x72/0x390 [ 2242.498242] p9_fcall_init+0x97/0x290 [ 2242.498792] p9_client_prepare_req.part.0+0x8c/0xac0 [ 2242.499540] p9_client_rpc+0x220/0x1370 [ 2242.500129] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2242.500890] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2242.501658] ? pipe_poll+0x21b/0x800 [ 2242.502208] ? p9_fd_close+0x4a0/0x4a0 [ 2242.502775] ? wait_for_partner+0x3c0/0x3c0 [ 2242.503380] ? p9_fd_poll+0x1e0/0x2c0 [ 2242.503940] ? p9_fd_create+0x357/0x4a0 [ 2242.504512] ? p9_conn_create+0x510/0x510 [ 2242.505116] ? p9_client_create+0x798/0x1230 [ 2242.505754] ? kfree+0xd7/0x340 [ 2242.506240] ? do_raw_spin_unlock+0x4f/0x220 [ 2242.506879] p9_client_create+0xa76/0x1230 [ 2242.507502] ? p9_client_flush+0x430/0x430 [ 2242.508111] ? trace_hardirqs_on+0x5b/0x180 [ 2242.508738] ? lockdep_init_map_type+0x2c7/0x780 [ 2242.509423] ? __raw_spin_lock_init+0x36/0x110 [ 2242.510102] v9fs_session_init+0x1dd/0x1680 [ 2242.510727] ? lock_release+0x680/0x680 [ 2242.511309] ? kmem_cache_alloc_trace+0x151/0x320 [ 2242.512012] ? v9fs_show_options+0x690/0x690 [ 2242.512660] ? trace_hardirqs_on+0x5b/0x180 [ 2242.513288] ? kasan_unpoison_shadow+0x33/0x50 [ 2242.513941] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2242.514689] v9fs_mount+0x79/0x8f0 [ 2242.515204] ? v9fs_write_inode+0x60/0x60 [ 2242.515795] legacy_get_tree+0x105/0x220 [ 2242.516387] vfs_get_tree+0x8e/0x300 [ 2242.516926] path_mount+0x1429/0x2120 [ 2242.517487] ? strncpy_from_user+0x9e/0x470 [ 2242.518117] ? finish_automount+0xa90/0xa90 [ 2242.518742] ? getname_flags.part.0+0x1dd/0x4f0 [ 2242.519416] ? _copy_from_user+0xfb/0x1b0 [ 2242.520027] __x64_sys_mount+0x282/0x300 [ 2242.520621] ? copy_mnt_ns+0xa00/0xa00 [ 2242.521397] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2242.522158] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2242.522906] do_syscall_64+0x33/0x40 [ 2242.523427] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2242.524168] RIP: 0033:0x7f96c0f0ab19 [ 2242.524687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2242.527310] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2242.528366] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2242.529376] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2242.530376] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2242.531372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2242.532361] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:00:26 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x7a, &(0x7f0000000640)=@string={0x7a, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2242.562354] udc-core: couldn't find an available UDC or it's busy [ 2242.563524] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:00:26 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xb, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x6800, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:26 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff00c) 03:00:26 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x7400, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x6c00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 31) 03:00:26 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x7a, &(0x7f0000000640)=@string={0x7a, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2242.746129] udc-core: couldn't find an available UDC or it's busy [ 2242.748076] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2242.799166] FAULT_INJECTION: forcing a failure. [ 2242.799166] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2242.802606] CPU: 1 PID: 10535 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2242.804174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2242.806057] Call Trace: [ 2242.806660] dump_stack+0x107/0x167 [ 2242.807491] should_fail.cold+0x5/0xa [ 2242.808360] __alloc_pages_nodemask+0x182/0x600 [ 2242.809423] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2242.810808] ? find_get_entry+0x2c8/0x740 [ 2242.811759] ? __kasan_slab_free+0x122/0x160 [ 2242.812778] alloc_pages_current+0x187/0x280 [ 2242.813785] __page_cache_alloc+0x2d2/0x360 [ 2242.814799] pagecache_get_page+0x2c7/0xc80 [ 2242.815789] ? ext4_expand_extra_isize+0x5a0/0x5a0 [ 2242.816922] grab_cache_page_write_begin+0x64/0xa0 [ 2242.818061] ext4_da_write_begin+0x2f3/0xd40 [ 2242.819080] ? ext4_write_begin+0x10f0/0x10f0 [ 2242.820103] ? copyout_mc+0x140/0x140 [ 2242.820985] ? ext4_dirty_inode+0x107/0x130 [ 2242.821985] ? __mark_inode_dirty+0x12e/0xd40 [ 2242.823021] generic_perform_write+0x20a/0x4f0 [ 2242.824083] ? page_cache_prev_miss+0x310/0x310 [ 2242.825154] ? down_write_killable+0x180/0x180 [ 2242.826231] ext4_buffered_write_iter+0x232/0x4a0 [ 2242.827353] ext4_file_write_iter+0x3ab/0x1530 [ 2242.828409] ? stack_trace_save+0x8c/0xc0 [ 2242.829326] ? stack_trace_consume_entry+0x160/0x160 [ 2242.830484] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2242.831530] ? kasan_save_stack+0x32/0x40 [ 2242.832480] ? kasan_save_stack+0x1b/0x40 [ 2242.833429] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2242.834602] ? iter_file_splice_write+0x165/0xc90 [ 2242.835708] ? direct_splice_actor+0x10f/0x170 [ 2242.836768] ? splice_direct_to_actor+0x387/0x980 [ 2242.837896] ? do_splice_direct+0x1c4/0x290 [ 2242.838899] ? do_sendfile+0x553/0x11e0 [ 2242.839820] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2242.840903] ? do_syscall_64+0x33/0x40 [ 2242.841807] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2242.843054] do_iter_readv_writev+0x476/0x750 [ 2242.844104] ? new_sync_write+0x660/0x660 [ 2242.845068] ? avc_policy_seqno+0x9/0x70 [ 2242.846014] ? selinux_file_permission+0x92/0x520 [ 2242.847143] ? security_file_permission+0xb1/0xe0 [ 2242.848283] do_iter_write+0x191/0x700 [ 2242.849199] ? trace_hardirqs_on+0x5b/0x180 [ 2242.850223] vfs_iter_write+0x70/0xa0 [ 2242.851111] iter_file_splice_write+0x726/0xc90 [ 2242.852223] ? generic_splice_sendpage+0x140/0x140 [ 2242.853402] ? security_file_permission+0xb1/0xe0 [ 2242.854563] ? generic_splice_sendpage+0x140/0x140 [ 2242.855729] direct_splice_actor+0x10f/0x170 [ 2242.856790] splice_direct_to_actor+0x387/0x980 [ 2242.857935] ? pipe_to_sendpage+0x380/0x380 [ 2242.858977] ? do_splice_to+0x160/0x160 [ 2242.859929] ? security_file_permission+0xb1/0xe0 [ 2242.861108] do_splice_direct+0x1c4/0x290 [ 2242.862109] ? splice_direct_to_actor+0x980/0x980 [ 2242.863257] ? avc_policy_seqno+0x9/0x70 [ 2242.864238] ? security_file_permission+0xb1/0xe0 [ 2242.865398] do_sendfile+0x553/0x11e0 [ 2242.866281] ? do_pwritev+0x270/0x270 [ 2242.867081] ? wait_for_completion_io+0x270/0x270 [ 2242.868094] ? rcu_read_lock_any_held+0x75/0xa0 [ 2242.869065] ? vfs_write+0x354/0xb10 [ 2242.869837] __x64_sys_sendfile64+0x1d1/0x210 [ 2242.870784] ? __ia32_sys_sendfile+0x220/0x220 [ 2242.871741] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2242.872843] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2242.873929] do_syscall_64+0x33/0x40 [ 2242.874721] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2242.875809] RIP: 0033:0x7f32880cdb19 [ 2242.876589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2242.880487] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2242.882107] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2242.883629] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2242.885156] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2242.886700] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2242.888212] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:00:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 32) 03:00:39 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x7400, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:39 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e1399"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:00:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x10, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:39 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x7a00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:39 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x7a, &(0x7f0000000640)=@string={0x7a, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:00:39 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 37) 03:00:39 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff00d) [ 2255.642425] udc-core: couldn't find an available UDC or it's busy [ 2255.643549] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2255.644556] FAULT_INJECTION: forcing a failure. [ 2255.644556] name failslab, interval 1, probability 0, space 0, times 0 [ 2255.646402] CPU: 0 PID: 10558 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2255.647376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2255.648530] Call Trace: [ 2255.648900] dump_stack+0x107/0x167 [ 2255.649411] should_fail.cold+0x5/0xa [ 2255.649941] ? create_object.isra.0+0x3a/0xa20 [ 2255.650586] should_failslab+0x5/0x20 [ 2255.651115] kmem_cache_alloc+0x5b/0x310 [ 2255.651683] create_object.isra.0+0x3a/0xa20 [ 2255.652292] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2255.652997] __kmalloc+0x16e/0x390 [ 2255.653494] p9_fcall_init+0x97/0x290 [ 2255.654020] p9_client_prepare_req.part.0+0x8c/0xac0 [ 2255.654719] p9_client_rpc+0x220/0x1370 [ 2255.655261] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2255.655963] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2255.656687] ? pipe_poll+0x21b/0x800 [ 2255.657178] ? p9_fd_close+0x4a0/0x4a0 [ 2255.657706] ? wait_for_partner+0x3c0/0x3c0 [ 2255.658291] ? p9_fd_poll+0x1e0/0x2c0 [ 2255.658810] ? p9_fd_create+0x357/0x4a0 03:00:39 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xda00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2255.659364] ? p9_conn_create+0x510/0x510 [ 2255.660057] ? p9_client_create+0x798/0x1230 [ 2255.660670] ? kfree+0xd7/0x340 [ 2255.661128] ? do_raw_spin_unlock+0x4f/0x220 [ 2255.661741] p9_client_create+0xa76/0x1230 [ 2255.662345] ? p9_client_flush+0x430/0x430 [ 2255.662933] ? trace_hardirqs_on+0x5b/0x180 [ 2255.663529] ? lockdep_init_map_type+0x2c7/0x780 [ 2255.664182] ? __raw_spin_lock_init+0x36/0x110 [ 2255.664815] v9fs_session_init+0x1dd/0x1680 [ 2255.665410] ? lock_release+0x680/0x680 [ 2255.665962] ? kmem_cache_alloc_trace+0x151/0x320 [ 2255.666627] ? v9fs_show_options+0x690/0x690 [ 2255.667226] ? trace_hardirqs_on+0x5b/0x180 [ 2255.667807] ? kasan_unpoison_shadow+0x33/0x50 [ 2255.668431] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2255.669121] v9fs_mount+0x79/0x8f0 [ 2255.669613] ? v9fs_write_inode+0x60/0x60 [ 2255.670176] legacy_get_tree+0x105/0x220 [ 2255.670738] vfs_get_tree+0x8e/0x300 [ 2255.671234] path_mount+0x1429/0x2120 [ 2255.671765] ? strncpy_from_user+0x9e/0x470 [ 2255.672360] ? finish_automount+0xa90/0xa90 [ 2255.672936] ? getname_flags.part.0+0x1dd/0x4f0 [ 2255.673579] ? _copy_from_user+0xfb/0x1b0 [ 2255.674164] __x64_sys_mount+0x282/0x300 [ 2255.674724] ? copy_mnt_ns+0xa00/0xa00 [ 2255.675267] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2255.675991] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2255.676704] do_syscall_64+0x33/0x40 [ 2255.677219] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2255.677926] RIP: 0033:0x7f96c0f0ab19 [ 2255.678430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2255.680971] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2255.682013] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2255.683011] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2255.683976] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2255.684962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2255.685922] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2255.687976] FAULT_INJECTION: forcing a failure. [ 2255.687976] name failslab, interval 1, probability 0, space 0, times 0 [ 2255.689501] CPU: 0 PID: 10546 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2255.690443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2255.691571] Call Trace: [ 2255.691925] dump_stack+0x107/0x167 [ 2255.692417] should_fail.cold+0x5/0xa [ 2255.692944] ? jbd2__journal_start+0x190/0x7e0 [ 2255.693572] should_failslab+0x5/0x20 [ 2255.694102] kmem_cache_alloc+0x5b/0x310 [ 2255.694657] jbd2__journal_start+0x190/0x7e0 [ 2255.695262] __ext4_journal_start_sb+0x214/0x390 [ 2255.696047] ext4_da_write_begin+0x51f/0xd40 [ 2255.696698] ? ext4_write_begin+0x10f0/0x10f0 [ 2255.697429] ? copyout_mc+0x140/0x140 [ 2255.697978] ? ext4_dirty_inode+0x107/0x130 [ 2255.698710] ? __mark_inode_dirty+0x12e/0xd40 [ 2255.699455] generic_perform_write+0x20a/0x4f0 [ 2255.700226] ? page_cache_prev_miss+0x310/0x310 [ 2255.700986] ? down_write_killable+0x180/0x180 [ 2255.701757] ext4_buffered_write_iter+0x232/0x4a0 [ 2255.702568] ext4_file_write_iter+0x3ab/0x1530 [ 2255.703287] ? stack_trace_save+0x8c/0xc0 [ 2255.703900] ? stack_trace_consume_entry+0x160/0x160 [ 2255.704614] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2255.705241] ? kasan_save_stack+0x32/0x40 [ 2255.705787] ? kasan_save_stack+0x1b/0x40 [ 2255.706368] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2255.707038] ? iter_file_splice_write+0x165/0xc90 [ 2255.707709] ? direct_splice_actor+0x10f/0x170 [ 2255.708338] ? splice_direct_to_actor+0x387/0x980 [ 2255.708976] ? do_splice_direct+0x1c4/0x290 [ 2255.709568] ? do_sendfile+0x553/0x11e0 [ 2255.710122] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2255.710761] ? do_syscall_64+0x33/0x40 [ 2255.711298] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2255.712037] do_iter_readv_writev+0x476/0x750 [ 2255.712662] ? new_sync_write+0x660/0x660 [ 2255.713231] ? avc_policy_seqno+0x9/0x70 [ 2255.713788] ? selinux_file_permission+0x92/0x520 [ 2255.714458] ? security_file_permission+0xb1/0xe0 [ 2255.715126] do_iter_write+0x191/0x700 [ 2255.715661] ? trace_hardirqs_on+0x5b/0x180 [ 2255.716258] vfs_iter_write+0x70/0xa0 [ 2255.716781] iter_file_splice_write+0x726/0xc90 [ 2255.717430] ? generic_splice_sendpage+0x140/0x140 [ 2255.718121] ? security_file_permission+0xb1/0xe0 [ 2255.718789] ? generic_splice_sendpage+0x140/0x140 [ 2255.719466] direct_splice_actor+0x10f/0x170 [ 2255.720073] splice_direct_to_actor+0x387/0x980 [ 2255.720717] ? pipe_to_sendpage+0x380/0x380 [ 2255.721314] ? do_splice_to+0x160/0x160 [ 2255.721862] ? security_file_permission+0xb1/0xe0 [ 2255.722550] do_splice_direct+0x1c4/0x290 [ 2255.723134] ? splice_direct_to_actor+0x980/0x980 [ 2255.723807] ? avc_policy_seqno+0x9/0x70 [ 2255.724369] ? security_file_permission+0xb1/0xe0 [ 2255.725038] do_sendfile+0x553/0x11e0 [ 2255.725570] ? do_pwritev+0x270/0x270 [ 2255.726103] ? wait_for_completion_io+0x270/0x270 [ 2255.726770] ? rcu_read_lock_any_held+0x75/0xa0 [ 2255.727411] ? vfs_write+0x354/0xb10 [ 2255.727918] __x64_sys_sendfile64+0x1d1/0x210 [ 2255.728598] ? __ia32_sys_sendfile+0x220/0x220 [ 2255.729243] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2255.729967] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2255.730700] do_syscall_64+0x33/0x40 [ 2255.731271] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2255.732068] RIP: 0033:0x7f32880cdb19 [ 2255.732573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2255.735063] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2255.736082] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2255.737049] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2255.738004] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2255.738959] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2255.739918] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:00:39 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xedc0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:39 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x7e, &(0x7f0000000640)=@string={0x7e, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:00:39 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2e, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:39 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xfd03, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:39 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x7a00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:39 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 33) 03:00:39 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff00e) 03:00:39 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x7e, &(0x7f0000000640)=@string={0x7e, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:00:39 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 38) [ 2255.894919] FAULT_INJECTION: forcing a failure. [ 2255.894919] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2255.896538] CPU: 1 PID: 10586 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2255.897373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2255.898382] Call Trace: [ 2255.898699] dump_stack+0x107/0x167 [ 2255.899128] should_fail.cold+0x5/0xa [ 2255.899582] __alloc_pages_nodemask+0x182/0x600 [ 2255.900132] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2255.900858] ? find_get_entry+0x2c8/0x740 [ 2255.901324] ? __kasan_slab_free+0x122/0x160 [ 2255.901831] alloc_pages_current+0x187/0x280 [ 2255.902368] __page_cache_alloc+0x2d2/0x360 [ 2255.902859] pagecache_get_page+0x2c7/0xc80 [ 2255.903373] ? ext4_expand_extra_isize+0x5a0/0x5a0 [ 2255.903927] grab_cache_page_write_begin+0x64/0xa0 [ 2255.904499] ext4_da_write_begin+0x2f3/0xd40 [ 2255.905000] ? ext4_write_begin+0x10f0/0x10f0 [ 2255.905522] ? copyout_mc+0x140/0x140 [ 2255.905969] ? ext4_dirty_inode+0x107/0x130 [ 2255.906507] ? __mark_inode_dirty+0x12e/0xd40 [ 2255.907018] generic_perform_write+0x20a/0x4f0 [ 2255.907570] ? page_cache_prev_miss+0x310/0x310 [ 2255.908098] ? down_write_killable+0x180/0x180 [ 2255.908652] ext4_buffered_write_iter+0x232/0x4a0 [ 2255.909239] ext4_file_write_iter+0x3ab/0x1530 [ 2255.909755] ? stack_trace_save+0x8c/0xc0 [ 2255.910257] ? stack_trace_consume_entry+0x160/0x160 [ 2255.910837] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2255.911380] ? kasan_save_stack+0x32/0x40 [ 2255.911861] ? kasan_save_stack+0x1b/0x40 [ 2255.912340] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2255.912939] ? iter_file_splice_write+0x165/0xc90 [ 2255.913516] ? direct_splice_actor+0x10f/0x170 [ 2255.914048] ? splice_direct_to_actor+0x387/0x980 [ 2255.914652] ? do_splice_direct+0x1c4/0x290 [ 2255.915166] ? do_sendfile+0x553/0x11e0 [ 2255.915637] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2255.916194] ? do_syscall_64+0x33/0x40 [ 2255.916663] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2255.917309] do_iter_readv_writev+0x476/0x750 [ 2255.917487] udc-core: couldn't find an available UDC or it's busy [ 2255.917840] ? new_sync_write+0x660/0x660 [ 2255.918933] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2255.919336] ? avc_policy_seqno+0x9/0x70 [ 2255.919353] ? selinux_file_permission+0x92/0x520 [ 2255.921364] ? security_file_permission+0xb1/0xe0 [ 2255.921931] do_iter_write+0x191/0x700 [ 2255.922430] ? trace_hardirqs_on+0x5b/0x180 [ 2255.922940] vfs_iter_write+0x70/0xa0 [ 2255.923385] iter_file_splice_write+0x726/0xc90 [ 2255.923941] ? generic_splice_sendpage+0x140/0x140 [ 2255.924530] ? security_file_permission+0xb1/0xe0 [ 2255.925098] ? generic_splice_sendpage+0x140/0x140 [ 2255.925672] direct_splice_actor+0x10f/0x170 [ 2255.926200] splice_direct_to_actor+0x387/0x980 [ 2255.926750] ? pipe_to_sendpage+0x380/0x380 [ 2255.927263] ? do_splice_to+0x160/0x160 [ 2255.927729] ? security_file_permission+0xb1/0xe0 [ 2255.928293] do_splice_direct+0x1c4/0x290 [ 2255.928772] ? splice_direct_to_actor+0x980/0x980 [ 2255.929334] ? avc_policy_seqno+0x9/0x70 [ 2255.929807] ? security_file_permission+0xb1/0xe0 [ 2255.930404] do_sendfile+0x553/0x11e0 [ 2255.930857] ? do_pwritev+0x270/0x270 [ 2255.931302] ? wait_for_completion_io+0x270/0x270 [ 2255.931864] ? rcu_read_lock_any_held+0x75/0xa0 [ 2255.932406] ? vfs_write+0x354/0xb10 [ 2255.932854] __x64_sys_sendfile64+0x1d1/0x210 [ 2255.933381] ? __ia32_sys_sendfile+0x220/0x220 [ 2255.933915] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2255.934548] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2255.935148] do_syscall_64+0x33/0x40 [ 2255.935580] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2255.936186] RIP: 0033:0x7f32880cdb19 [ 2255.936625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2255.938793] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2255.939684] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2255.940520] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2255.941352] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2255.942205] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2255.943045] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2255.962897] FAULT_INJECTION: forcing a failure. [ 2255.962897] name failslab, interval 1, probability 0, space 0, times 0 [ 2255.964663] CPU: 0 PID: 10592 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2255.965583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2255.966696] Call Trace: [ 2255.967049] dump_stack+0x107/0x167 [ 2255.967538] should_fail.cold+0x5/0xa [ 2255.968033] ? p9_fcall_init+0x97/0x290 [ 2255.968543] should_failslab+0x5/0x20 [ 2255.969015] __kmalloc+0x72/0x390 [ 2255.969454] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2255.970115] p9_fcall_init+0x97/0x290 [ 2255.970602] p9_client_prepare_req.part.0+0xf4/0xac0 [ 2255.971252] p9_client_rpc+0x220/0x1370 [ 2255.971756] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2255.972429] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2255.973109] ? pipe_poll+0x21b/0x800 [ 2255.973581] ? p9_fd_close+0x4a0/0x4a0 [ 2255.974076] ? wait_for_partner+0x3c0/0x3c0 [ 2255.974632] ? p9_fd_poll+0x1e0/0x2c0 [ 2255.975118] ? p9_fd_create+0x357/0x4a0 [ 2255.975621] ? p9_conn_create+0x510/0x510 [ 2255.976146] ? p9_client_create+0x798/0x1230 [ 2255.976706] ? kfree+0xd7/0x340 [ 2255.977121] ? do_raw_spin_unlock+0x4f/0x220 [ 2255.977696] p9_client_create+0xa76/0x1230 [ 2255.978244] ? p9_client_flush+0x430/0x430 [ 2255.978792] ? trace_hardirqs_on+0x5b/0x180 [ 2255.979450] ? lockdep_init_map_type+0x2c7/0x780 [ 2255.980110] ? __raw_spin_lock_init+0x36/0x110 [ 2255.980696] v9fs_session_init+0x1dd/0x1680 [ 2255.981252] ? kmem_cache_alloc_trace+0x151/0x320 [ 2255.981868] ? v9fs_show_options+0x690/0x690 [ 2255.982444] ? trace_hardirqs_on+0x5b/0x180 [ 2255.982990] ? kasan_unpoison_shadow+0x33/0x50 [ 2255.983571] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2255.984217] v9fs_mount+0x79/0x8f0 [ 2255.984670] ? v9fs_write_inode+0x60/0x60 [ 2255.985198] legacy_get_tree+0x105/0x220 [ 2255.985715] vfs_get_tree+0x8e/0x300 [ 2255.986200] path_mount+0x1429/0x2120 [ 2255.986696] ? strncpy_from_user+0x9e/0x470 [ 2255.987244] ? finish_automount+0xa90/0xa90 [ 2255.987791] ? getname_flags.part.0+0x1dd/0x4f0 [ 2255.988379] ? _copy_from_user+0xfb/0x1b0 [ 2255.988905] __x64_sys_mount+0x282/0x300 [ 2255.989421] ? copy_mnt_ns+0xa00/0xa00 [ 2255.989913] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2255.990585] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2255.991237] do_syscall_64+0x33/0x40 [ 2255.991710] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2255.992357] RIP: 0033:0x7f96c0f0ab19 [ 2255.992833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2255.995183] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2255.996163] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2255.997071] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2255.997970] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2255.998892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2255.999792] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:00:51 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e1399"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:00:51 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xedc0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:51 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 39) 03:00:51 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xfeff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 34) 03:00:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x48, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:51 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x7e, &(0x7f0000000640)=@string={0x7e, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:00:51 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff00f) [ 2267.929881] udc-core: couldn't find an available UDC or it's busy [ 2267.931618] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2267.949508] udc-core: couldn't find an available UDC or it's busy [ 2267.951189] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2267.951567] FAULT_INJECTION: forcing a failure. [ 2267.951567] name failslab, interval 1, probability 0, space 0, times 0 [ 2267.955528] CPU: 1 PID: 10609 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2267.957143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2267.959112] Call Trace: [ 2267.959818] dump_stack+0x107/0x167 [ 2267.960648] should_fail.cold+0x5/0xa [ 2267.961509] ? jbd2__journal_start+0x190/0x7e0 [ 2267.962556] should_failslab+0x5/0x20 [ 2267.963404] kmem_cache_alloc+0x5b/0x310 [ 2267.964330] jbd2__journal_start+0x190/0x7e0 [ 2267.965416] __ext4_journal_start_sb+0x214/0x390 [ 2267.966502] ext4_da_write_begin+0x51f/0xd40 [ 2267.967509] ? ext4_write_begin+0x10f0/0x10f0 [ 2267.968519] ? copyout_mc+0x140/0x140 [ 2267.969362] ? ext4_dirty_inode+0x107/0x130 [ 2267.970336] ? __mark_inode_dirty+0x12e/0xd40 [ 2267.971360] generic_perform_write+0x20a/0x4f0 [ 2267.972562] ? page_cache_prev_miss+0x310/0x310 [ 2267.973590] ? down_write_killable+0x180/0x180 [ 2267.974641] ext4_buffered_write_iter+0x232/0x4a0 [ 2267.975790] ext4_file_write_iter+0x3ab/0x1530 [ 2267.976817] ? stack_trace_save+0x8c/0xc0 [ 2267.977946] ? stack_trace_consume_entry+0x160/0x160 [ 2267.979188] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2267.980220] ? kasan_save_stack+0x32/0x40 [ 2267.981338] ? kasan_save_stack+0x1b/0x40 [ 2267.982320] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2267.983430] ? iter_file_splice_write+0x165/0xc90 [ 2267.984520] ? direct_splice_actor+0x10f/0x170 [ 2267.985526] ? splice_direct_to_actor+0x387/0x980 [ 2267.986584] ? do_splice_direct+0x1c4/0x290 [ 2267.987584] ? do_sendfile+0x553/0x11e0 [ 2267.988474] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2267.989604] ? do_syscall_64+0x33/0x40 [ 2267.990479] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2267.991670] do_iter_readv_writev+0x476/0x750 [ 2267.992699] ? new_sync_write+0x660/0x660 [ 2267.993678] ? avc_policy_seqno+0x9/0x70 [ 2267.994644] ? selinux_file_permission+0x92/0x520 [ 2267.995749] ? security_file_permission+0xb1/0xe0 [ 2267.996837] do_iter_write+0x191/0x700 [ 2267.997762] ? trace_hardirqs_on+0x5b/0x180 [ 2267.998774] vfs_iter_write+0x70/0xa0 [ 2267.999635] iter_file_splice_write+0x726/0xc90 [ 2268.000711] ? generic_splice_sendpage+0x140/0x140 [ 2268.001848] ? security_file_permission+0xb1/0xe0 [ 2268.003167] ? generic_splice_sendpage+0x140/0x140 [ 2268.004429] direct_splice_actor+0x10f/0x170 [ 2268.005491] splice_direct_to_actor+0x387/0x980 [ 2268.006572] ? pipe_to_sendpage+0x380/0x380 [ 2268.007565] ? do_splice_to+0x160/0x160 [ 2268.008474] ? security_file_permission+0xb1/0xe0 [ 2268.009581] do_splice_direct+0x1c4/0x290 [ 2268.010544] ? splice_direct_to_actor+0x980/0x980 [ 2268.011632] ? avc_policy_seqno+0x9/0x70 [ 2268.012675] ? security_file_permission+0xb1/0xe0 [ 2268.013782] do_sendfile+0x553/0x11e0 [ 2268.014668] ? do_pwritev+0x270/0x270 [ 2268.015581] ? wait_for_completion_io+0x270/0x270 [ 2268.016679] ? rcu_read_lock_any_held+0x75/0xa0 [ 2268.017739] ? vfs_write+0x354/0xb10 [ 2268.018659] __x64_sys_sendfile64+0x1d1/0x210 [ 2268.019666] ? __ia32_sys_sendfile+0x220/0x220 [ 2268.020698] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2268.021863] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2268.023009] do_syscall_64+0x33/0x40 [ 2268.023879] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2268.025022] RIP: 0033:0x7f32880cdb19 [ 2268.026030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2268.030216] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2268.031924] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2268.033520] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2268.035109] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2268.036705] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2268.038350] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:00:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xfd03, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2268.051483] FAULT_INJECTION: forcing a failure. [ 2268.051483] name failslab, interval 1, probability 0, space 0, times 0 [ 2268.054492] CPU: 1 PID: 10610 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2268.056076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2268.057952] Call Trace: [ 2268.058661] dump_stack+0x107/0x167 [ 2268.059486] should_fail.cold+0x5/0xa [ 2268.060333] ? create_object.isra.0+0x3a/0xa20 [ 2268.061350] should_failslab+0x5/0x20 [ 2268.062296] kmem_cache_alloc+0x5b/0x310 [ 2268.063212] create_object.isra.0+0x3a/0xa20 [ 2268.064200] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2268.065318] __kmalloc+0x16e/0x390 [ 2268.066141] p9_fcall_init+0x97/0x290 [ 2268.067019] p9_client_prepare_req.part.0+0xf4/0xac0 [ 2268.068179] p9_client_rpc+0x220/0x1370 [ 2268.069074] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2268.070306] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2268.071485] ? pipe_poll+0x21b/0x800 [ 2268.072459] ? p9_fd_close+0x4a0/0x4a0 [ 2268.073332] ? wait_for_partner+0x3c0/0x3c0 [ 2268.074322] ? p9_fd_poll+0x1e0/0x2c0 [ 2268.075187] ? p9_fd_create+0x357/0x4a0 [ 2268.076083] ? p9_conn_create+0x510/0x510 [ 2268.077001] ? p9_client_create+0x798/0x1230 [ 2268.078001] ? kfree+0xd7/0x340 [ 2268.078779] ? do_raw_spin_unlock+0x4f/0x220 [ 2268.079930] p9_client_create+0xa76/0x1230 [ 2268.080996] ? p9_client_flush+0x430/0x430 [ 2268.081989] ? trace_hardirqs_on+0x5b/0x180 [ 2268.082991] ? lockdep_init_map_type+0x2c7/0x780 [ 2268.084084] ? __raw_spin_lock_init+0x36/0x110 [ 2268.085137] v9fs_session_init+0x1dd/0x1680 [ 2268.086145] ? lock_release+0x680/0x680 [ 2268.087258] ? kmem_cache_alloc_trace+0x151/0x320 [ 2268.088533] ? v9fs_show_options+0x690/0x690 [ 2268.089572] ? trace_hardirqs_on+0x5b/0x180 [ 2268.090555] ? kasan_unpoison_shadow+0x33/0x50 [ 2268.091578] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2268.092750] v9fs_mount+0x79/0x8f0 [ 2268.093546] ? v9fs_write_inode+0x60/0x60 [ 2268.094484] legacy_get_tree+0x105/0x220 [ 2268.095398] vfs_get_tree+0x8e/0x300 [ 2268.096397] path_mount+0x1429/0x2120 [ 2268.097262] ? strncpy_from_user+0x9e/0x470 [ 2268.098344] ? finish_automount+0xa90/0xa90 [ 2268.099325] ? getname_flags.part.0+0x1dd/0x4f0 [ 2268.100373] ? _copy_from_user+0xfb/0x1b0 [ 2268.101307] __x64_sys_mount+0x282/0x300 [ 2268.102235] ? copy_mnt_ns+0xa00/0xa00 [ 2268.103102] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2268.104525] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2268.105763] do_syscall_64+0x33/0x40 [ 2268.106626] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2268.108021] RIP: 0033:0x7f96c0f0ab19 [ 2268.108903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2268.113046] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2268.114775] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2268.116363] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2268.118020] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2268.119639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2268.121264] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:00:52 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xff03, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x68, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:00:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xfeff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:52 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff010) 03:00:52 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xfffe, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:00:52 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x80, &(0x7f0000000640)=@string={0x80, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2268.376966] udc-core: couldn't find an available UDC or it's busy [ 2268.378622] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:04 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b5"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:01:04 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x80, &(0x7f0000000640)=@string={0x80, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:04 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xff03, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:04 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fab, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:04 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff011) 03:01:04 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 35) 03:01:04 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 40) 03:01:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x6c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2280.772163] udc-core: couldn't find an available UDC or it's busy [ 2280.774041] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2280.784743] udc-core: couldn't find an available UDC or it's busy [ 2280.786449] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2280.799815] FAULT_INJECTION: forcing a failure. [ 2280.799815] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.802437] CPU: 0 PID: 10663 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2280.803889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2280.805637] Call Trace: [ 2280.806183] dump_stack+0x107/0x167 [ 2280.806950] should_fail.cold+0x5/0xa [ 2280.807755] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2280.808312] FAULT_INJECTION: forcing a failure. [ 2280.808312] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.808977] should_failslab+0x5/0x20 [ 2280.809078] kmem_cache_alloc+0x5b/0x310 [ 2280.809108] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2280.809135] idr_get_free+0x4b5/0x8f0 [ 2280.815793] idr_alloc_u32+0x170/0x2d0 [ 2280.816614] ? __fprop_inc_percpu_max+0x130/0x130 [ 2280.817634] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 2280.818767] ? lock_release+0x680/0x680 [ 2280.819612] idr_alloc+0xc2/0x130 [ 2280.820341] ? idr_alloc_u32+0x2d0/0x2d0 [ 2280.821180] ? rwlock_bug.part.0+0x90/0x90 [ 2280.822076] p9_client_prepare_req.part.0+0x612/0xac0 [ 2280.823173] p9_client_rpc+0x220/0x1370 [ 2280.824015] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2280.825119] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2280.826242] ? pipe_poll+0x21b/0x800 [ 2280.827028] ? p9_fd_close+0x4a0/0x4a0 [ 2280.827845] ? wait_for_partner+0x3c0/0x3c0 [ 2280.828759] ? p9_fd_poll+0x1e0/0x2c0 [ 2280.829571] ? p9_fd_create+0x357/0x4a0 [ 2280.830413] ? p9_conn_create+0x510/0x510 [ 2280.831283] ? p9_client_create+0x798/0x1230 [ 2280.832198] ? kfree+0xd7/0x340 [ 2280.832890] ? do_raw_spin_unlock+0x4f/0x220 [ 2280.833821] p9_client_create+0xa76/0x1230 [ 2280.834742] ? p9_client_flush+0x430/0x430 [ 2280.835633] ? trace_hardirqs_on+0x5b/0x180 [ 2280.836551] ? lockdep_init_map_type+0x2c7/0x780 [ 2280.837555] ? __raw_spin_lock_init+0x36/0x110 [ 2280.838530] v9fs_session_init+0x1dd/0x1680 [ 2280.839434] ? lock_release+0x680/0x680 [ 2280.840273] ? kmem_cache_alloc_trace+0x151/0x320 [ 2280.841288] ? v9fs_show_options+0x690/0x690 [ 2280.842219] ? trace_hardirqs_on+0x5b/0x180 [ 2280.843138] ? kasan_unpoison_shadow+0x33/0x50 [ 2280.844097] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2280.845164] v9fs_mount+0x79/0x8f0 [ 2280.845912] ? v9fs_write_inode+0x60/0x60 [ 2280.846789] legacy_get_tree+0x105/0x220 [ 2280.847645] vfs_get_tree+0x8e/0x300 [ 2280.848424] path_mount+0x1429/0x2120 [ 2280.849229] ? strncpy_from_user+0x9e/0x470 [ 2280.850134] ? finish_automount+0xa90/0xa90 [ 2280.851041] ? getname_flags.part.0+0x1dd/0x4f0 [ 2280.852015] ? _copy_from_user+0xfb/0x1b0 [ 2280.852906] __x64_sys_mount+0x282/0x300 [ 2280.853763] ? copy_mnt_ns+0xa00/0xa00 [ 2280.854591] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2280.855697] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2280.856782] do_syscall_64+0x33/0x40 [ 2280.857570] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2280.858655] RIP: 0033:0x7f96c0f0ab19 [ 2280.859439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2280.863307] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2280.864893] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2280.866394] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2280.867879] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2280.869367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2280.870865] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2280.872427] CPU: 1 PID: 10665 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2280.873940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2280.875717] Call Trace: [ 2280.876294] dump_stack+0x107/0x167 [ 2280.877074] should_fail.cold+0x5/0xa [ 2280.877891] ? __es_insert_extent+0xed1/0x1370 [ 2280.878876] should_failslab+0x5/0x20 [ 2280.879679] kmem_cache_alloc+0x5b/0x310 [ 2280.880718] __es_insert_extent+0xed1/0x1370 [ 2280.881725] ext4_es_insert_delayed_block+0x30d/0x6d0 [ 2280.883064] ? ext4_is_pending+0x210/0x210 [ 2280.883964] ? do_raw_spin_lock+0x121/0x260 [ 2280.885079] ? ext4_has_free_clusters+0x294/0x570 [ 2280.886103] ? percpu_counter_add_batch+0x8b/0x140 [ 2280.887385] ? do_raw_spin_unlock+0x4f/0x220 [ 2280.888516] ? _raw_spin_unlock+0x1a/0x30 [ 2280.889585] ? ext4_da_reserve_space+0xf8/0x3c0 [ 2280.890588] ext4_da_get_block_prep+0xa91/0x1100 [ 2280.891813] ? ext4_da_release_space+0x480/0x480 [ 2280.892833] ? lock_downgrade+0x6d0/0x6d0 [ 2280.893729] ? create_empty_buffers+0x4a3/0x640 [ 2280.894728] ? do_raw_spin_unlock+0x4f/0x220 [ 2280.895674] ? create_page_buffers+0x139/0x230 [ 2280.896660] __block_write_begin_int+0x3d1/0x19c0 [ 2280.897698] ? ext4_da_release_space+0x480/0x480 [ 2280.898747] ? remove_inode_buffers+0x300/0x300 [ 2280.899731] ? jbd2__journal_start+0xf3/0x7e0 [ 2280.900708] ext4_da_write_begin+0x37d/0xd40 [ 2280.901654] ? ext4_write_begin+0x10f0/0x10f0 [ 2280.902611] ? copyout_mc+0x140/0x140 [ 2280.903412] ? ext4_dirty_inode+0x107/0x130 [ 2280.904332] ? __mark_inode_dirty+0x12e/0xd40 [ 2280.905282] generic_perform_write+0x20a/0x4f0 [ 2280.906256] ? page_cache_prev_miss+0x310/0x310 [ 2280.907253] ? down_write_killable+0x180/0x180 [ 2280.908227] ext4_buffered_write_iter+0x232/0x4a0 [ 2280.909252] ext4_file_write_iter+0x3ab/0x1530 [ 2280.910210] ? stack_trace_save+0x8c/0xc0 [ 2280.911095] ? stack_trace_consume_entry+0x160/0x160 [ 2280.912177] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2280.913133] ? kasan_save_stack+0x32/0x40 [ 2280.914011] ? kasan_save_stack+0x1b/0x40 [ 2280.914900] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2280.915964] ? iter_file_splice_write+0x165/0xc90 [ 2280.916978] ? direct_splice_actor+0x10f/0x170 [ 2280.917940] ? splice_direct_to_actor+0x387/0x980 [ 2280.918967] ? do_splice_direct+0x1c4/0x290 [ 2280.919869] ? do_sendfile+0x553/0x11e0 [ 2280.920703] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2280.921679] ? do_syscall_64+0x33/0x40 [ 2280.922516] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2280.923641] do_iter_readv_writev+0x476/0x750 [ 2280.924590] ? new_sync_write+0x660/0x660 [ 2280.925462] ? avc_policy_seqno+0x9/0x70 [ 2280.926320] ? selinux_file_permission+0x92/0x520 [ 2280.927361] ? security_file_permission+0xb1/0xe0 [ 2280.928387] do_iter_write+0x191/0x700 [ 2280.929209] ? trace_hardirqs_on+0x5b/0x180 [ 2280.930134] vfs_iter_write+0x70/0xa0 [ 2280.930950] iter_file_splice_write+0x726/0xc90 [ 2280.931944] ? generic_splice_sendpage+0x140/0x140 [ 2280.932998] ? security_file_permission+0xb1/0xe0 [ 2280.934017] ? generic_splice_sendpage+0x140/0x140 [ 2280.935072] direct_splice_actor+0x10f/0x170 [ 2280.936007] splice_direct_to_actor+0x387/0x980 [ 2280.936992] ? pipe_to_sendpage+0x380/0x380 [ 2280.937902] ? do_splice_to+0x160/0x160 [ 2280.938748] ? security_file_permission+0xb1/0xe0 [ 2280.939780] do_splice_direct+0x1c4/0x290 [ 2280.940655] ? splice_direct_to_actor+0x980/0x980 [ 2280.941667] ? avc_policy_seqno+0x9/0x70 [ 2280.942542] ? security_file_permission+0xb1/0xe0 [ 2280.943573] do_sendfile+0x553/0x11e0 [ 2280.944392] ? do_pwritev+0x270/0x270 [ 2280.945198] ? wait_for_completion_io+0x270/0x270 [ 2280.946219] ? rcu_read_lock_any_held+0x75/0xa0 [ 2280.947199] ? vfs_write+0x354/0xb10 [ 2280.947991] __x64_sys_sendfile64+0x1d1/0x210 [ 2280.948940] ? __ia32_sys_sendfile+0x220/0x220 [ 2280.949909] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2280.951029] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2280.952120] do_syscall_64+0x33/0x40 [ 2280.952910] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2280.953990] RIP: 0033:0x7f32880cdb19 [ 2280.954787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2280.958643] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2280.960232] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2280.961725] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2280.963233] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2280.964726] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2280.966466] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:01:04 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x74, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:05 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xfffe, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:05 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fac, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x7a, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:05 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff012) 03:01:05 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x80, &(0x7f0000000640)=@string={0x80, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:05 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1910f, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2281.231926] udc-core: couldn't find an available UDC or it's busy [ 2281.233861] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:05 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fad, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:17 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x2, [{0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 36) 03:01:17 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b5"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:01:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19110, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2293.823046] udc-core: couldn't find an available UDC or it's busy [ 2293.824665] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x300, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:17 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 41) 03:01:17 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fae, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2293.868155] FAULT_INJECTION: forcing a failure. [ 2293.868155] name failslab, interval 1, probability 0, space 0, times 0 [ 2293.871124] CPU: 0 PID: 10712 Comm: syz-executor.4 Not tainted 5.10.238 #1 03:01:17 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff013) [ 2293.872725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2293.874760] Call Trace: [ 2293.875363] dump_stack+0x107/0x167 [ 2293.876210] should_fail.cold+0x5/0xa [ 2293.877094] ? create_object.isra.0+0x3a/0xa20 [ 2293.878155] should_failslab+0x5/0x20 [ 2293.879049] kmem_cache_alloc+0x5b/0x310 [ 2293.880001] create_object.isra.0+0x3a/0xa20 [ 2293.881015] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2293.882199] kmem_cache_alloc+0x159/0x310 [ 2293.883178] __es_insert_extent+0xed1/0x1370 [ 2293.884221] ext4_es_insert_delayed_block+0x30d/0x6d0 [ 2293.885425] ? ext4_is_pending+0x210/0x210 [ 2293.886395] ? do_raw_spin_lock+0x121/0x260 [ 2293.887399] ? ext4_has_free_clusters+0x294/0x570 [ 2293.888512] ? percpu_counter_add_batch+0x8b/0x140 [ 2293.889643] ? do_raw_spin_unlock+0x4f/0x220 [ 2293.890663] ? _raw_spin_unlock+0x1a/0x30 [ 2293.891625] ? ext4_da_reserve_space+0xf8/0x3c0 [ 2293.892701] ext4_da_get_block_prep+0xa91/0x1100 [ 2293.893800] ? ext4_da_release_space+0x480/0x480 [ 2293.894905] ? lock_downgrade+0x6d0/0x6d0 [ 2293.895871] ? create_empty_buffers+0x4a3/0x640 [ 2293.896948] ? do_raw_spin_unlock+0x4f/0x220 [ 2293.897964] ? create_page_buffers+0x139/0x230 [ 2293.899047] __block_write_begin_int+0x3d1/0x19c0 [ 2293.900168] ? ext4_da_release_space+0x480/0x480 [ 2293.901278] ? remove_inode_buffers+0x300/0x300 [ 2293.902344] ? jbd2__journal_start+0xf3/0x7e0 [ 2293.903402] ext4_da_write_begin+0x37d/0xd40 [ 2293.904430] ? ext4_write_begin+0x10f0/0x10f0 [ 2293.905455] ? copyout_mc+0x140/0x140 [ 2293.906328] ? ext4_dirty_inode+0x107/0x130 [ 2293.907328] ? __mark_inode_dirty+0x12e/0xd40 [ 2293.908371] generic_perform_write+0x20a/0x4f0 [ 2293.909437] ? page_cache_prev_miss+0x310/0x310 [ 2293.910517] ? down_write_killable+0x180/0x180 [ 2293.911586] ext4_buffered_write_iter+0x232/0x4a0 [ 2293.912706] ext4_file_write_iter+0x3ab/0x1530 [ 2293.913757] ? stack_trace_save+0x8c/0xc0 [ 2293.914724] ? stack_trace_consume_entry+0x160/0x160 [ 2293.915907] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2293.916955] ? kasan_save_stack+0x32/0x40 [ 2293.917904] ? kasan_save_stack+0x1b/0x40 [ 2293.918867] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2293.920038] ? iter_file_splice_write+0x165/0xc90 [ 2293.921140] ? direct_splice_actor+0x10f/0x170 [ 2293.922189] ? splice_direct_to_actor+0x387/0x980 [ 2293.923302] ? do_splice_direct+0x1c4/0x290 [ 2293.924295] ? do_sendfile+0x553/0x11e0 [ 2293.925209] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2293.926277] ? do_syscall_64+0x33/0x40 [ 2293.927190] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2293.928426] do_iter_readv_writev+0x476/0x750 [ 2293.929465] ? new_sync_write+0x660/0x660 [ 2293.930420] ? avc_policy_seqno+0x9/0x70 [ 2293.931358] ? selinux_file_permission+0x92/0x520 [ 2293.932471] ? security_file_permission+0xb1/0xe0 [ 2293.933591] do_iter_write+0x191/0x700 [ 2293.934493] ? trace_hardirqs_on+0x5b/0x180 [ 2293.935516] vfs_iter_write+0x70/0xa0 [ 2293.936400] iter_file_splice_write+0x726/0xc90 [ 2293.937492] ? generic_splice_sendpage+0x140/0x140 [ 2293.938653] ? security_file_permission+0xb1/0xe0 [ 2293.939773] ? generic_splice_sendpage+0x140/0x140 [ 2293.940909] direct_splice_actor+0x10f/0x170 [ 2293.941930] splice_direct_to_actor+0x387/0x980 [ 2293.943019] ? pipe_to_sendpage+0x380/0x380 [ 2293.944019] ? do_splice_to+0x160/0x160 [ 2293.944935] ? security_file_permission+0xb1/0xe0 [ 2293.946253] do_splice_direct+0x1c4/0x290 [ 2293.947215] ? splice_direct_to_actor+0x980/0x980 [ 2293.948322] ? avc_policy_seqno+0x9/0x70 [ 2293.949270] ? security_file_permission+0xb1/0xe0 [ 2293.949663] FAULT_INJECTION: forcing a failure. [ 2293.949663] name failslab, interval 1, probability 0, space 0, times 0 [ 2293.950388] do_sendfile+0x553/0x11e0 [ 2293.950424] ? do_pwritev+0x270/0x270 [ 2293.950446] ? wait_for_completion_io+0x270/0x270 [ 2293.950471] ? rcu_read_lock_any_held+0x75/0xa0 [ 2293.950489] ? vfs_write+0x354/0xb10 [ 2293.950527] __x64_sys_sendfile64+0x1d1/0x210 [ 2293.958661] ? __ia32_sys_sendfile+0x220/0x220 [ 2293.959716] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2293.960922] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2293.962111] do_syscall_64+0x33/0x40 [ 2293.962975] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2293.964154] RIP: 0033:0x7f32880cdb19 [ 2293.965014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2293.969251] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2293.971015] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2293.972661] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2293.974308] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2293.975967] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2293.977619] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2293.979311] CPU: 1 PID: 10723 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2293.980915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2293.982766] Call Trace: [ 2293.983409] dump_stack+0x107/0x167 [ 2293.984223] should_fail.cold+0x5/0xa [ 2293.985074] ? create_object.isra.0+0x3a/0xa20 [ 2293.986090] should_failslab+0x5/0x20 [ 2293.986948] kmem_cache_alloc+0x5b/0x310 [ 2293.987869] create_object.isra.0+0x3a/0xa20 [ 2293.988851] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2293.989982] __kmalloc+0x16e/0x390 [ 2293.990791] p9_fcall_init+0x97/0x290 [ 2293.991635] p9_client_prepare_req.part.0+0xf4/0xac0 [ 2293.992712] p9_client_rpc+0x220/0x1370 [ 2293.993541] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2293.994660] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2293.995767] ? pipe_poll+0x21b/0x800 [ 2293.996541] ? p9_fd_close+0x4a0/0x4a0 [ 2293.997350] ? wait_for_partner+0x3c0/0x3c0 [ 2293.998244] ? p9_fd_poll+0x1e0/0x2c0 [ 2293.999055] ? p9_fd_create+0x357/0x4a0 [ 2293.999881] ? p9_conn_create+0x510/0x510 [ 2294.000745] ? p9_client_create+0x798/0x1230 [ 2294.001657] ? kfree+0xd7/0x340 [ 2294.002333] ? do_raw_spin_unlock+0x4f/0x220 [ 2294.003496] p9_client_create+0xa76/0x1230 [ 2294.004384] ? p9_client_flush+0x430/0x430 [ 2294.005324] ? trace_hardirqs_on+0x5b/0x180 [ 2294.006223] ? lockdep_init_map_type+0x2c7/0x780 [ 2294.007224] ? __raw_spin_lock_init+0x36/0x110 [ 2294.008169] v9fs_session_init+0x1dd/0x1680 [ 2294.009056] ? lock_release+0x680/0x680 [ 2294.009891] ? kmem_cache_alloc_trace+0x151/0x320 [ 2294.010912] ? v9fs_show_options+0x690/0x690 [ 2294.011834] ? trace_hardirqs_on+0x5b/0x180 [ 2294.012730] ? kasan_unpoison_shadow+0x33/0x50 [ 2294.013675] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2294.014748] v9fs_mount+0x79/0x8f0 [ 2294.015663] ? v9fs_write_inode+0x60/0x60 [ 2294.016533] legacy_get_tree+0x105/0x220 [ 2294.017382] vfs_get_tree+0x8e/0x300 [ 2294.018148] path_mount+0x1429/0x2120 [ 2294.018960] ? strncpy_from_user+0x9e/0x470 [ 2294.019853] ? finish_automount+0xa90/0xa90 [ 2294.020737] ? getname_flags.part.0+0x1dd/0x4f0 [ 2294.021701] ? _copy_from_user+0xfb/0x1b0 [ 2294.022589] __x64_sys_mount+0x282/0x300 [ 2294.023425] ? copy_mnt_ns+0xa00/0xa00 [ 2294.024243] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2294.025326] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2294.026390] do_syscall_64+0x33/0x40 [ 2294.027169] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2294.028217] RIP: 0033:0x7f96c0f0ab19 [ 2294.028987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2294.032778] RSP: 002b:00007f96be45f188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2294.034360] RAX: ffffffffffffffda RBX: 00007f96c101e020 RCX: 00007f96c0f0ab19 [ 2294.035828] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2294.037291] RBP: 00007f96be45f1d0 R08: 0000000020000280 R09: 0000000000000000 [ 2294.038783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2294.040243] R13: 00007ffd1e2c8abf R14: 00007f96be45f300 R15: 0000000000022000 03:01:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19111, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2294.046731] udc-core: couldn't find an available UDC or it's busy [ 2294.048560] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:18 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x2, [{0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:18 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18faf, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:18 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x346, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2294.189524] udc-core: couldn't find an available UDC or it's busy [ 2294.191438] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:18 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 37) 03:01:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff014) 03:01:18 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19112, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2294.333103] FAULT_INJECTION: forcing a failure. [ 2294.333103] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2294.336450] CPU: 0 PID: 10743 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2294.338012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2294.339895] Call Trace: [ 2294.340493] dump_stack+0x107/0x167 [ 2294.341315] should_fail.cold+0x5/0xa [ 2294.342176] __alloc_pages_nodemask+0x182/0x600 [ 2294.343234] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2294.344600] ? find_get_entry+0x2c8/0x740 [ 2294.345541] ? slab_free_freelist_hook+0xa9/0x180 [ 2294.346640] alloc_pages_current+0x187/0x280 [ 2294.347630] __page_cache_alloc+0x2d2/0x360 [ 2294.348597] ? jbd2_journal_stop+0x188/0xdc0 [ 2294.349591] pagecache_get_page+0x2c7/0xc80 [ 2294.350581] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2294.351698] grab_cache_page_write_begin+0x64/0xa0 [ 2294.352796] ext4_da_write_begin+0x2f3/0xd40 [ 2294.353786] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2294.355085] ? ext4_write_begin+0x10f0/0x10f0 [ 2294.356093] ? copyout_mc+0x140/0x140 [ 2294.356959] generic_perform_write+0x20a/0x4f0 [ 2294.357993] ? page_cache_prev_miss+0x310/0x310 [ 2294.359046] ? down_write_killable+0x180/0x180 [ 2294.360079] ext4_buffered_write_iter+0x232/0x4a0 [ 2294.361174] ext4_file_write_iter+0x3ab/0x1530 [ 2294.362198] ? stack_trace_save+0x8c/0xc0 [ 2294.363139] ? stack_trace_consume_entry+0x160/0x160 [ 2294.364288] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2294.365311] ? kasan_save_stack+0x32/0x40 [ 2294.366239] ? kasan_save_stack+0x1b/0x40 [ 2294.367174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2294.368312] ? iter_file_splice_write+0x165/0xc90 [ 2294.369392] ? direct_splice_actor+0x10f/0x170 [ 2294.370421] ? splice_direct_to_actor+0x387/0x980 [ 2294.371510] ? do_splice_direct+0x1c4/0x290 [ 2294.372477] ? do_sendfile+0x553/0x11e0 [ 2294.373368] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2294.374408] ? do_syscall_64+0x33/0x40 [ 2294.375294] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2294.376505] do_iter_readv_writev+0x476/0x750 [ 2294.377525] ? new_sync_write+0x660/0x660 [ 2294.378458] ? avc_policy_seqno+0x9/0x70 [ 2294.379379] ? selinux_file_permission+0x92/0x520 [ 2294.380471] ? security_file_permission+0xb1/0xe0 [ 2294.381567] do_iter_write+0x191/0x700 [ 2294.382448] ? trace_hardirqs_on+0x5b/0x180 [ 2294.383435] vfs_iter_write+0x70/0xa0 [ 2294.384297] iter_file_splice_write+0x726/0xc90 [ 2294.385362] ? generic_splice_sendpage+0x140/0x140 [ 2294.386493] ? security_file_permission+0xb1/0xe0 [ 2294.387592] ? generic_splice_sendpage+0x140/0x140 [ 2294.388713] direct_splice_actor+0x10f/0x170 [ 2294.389708] splice_direct_to_actor+0x387/0x980 [ 2294.390768] ? pipe_to_sendpage+0x380/0x380 [ 2294.391746] ? do_splice_to+0x160/0x160 [ 2294.392642] ? security_file_permission+0xb1/0xe0 [ 2294.393735] do_splice_direct+0x1c4/0x290 [ 2294.394678] ? splice_direct_to_actor+0x980/0x980 [ 2294.395760] ? avc_policy_seqno+0x9/0x70 [ 2294.396681] ? security_file_permission+0xb1/0xe0 [ 2294.397776] do_sendfile+0x553/0x11e0 [ 2294.398658] ? do_pwritev+0x270/0x270 [ 2294.399522] ? wait_for_completion_io+0x270/0x270 [ 2294.400608] ? rcu_read_lock_any_held+0x75/0xa0 [ 2294.401661] ? vfs_write+0x354/0xb10 [ 2294.402513] __x64_sys_sendfile64+0x1d1/0x210 [ 2294.403527] ? __ia32_sys_sendfile+0x220/0x220 [ 2294.404564] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2294.405751] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2294.406933] do_syscall_64+0x33/0x40 [ 2294.407772] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2294.408926] RIP: 0033:0x7f32880cdb19 [ 2294.409767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2294.413909] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2294.415636] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2294.417247] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2294.418868] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2294.420481] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2294.422090] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:01:32 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b5"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) 03:01:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x3fd, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff015) 03:01:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19113, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:32 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:32 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x2, [{0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 38) 03:01:32 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 42) [ 2308.525461] udc-core: couldn't find an available UDC or it's busy [ 2308.527210] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2308.535011] udc-core: couldn't find an available UDC or it's busy [ 2308.536657] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2308.554866] FAULT_INJECTION: forcing a failure. [ 2308.554866] name failslab, interval 1, probability 0, space 0, times 0 [ 2308.557913] CPU: 0 PID: 10770 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2308.559527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2308.561448] Call Trace: [ 2308.562065] dump_stack+0x107/0x167 [ 2308.562915] should_fail.cold+0x5/0xa [ 2308.563799] ? jbd2__journal_start+0x190/0x7e0 [ 2308.564860] should_failslab+0x5/0x20 [ 2308.565737] kmem_cache_alloc+0x5b/0x310 [ 2308.566690] jbd2__journal_start+0x190/0x7e0 [ 2308.567715] __ext4_journal_start_sb+0x214/0x390 [ 2308.568818] ext4_da_write_begin+0x51f/0xd40 [ 2308.569843] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2308.571187] ? ext4_write_begin+0x10f0/0x10f0 [ 2308.572221] ? copyout_mc+0x140/0x140 [ 2308.573114] generic_perform_write+0x20a/0x4f0 [ 2308.574183] ? page_cache_prev_miss+0x310/0x310 [ 2308.575270] ? down_write_killable+0x180/0x180 [ 2308.576337] ext4_buffered_write_iter+0x232/0x4a0 [ 2308.577454] ext4_file_write_iter+0x3ab/0x1530 [ 2308.578510] ? stack_trace_save+0x8c/0xc0 [ 2308.579481] ? stack_trace_consume_entry+0x160/0x160 [ 2308.580663] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2308.581717] ? kasan_save_stack+0x32/0x40 [ 2308.582680] ? kasan_save_stack+0x1b/0x40 [ 2308.583634] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2308.584807] ? iter_file_splice_write+0x165/0xc90 [ 2308.585918] ? direct_splice_actor+0x10f/0x170 [ 2308.586984] ? splice_direct_to_actor+0x387/0x980 [ 2308.588095] ? do_splice_direct+0x1c4/0x290 [ 2308.589089] ? do_sendfile+0x553/0x11e0 [ 2308.590007] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2308.591088] ? do_syscall_64+0x33/0x40 [ 2308.591984] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2308.593221] do_iter_readv_writev+0x476/0x750 [ 2308.594268] ? new_sync_write+0x660/0x660 [ 2308.595229] ? avc_policy_seqno+0x9/0x70 [ 2308.596167] ? selinux_file_permission+0x92/0x520 [ 2308.597285] ? security_file_permission+0xb1/0xe0 [ 2308.598408] do_iter_write+0x191/0x700 [ 2308.599321] ? trace_hardirqs_on+0x5b/0x180 [ 2308.600328] vfs_iter_write+0x70/0xa0 [ 2308.601210] iter_file_splice_write+0x726/0xc90 [ 2308.602304] ? generic_splice_sendpage+0x140/0x140 [ 2308.603462] ? security_file_permission+0xb1/0xe0 [ 2308.604580] ? generic_splice_sendpage+0x140/0x140 [ 2308.605719] direct_splice_actor+0x10f/0x170 [ 2308.606747] splice_direct_to_actor+0x387/0x980 [ 2308.607826] ? pipe_to_sendpage+0x380/0x380 [ 2308.608826] ? do_splice_to+0x160/0x160 [ 2308.609744] ? security_file_permission+0xb1/0xe0 [ 2308.610873] do_splice_direct+0x1c4/0x290 [ 2308.611835] ? splice_direct_to_actor+0x980/0x980 [ 2308.612945] ? avc_policy_seqno+0x9/0x70 [ 2308.613888] ? security_file_permission+0xb1/0xe0 [ 2308.615021] do_sendfile+0x553/0x11e0 [ 2308.615917] ? do_pwritev+0x270/0x270 [ 2308.616797] ? wait_for_completion_io+0x270/0x270 [ 2308.617910] ? rcu_read_lock_any_held+0x75/0xa0 [ 2308.618989] ? vfs_write+0x354/0xb10 [ 2308.619855] __x64_sys_sendfile64+0x1d1/0x210 [ 2308.620894] ? __ia32_sys_sendfile+0x220/0x220 [ 2308.621951] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2308.623170] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2308.624365] do_syscall_64+0x33/0x40 [ 2308.625225] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2308.626407] RIP: 0033:0x7f32880cdb19 [ 2308.627276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2308.631540] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2308.633317] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2308.635171] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2308.636814] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2308.638457] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2308.640104] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:01:32 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb1, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2308.670534] FAULT_INJECTION: forcing a failure. [ 2308.670534] name failslab, interval 1, probability 0, space 0, times 0 [ 2308.673015] CPU: 1 PID: 10772 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2308.674548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2308.676387] Call Trace: [ 2308.676980] dump_stack+0x107/0x167 [ 2308.677796] should_fail.cold+0x5/0xa [ 2308.678649] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2308.679931] should_failslab+0x5/0x20 [ 2308.680770] kmem_cache_alloc+0x5b/0x310 [ 2308.681673] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2308.682910] idr_get_free+0x4b5/0x8f0 [ 2308.683762] idr_alloc_u32+0x170/0x2d0 [ 2308.684621] ? __fprop_inc_percpu_max+0x130/0x130 [ 2308.685685] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 2308.686753] ? lock_release+0x680/0x680 [ 2308.687524] idr_alloc+0xc2/0x130 [ 2308.688192] ? idr_alloc_u32+0x2d0/0x2d0 [ 2308.688969] ? rwlock_bug.part.0+0x90/0x90 [ 2308.689797] p9_client_prepare_req.part.0+0x612/0xac0 [ 2308.690809] p9_client_rpc+0x220/0x1370 [ 2308.691576] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2308.692595] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2308.693625] ? pipe_poll+0x21b/0x800 [ 2308.694339] ? p9_fd_close+0x4a0/0x4a0 [ 2308.695094] ? wait_for_partner+0x3c0/0x3c0 [ 2308.695923] ? p9_fd_poll+0x1e0/0x2c0 [ 2308.696659] ? p9_fd_create+0x357/0x4a0 [ 2308.697420] ? p9_conn_create+0x510/0x510 [ 2308.698217] ? p9_client_create+0x798/0x1230 [ 2308.699075] ? kfree+0xd7/0x340 [ 2308.699710] ? do_raw_spin_unlock+0x4f/0x220 [ 2308.700569] p9_client_create+0xa76/0x1230 [ 2308.701397] ? p9_client_flush+0x430/0x430 [ 2308.702213] ? trace_hardirqs_on+0x5b/0x180 [ 2308.703059] ? lockdep_init_map_type+0x2c7/0x780 [ 2308.703977] ? __raw_spin_lock_init+0x36/0x110 [ 2308.704864] v9fs_session_init+0x1dd/0x1680 [ 2308.705702] ? lock_release+0x680/0x680 [ 2308.706485] ? kmem_cache_alloc_trace+0x151/0x320 [ 2308.707417] ? v9fs_show_options+0x690/0x690 [ 2308.708273] ? trace_hardirqs_on+0x5b/0x180 [ 2308.709105] ? kasan_unpoison_shadow+0x33/0x50 [ 2308.709980] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2308.710970] v9fs_mount+0x79/0x8f0 [ 2308.711657] ? v9fs_write_inode+0x60/0x60 [ 2308.712611] legacy_get_tree+0x105/0x220 [ 2308.713497] vfs_get_tree+0x8e/0x300 [ 2308.714217] path_mount+0x1429/0x2120 [ 2308.714966] ? strncpy_from_user+0x9e/0x470 [ 2308.715799] ? finish_automount+0xa90/0xa90 [ 2308.716629] ? getname_flags.part.0+0x1dd/0x4f0 [ 2308.717528] ? _copy_from_user+0xfb/0x1b0 [ 2308.718337] __x64_sys_mount+0x282/0x300 [ 2308.719138] ? copy_mnt_ns+0xa00/0xa00 [ 2308.719905] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2308.720927] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2308.721935] do_syscall_64+0x33/0x40 [ 2308.722673] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2308.723671] RIP: 0033:0x7f96c0f0ab19 [ 2308.724396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2308.727956] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2308.729436] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2308.730829] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2308.732219] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2308.733600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2308.734987] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:01:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x500, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:32 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb2, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19114, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff016) 03:01:32 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x0, 0x0}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:32 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb3, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 39) [ 2308.891943] udc-core: couldn't find an available UDC or it's busy [ 2308.893249] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2308.995017] FAULT_INJECTION: forcing a failure. [ 2308.995017] name failslab, interval 1, probability 0, space 0, times 0 [ 2308.997910] CPU: 0 PID: 10801 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2308.999533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2309.001461] Call Trace: [ 2309.002076] dump_stack+0x107/0x167 [ 2309.002932] should_fail.cold+0x5/0xa [ 2309.003814] ? create_object.isra.0+0x3a/0xa20 [ 2309.004872] should_failslab+0x5/0x20 [ 2309.005756] kmem_cache_alloc+0x5b/0x310 [ 2309.006715] create_object.isra.0+0x3a/0xa20 [ 2309.007734] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2309.008916] kmem_cache_alloc+0x159/0x310 [ 2309.009882] jbd2__journal_start+0x190/0x7e0 [ 2309.010910] __ext4_journal_start_sb+0x214/0x390 [ 2309.012014] ext4_da_write_begin+0x51f/0xd40 [ 2309.013036] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2309.014372] ? ext4_write_begin+0x10f0/0x10f0 [ 2309.015413] ? copyout_mc+0x140/0x140 [ 2309.016313] generic_perform_write+0x20a/0x4f0 [ 2309.017379] ? page_cache_prev_miss+0x310/0x310 [ 2309.018457] ? down_write_killable+0x180/0x180 [ 2309.019538] ext4_buffered_write_iter+0x232/0x4a0 [ 2309.020657] ext4_file_write_iter+0x3ab/0x1530 [ 2309.021716] ? stack_trace_save+0x8c/0xc0 [ 2309.022687] ? stack_trace_consume_entry+0x160/0x160 [ 2309.023885] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2309.024937] ? kasan_save_stack+0x32/0x40 [ 2309.025891] ? kasan_save_stack+0x1b/0x40 [ 2309.026855] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2309.028030] ? iter_file_splice_write+0x165/0xc90 [ 2309.029143] ? direct_splice_actor+0x10f/0x170 [ 2309.030197] ? splice_direct_to_actor+0x387/0x980 [ 2309.031339] ? do_splice_direct+0x1c4/0x290 [ 2309.032335] ? do_sendfile+0x553/0x11e0 [ 2309.033248] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2309.034319] ? do_syscall_64+0x33/0x40 [ 2309.035224] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2309.036460] do_iter_readv_writev+0x476/0x750 [ 2309.037503] ? new_sync_write+0x660/0x660 [ 2309.038468] ? avc_policy_seqno+0x9/0x70 [ 2309.039413] ? selinux_file_permission+0x92/0x520 [ 2309.040530] ? security_file_permission+0xb1/0xe0 [ 2309.041654] do_iter_write+0x191/0x700 [ 2309.042555] ? trace_hardirqs_on+0x5b/0x180 [ 2309.043583] vfs_iter_write+0x70/0xa0 [ 2309.044465] iter_file_splice_write+0x726/0xc90 [ 2309.045556] ? generic_splice_sendpage+0x140/0x140 [ 2309.046717] ? security_file_permission+0xb1/0xe0 [ 2309.047833] ? generic_splice_sendpage+0x140/0x140 [ 2309.048969] direct_splice_actor+0x10f/0x170 [ 2309.049991] splice_direct_to_actor+0x387/0x980 [ 2309.051078] ? pipe_to_sendpage+0x380/0x380 [ 2309.052082] ? do_splice_to+0x160/0x160 [ 2309.053001] ? security_file_permission+0xb1/0xe0 [ 2309.054125] do_splice_direct+0x1c4/0x290 [ 2309.055092] ? splice_direct_to_actor+0x980/0x980 [ 2309.056203] ? avc_policy_seqno+0x9/0x70 [ 2309.057147] ? security_file_permission+0xb1/0xe0 [ 2309.058275] do_sendfile+0x553/0x11e0 [ 2309.059175] ? do_pwritev+0x270/0x270 [ 2309.060060] ? wait_for_completion_io+0x270/0x270 [ 2309.061179] ? rcu_read_lock_any_held+0x75/0xa0 [ 2309.062250] ? vfs_write+0x354/0xb10 [ 2309.063121] __x64_sys_sendfile64+0x1d1/0x210 [ 2309.064158] ? __ia32_sys_sendfile+0x220/0x220 [ 2309.065219] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2309.066429] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2309.067633] do_syscall_64+0x33/0x40 [ 2309.068492] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2309.069676] RIP: 0033:0x7f32880cdb19 [ 2309.070536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2309.074811] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2309.076566] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2309.078210] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2309.079863] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2309.081531] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2309.083188] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:01:33 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb4, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:33 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x2, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}]}) 03:01:33 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x0, 0x0}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:33 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x600, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:33 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19115, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2309.146961] udc-core: couldn't find an available UDC or it's busy [ 2309.148834] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2309.166012] udc-core: couldn't find an available UDC or it's busy [ 2309.167591] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:44 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x2, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}]}) [ 2320.973649] udc-core: couldn't find an available UDC or it's busy [ 2320.974848] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:44 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x0, 0x0}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:44 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff017) 03:01:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 40) 03:01:44 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x700, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:44 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb5, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:44 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19116, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:44 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 43) [ 2321.009899] FAULT_INJECTION: forcing a failure. [ 2321.009899] name failslab, interval 1, probability 0, space 0, times 0 [ 2321.010209] FAULT_INJECTION: forcing a failure. [ 2321.010209] name failslab, interval 1, probability 0, space 0, times 0 [ 2321.011733] CPU: 1 PID: 10827 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2321.015031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2321.016133] Call Trace: [ 2321.016490] dump_stack+0x107/0x167 [ 2321.016980] should_fail.cold+0x5/0xa [ 2321.017493] ? create_object.isra.0+0x3a/0xa20 [ 2321.018154] should_failslab+0x5/0x20 [ 2321.018662] kmem_cache_alloc+0x5b/0x310 [ 2321.019259] create_object.isra.0+0x3a/0xa20 [ 2321.019889] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2321.020620] kmem_cache_alloc+0x159/0x310 [ 2321.021222] alloc_buffer_head+0x20/0x110 [ 2321.021818] alloc_page_buffers+0x14d/0x700 [ 2321.022444] create_empty_buffers+0x2c/0x640 [ 2321.023083] ? start_this_handle+0xfdd/0x1390 [ 2321.023724] ? start_this_handle+0xd57/0x1390 [ 2321.024370] create_page_buffers+0x1bb/0x230 [ 2321.025003] __block_write_begin_int+0x1d1/0x19c0 [ 2321.025702] ? ext4_da_release_space+0x480/0x480 [ 2321.026387] ? kmem_cache_alloc+0x2a6/0x310 [ 2321.027018] ? remove_inode_buffers+0x300/0x300 [ 2321.027683] ? jbd2__journal_start+0xf3/0x7e0 [ 2321.028336] ext4_da_write_begin+0x37d/0xd40 [ 2321.028972] ? ext4_write_begin+0x10f0/0x10f0 [ 2321.029614] ? copyout_mc+0x140/0x140 [ 2321.030169] generic_perform_write+0x20a/0x4f0 [ 2321.030836] ? page_cache_prev_miss+0x310/0x310 [ 2321.031503] ? down_write_killable+0x180/0x180 [ 2321.032167] ext4_buffered_write_iter+0x232/0x4a0 [ 2321.032857] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2321.033501] ext4_file_write_iter+0x3ab/0x1530 [ 2321.034156] ? mark_held_locks+0x9e/0xe0 [ 2321.034742] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2321.035501] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2321.036273] ? trace_hardirqs_on+0x5b/0x180 [ 2321.036892] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2321.037666] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2321.038325] ? do_iter_readv_writev+0x84/0x750 [ 2321.038993] do_iter_readv_writev+0x476/0x750 [ 2321.039639] ? new_sync_write+0x660/0x660 [ 2321.040233] ? avc_policy_seqno+0x9/0x70 [ 2321.040811] ? selinux_file_permission+0x92/0x520 [ 2321.041502] ? security_file_permission+0xb1/0xe0 [ 2321.042197] do_iter_write+0x191/0x700 [ 2321.042756] ? trace_hardirqs_on+0x5b/0x180 [ 2321.043384] vfs_iter_write+0x70/0xa0 [ 2321.043930] iter_file_splice_write+0x726/0xc90 [ 2321.044609] ? generic_splice_sendpage+0x140/0x140 [ 2321.045322] ? security_file_permission+0xb1/0xe0 [ 2321.046010] ? generic_splice_sendpage+0x140/0x140 [ 2321.046716] direct_splice_actor+0x10f/0x170 [ 2321.047357] splice_direct_to_actor+0x387/0x980 [ 2321.048029] ? pipe_to_sendpage+0x380/0x380 [ 2321.048651] ? do_splice_to+0x160/0x160 [ 2321.049221] ? security_file_permission+0xb1/0xe0 [ 2321.049920] do_splice_direct+0x1c4/0x290 [ 2321.050516] ? splice_direct_to_actor+0x980/0x980 [ 2321.051218] ? avc_policy_seqno+0x9/0x70 [ 2321.051807] ? security_file_permission+0xb1/0xe0 [ 2321.052506] do_sendfile+0x553/0x11e0 [ 2321.053063] ? do_pwritev+0x270/0x270 [ 2321.053611] ? wait_for_completion_io+0x270/0x270 [ 2321.054306] ? rcu_read_lock_any_held+0x75/0xa0 [ 2321.054981] ? vfs_write+0x354/0xb10 [ 2321.055517] __x64_sys_sendfile64+0x1d1/0x210 [ 2321.056160] ? __ia32_sys_sendfile+0x220/0x220 [ 2321.056821] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2321.057575] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2321.058316] do_syscall_64+0x33/0x40 [ 2321.058863] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2321.059600] RIP: 0033:0x7f32880cdb19 [ 2321.060137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2321.062779] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2321.063881] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2321.064910] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2321.065820] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2321.066582] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2321.067429] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2321.068289] CPU: 0 PID: 10839 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2321.069906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2321.071833] Call Trace: [ 2321.072456] dump_stack+0x107/0x167 [ 2321.073300] should_fail.cold+0x5/0xa [ 2321.074186] ? create_object.isra.0+0x3a/0xa20 [ 2321.075251] should_failslab+0x5/0x20 [ 2321.076130] kmem_cache_alloc+0x5b/0x310 [ 2321.077076] create_object.isra.0+0x3a/0xa20 [ 2321.078088] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 03:01:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x900, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2321.079276] kmem_cache_alloc+0x159/0x310 [ 2321.080411] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2321.081670] idr_get_free+0x4b5/0x8f0 [ 2321.082542] idr_alloc_u32+0x170/0x2d0 [ 2321.083433] ? __fprop_inc_percpu_max+0x130/0x130 [ 2321.084527] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 2321.085732] ? lock_release+0x680/0x680 [ 2321.086630] idr_alloc+0xc2/0x130 [ 2321.087418] ? idr_alloc_u32+0x2d0/0x2d0 [ 2321.088328] ? rwlock_bug.part.0+0x90/0x90 [ 2321.089298] p9_client_prepare_req.part.0+0x612/0xac0 [ 2321.090471] p9_client_rpc+0x220/0x1370 [ 2321.091376] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2321.092571] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2321.093787] ? pipe_poll+0x21b/0x800 [ 2321.094618] ? p9_fd_close+0x4a0/0x4a0 [ 2321.095505] ? wait_for_partner+0x3c0/0x3c0 [ 2321.096486] ? p9_fd_poll+0x1e0/0x2c0 [ 2321.097346] ? p9_fd_create+0x357/0x4a0 [ 2321.098263] ? p9_conn_create+0x510/0x510 [ 2321.099214] ? p9_client_create+0x798/0x1230 [ 2321.100202] ? kfree+0xd7/0x340 [ 2321.100946] ? do_raw_spin_unlock+0x4f/0x220 [ 2321.101942] p9_client_create+0xa76/0x1230 [ 2321.102918] ? p9_client_flush+0x430/0x430 [ 2321.103879] ? trace_hardirqs_on+0x5b/0x180 [ 2321.104854] ? lockdep_init_map_type+0x2c7/0x780 [ 2321.105921] ? __raw_spin_lock_init+0x36/0x110 [ 2321.106962] v9fs_session_init+0x1dd/0x1680 [ 2321.107931] ? lock_release+0x680/0x680 [ 2321.108833] ? kmem_cache_alloc_trace+0x151/0x320 [ 2321.109910] ? v9fs_show_options+0x690/0x690 [ 2321.110922] ? trace_hardirqs_on+0x5b/0x180 [ 2321.111892] ? kasan_unpoison_shadow+0x33/0x50 [ 2321.112923] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2321.114063] v9fs_mount+0x79/0x8f0 [ 2321.114873] ? v9fs_write_inode+0x60/0x60 [ 2321.115809] legacy_get_tree+0x105/0x220 [ 2321.116723] vfs_get_tree+0x8e/0x300 [ 2321.117560] path_mount+0x1429/0x2120 [ 2321.118421] ? strncpy_from_user+0x9e/0x470 [ 2321.119397] ? finish_automount+0xa90/0xa90 [ 2321.120365] ? getname_flags.part.0+0x1dd/0x4f0 [ 2321.121416] ? _copy_from_user+0xfb/0x1b0 [ 2321.122353] __x64_sys_mount+0x282/0x300 [ 2321.123271] ? copy_mnt_ns+0xa00/0xa00 [ 2321.124155] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2321.125336] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2321.126497] do_syscall_64+0x33/0x40 [ 2321.127344] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2321.128494] RIP: 0033:0x7f96c0f0ab19 [ 2321.129331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2321.133464] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2321.135187] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2321.136793] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2321.138395] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2321.140012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2321.141611] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:01:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xa00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xb00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19117, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:45 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb6, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:45 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x1020, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2321.274019] udc-core: couldn't find an available UDC or it's busy [ 2321.275741] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:01:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff018) 03:01:58 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 44) 03:01:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 41) 03:01:58 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x2, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}]}) 03:01:58 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:58 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb7, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:58 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19118, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff019) 03:01:58 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2010, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2334.979941] udc-core: couldn't find an available UDC or it's busy [ 2334.980948] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2334.985883] FAULT_INJECTION: forcing a failure. [ 2334.985883] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2334.988625] CPU: 0 PID: 10881 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2334.990124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2334.991946] Call Trace: [ 2334.992526] dump_stack+0x107/0x167 [ 2334.993325] should_fail.cold+0x5/0xa [ 2334.994155] __alloc_pages_nodemask+0x182/0x600 [ 2334.995177] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2334.996480] ? find_get_entry+0x2c8/0x740 [ 2334.997378] ? slab_free_freelist_hook+0xa9/0x180 [ 2334.998428] alloc_pages_current+0x187/0x280 [ 2334.999393] __page_cache_alloc+0x2d2/0x360 03:01:58 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb8, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2335.000336] ? jbd2_journal_stop+0x188/0xdc0 [ 2335.001457] pagecache_get_page+0x2c7/0xc80 [ 2335.002384] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2335.003456] grab_cache_page_write_begin+0x64/0xa0 [ 2335.004515] ext4_da_write_begin+0x2f3/0xd40 [ 2335.005464] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2335.006712] ? ext4_write_begin+0x10f0/0x10f0 [ 2335.007684] ? copyout_mc+0x140/0x140 [ 2335.008515] generic_perform_write+0x20a/0x4f0 [ 2335.009510] ? page_cache_prev_miss+0x310/0x310 [ 2335.010515] ? down_write_killable+0x180/0x180 [ 2335.011520] ext4_buffered_write_iter+0x232/0x4a0 [ 2335.012565] ext4_file_write_iter+0x3ab/0x1530 [ 2335.013552] ? stack_trace_save+0x8c/0xc0 [ 2335.014445] ? stack_trace_consume_entry+0x160/0x160 [ 2335.015556] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2335.016533] ? kasan_save_stack+0x32/0x40 [ 2335.017423] ? kasan_save_stack+0x1b/0x40 [ 2335.018313] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2335.019410] ? iter_file_splice_write+0x165/0xc90 [ 2335.020445] ? direct_splice_actor+0x10f/0x170 [ 2335.021426] ? splice_direct_to_actor+0x387/0x980 [ 2335.022458] ? do_splice_direct+0x1c4/0x290 [ 2335.023396] ? do_sendfile+0x553/0x11e0 [ 2335.024249] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2335.025250] ? do_syscall_64+0x33/0x40 [ 2335.026093] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2335.027261] do_iter_readv_writev+0x476/0x750 [ 2335.028233] ? new_sync_write+0x660/0x660 [ 2335.029123] ? avc_policy_seqno+0x9/0x70 [ 2335.030011] ? selinux_file_permission+0x92/0x520 [ 2335.031065] ? security_file_permission+0xb1/0xe0 [ 2335.032119] do_iter_write+0x191/0x700 [ 2335.032961] ? trace_hardirqs_on+0x5b/0x180 [ 2335.033901] vfs_iter_write+0x70/0xa0 [ 2335.034723] iter_file_splice_write+0x726/0xc90 [ 2335.035758] ? generic_splice_sendpage+0x140/0x140 [ 2335.036830] ? security_file_permission+0xb1/0xe0 [ 2335.037872] ? generic_splice_sendpage+0x140/0x140 [ 2335.038941] direct_splice_actor+0x10f/0x170 [ 2335.039893] splice_direct_to_actor+0x387/0x980 [ 2335.040900] ? pipe_to_sendpage+0x380/0x380 [ 2335.041834] ? do_splice_to+0x160/0x160 [ 2335.042688] ? security_file_permission+0xb1/0xe0 [ 2335.043750] do_splice_direct+0x1c4/0x290 [ 2335.044649] ? splice_direct_to_actor+0x980/0x980 [ 2335.045691] ? avc_policy_seqno+0x9/0x70 [ 2335.046570] ? security_file_permission+0xb1/0xe0 [ 2335.047637] do_sendfile+0x553/0x11e0 03:01:59 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x2e00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:59 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x3f00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2335.048478] ? do_pwritev+0x270/0x270 [ 2335.049410] ? wait_for_completion_io+0x270/0x270 [ 2335.050456] ? rcu_read_lock_any_held+0x75/0xa0 [ 2335.051464] ? vfs_write+0x354/0xb10 [ 2335.052272] __x64_sys_sendfile64+0x1d1/0x210 [ 2335.053245] ? __ia32_sys_sendfile+0x220/0x220 [ 2335.054240] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2335.055375] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2335.056486] do_syscall_64+0x33/0x40 [ 2335.057286] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2335.058390] RIP: 0033:0x7f32880cdb19 [ 2335.059200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2335.063168] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2335.064804] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2335.066344] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2335.067888] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2335.069426] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2335.070974] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2335.100918] FAULT_INJECTION: forcing a failure. [ 2335.100918] name failslab, interval 1, probability 0, space 0, times 0 [ 2335.102259] CPU: 1 PID: 10891 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2335.103087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2335.104045] Call Trace: [ 2335.104353] dump_stack+0x107/0x167 [ 2335.104793] should_fail.cold+0x5/0xa [ 2335.105242] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2335.105901] should_failslab+0x5/0x20 [ 2335.106348] kmem_cache_alloc+0x5b/0x310 [ 2335.106821] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2335.107475] idr_get_free+0x4b5/0x8f0 [ 2335.107927] idr_alloc_u32+0x170/0x2d0 [ 2335.108377] ? __fprop_inc_percpu_max+0x130/0x130 [ 2335.108941] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 2335.109550] ? lock_release+0x680/0x680 [ 2335.110013] idr_alloc+0xc2/0x130 [ 2335.110408] ? idr_alloc_u32+0x2d0/0x2d0 [ 2335.110880] ? rwlock_bug.part.0+0x90/0x90 [ 2335.111380] p9_client_prepare_req.part.0+0x612/0xac0 [ 2335.111986] p9_client_rpc+0x220/0x1370 [ 2335.112442] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2335.113079] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2335.113824] ? pipe_poll+0x21b/0x800 [ 2335.114297] ? p9_fd_close+0x4a0/0x4a0 [ 2335.114836] ? wait_for_partner+0x3c0/0x3c0 [ 2335.115448] ? p9_fd_poll+0x1e0/0x2c0 [ 2335.115991] ? p9_fd_create+0x357/0x4a0 [ 2335.116545] ? p9_conn_create+0x510/0x510 [ 2335.117128] ? p9_client_create+0x798/0x1230 [ 2335.117742] ? kfree+0xd7/0x340 [ 2335.118203] ? do_raw_spin_unlock+0x4f/0x220 [ 2335.118818] p9_client_create+0xa76/0x1230 [ 2335.119427] ? p9_client_flush+0x430/0x430 [ 2335.120021] ? trace_hardirqs_on+0x5b/0x180 [ 2335.120621] ? lockdep_init_map_type+0x2c7/0x780 [ 2335.121276] ? __raw_spin_lock_init+0x36/0x110 [ 2335.121915] v9fs_session_init+0x1dd/0x1680 [ 2335.122525] ? lock_release+0x680/0x680 [ 2335.123103] ? kmem_cache_alloc_trace+0x151/0x320 [ 2335.123775] ? v9fs_show_options+0x690/0x690 [ 2335.124393] ? trace_hardirqs_on+0x5b/0x180 [ 2335.124991] ? kasan_unpoison_shadow+0x33/0x50 [ 2335.125637] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2335.126364] v9fs_mount+0x79/0x8f0 [ 2335.126868] ? v9fs_write_inode+0x60/0x60 [ 2335.127464] legacy_get_tree+0x105/0x220 [ 2335.128026] vfs_get_tree+0x8e/0x300 [ 2335.128541] path_mount+0x1429/0x2120 [ 2335.129074] ? strncpy_from_user+0x9e/0x470 [ 2335.129673] ? finish_automount+0xa90/0xa90 [ 2335.130278] ? getname_flags.part.0+0x1dd/0x4f0 [ 2335.130928] ? _copy_from_user+0xfb/0x1b0 [ 2335.131521] __x64_sys_mount+0x282/0x300 [ 2335.132087] ? copy_mnt_ns+0xa00/0xa00 [ 2335.132635] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2335.133367] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2335.134077] do_syscall_64+0x33/0x40 [ 2335.134593] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2335.135313] RIP: 0033:0x7f96c0f0ab19 [ 2335.135829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2335.138371] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2335.139428] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2335.140410] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2335.141401] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2335.142383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2335.143366] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:01:59 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:01:59 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:01:59 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fb9, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:01:59 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19119, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2335.194044] udc-core: couldn't find an available UDC or it's busy [ 2335.195958] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:02:12 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, 0x0}]}) 03:02:12 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff01a) 03:02:12 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(0x0, 0x0) 03:02:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 42) 03:02:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4084, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911a, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:12 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fba, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:12 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 45) [ 2348.497836] FAULT_INJECTION: forcing a failure. [ 2348.497836] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.499482] CPU: 1 PID: 10929 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2348.500460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2348.501607] Call Trace: [ 2348.501986] dump_stack+0x107/0x167 [ 2348.502501] should_fail.cold+0x5/0xa [ 2348.503043] ? create_object.isra.0+0x3a/0xa20 [ 2348.503699] should_failslab+0x5/0x20 [ 2348.504241] kmem_cache_alloc+0x5b/0x310 [ 2348.504821] create_object.isra.0+0x3a/0xa20 [ 2348.505432] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2348.506150] kmem_cache_alloc+0x159/0x310 [ 2348.506739] alloc_buffer_head+0x20/0x110 [ 2348.507323] alloc_page_buffers+0x14d/0x700 [ 2348.507935] create_empty_buffers+0x2c/0x640 [ 2348.508554] ? start_this_handle+0xfdd/0x1390 [ 2348.509180] ? start_this_handle+0xd57/0x1390 [ 2348.509811] create_page_buffers+0x1bb/0x230 [ 2348.510443] __block_write_begin_int+0x1d1/0x19c0 [ 2348.511138] ? ext4_da_release_space+0x480/0x480 [ 2348.511807] ? kmem_cache_alloc+0x2a6/0x310 [ 2348.512419] ? remove_inode_buffers+0x300/0x300 [ 2348.513079] ? jbd2__journal_start+0xf3/0x7e0 [ 2348.513733] ext4_da_write_begin+0x37d/0xd40 [ 2348.514371] ? ext4_write_begin+0x10f0/0x10f0 [ 2348.515010] ? copyout_mc+0x140/0x140 [ 2348.515569] generic_perform_write+0x20a/0x4f0 [ 2348.516221] ? page_cache_prev_miss+0x310/0x310 [ 2348.516874] ? down_write_killable+0x180/0x180 [ 2348.517520] ext4_buffered_write_iter+0x232/0x4a0 [ 2348.518195] ext4_file_write_iter+0x3ab/0x1530 [ 2348.518556] udc-core: couldn't find an available UDC or it's busy [ 2348.518833] ? stack_trace_save+0x8c/0xc0 [ 2348.518855] ? stack_trace_consume_entry+0x160/0x160 [ 2348.520434] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2348.520885] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2348.523586] ? kasan_save_stack+0x32/0x40 [ 2348.524164] ? kasan_save_stack+0x1b/0x40 [ 2348.524746] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2348.525452] ? iter_file_splice_write+0x165/0xc90 [ 2348.526119] ? direct_splice_actor+0x10f/0x170 [ 2348.526749] ? splice_direct_to_actor+0x387/0x980 [ 2348.527427] ? do_splice_direct+0x1c4/0x290 [ 2348.528023] ? do_sendfile+0x553/0x11e0 [ 2348.528576] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2348.529220] ? do_syscall_64+0x33/0x40 [ 2348.529763] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2348.529883] FAULT_INJECTION: forcing a failure. [ 2348.529883] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.530511] do_iter_readv_writev+0x476/0x750 [ 2348.533651] ? new_sync_write+0x660/0x660 [ 2348.534226] ? avc_policy_seqno+0x9/0x70 [ 2348.534792] ? selinux_file_permission+0x92/0x520 [ 2348.535472] ? security_file_permission+0xb1/0xe0 [ 2348.536156] do_iter_write+0x191/0x700 [ 2348.536698] ? trace_hardirqs_on+0x5b/0x180 [ 2348.537309] vfs_iter_write+0x70/0xa0 [ 2348.537844] iter_file_splice_write+0x726/0xc90 [ 2348.538507] ? generic_splice_sendpage+0x140/0x140 [ 2348.539206] ? security_file_permission+0xb1/0xe0 [ 2348.539877] ? generic_splice_sendpage+0x140/0x140 [ 2348.540556] direct_splice_actor+0x10f/0x170 [ 2348.541174] splice_direct_to_actor+0x387/0x980 [ 2348.541849] ? pipe_to_sendpage+0x380/0x380 [ 2348.542464] ? do_splice_to+0x160/0x160 [ 2348.543024] ? security_file_permission+0xb1/0xe0 [ 2348.543730] do_splice_direct+0x1c4/0x290 [ 2348.544332] ? splice_direct_to_actor+0x980/0x980 [ 2348.545022] ? avc_policy_seqno+0x9/0x70 [ 2348.545591] ? security_file_permission+0xb1/0xe0 [ 2348.546277] do_sendfile+0x553/0x11e0 [ 2348.546815] ? do_pwritev+0x270/0x270 [ 2348.547353] ? wait_for_completion_io+0x270/0x270 [ 2348.548024] ? rcu_read_lock_any_held+0x75/0xa0 [ 2348.548666] ? vfs_write+0x354/0xb10 [ 2348.549191] __x64_sys_sendfile64+0x1d1/0x210 [ 2348.549817] ? __ia32_sys_sendfile+0x220/0x220 [ 2348.550467] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2348.551206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2348.551955] do_syscall_64+0x33/0x40 [ 2348.552487] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2348.553198] RIP: 0033:0x7f32880cdb19 [ 2348.553717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2348.556291] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2348.557350] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2348.558346] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2348.559346] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2348.560349] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2348.561354] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2348.562394] CPU: 0 PID: 10937 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2348.564015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2348.565911] Call Trace: [ 2348.566515] dump_stack+0x107/0x167 [ 2348.567363] should_fail.cold+0x5/0xa [ 2348.568250] ? create_object.isra.0+0x3a/0xa20 [ 2348.569299] should_failslab+0x5/0x20 [ 2348.570190] kmem_cache_alloc+0x5b/0x310 [ 2348.571140] create_object.isra.0+0x3a/0xa20 [ 2348.572153] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2348.573326] kmem_cache_alloc+0x159/0x310 [ 2348.574282] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 2348.575561] idr_get_free+0x4b5/0x8f0 [ 2348.576457] idr_alloc_u32+0x170/0x2d0 [ 2348.577328] ? __fprop_inc_percpu_max+0x130/0x130 [ 2348.578419] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 2348.579653] ? lock_release+0x680/0x680 [ 2348.580572] idr_alloc+0xc2/0x130 [ 2348.581372] ? idr_alloc_u32+0x2d0/0x2d0 [ 2348.582290] ? rwlock_bug.part.0+0x90/0x90 [ 2348.583287] p9_client_prepare_req.part.0+0x612/0xac0 [ 2348.584478] p9_client_rpc+0x220/0x1370 [ 2348.585390] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2348.586592] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 2348.587810] ? pipe_poll+0x21b/0x800 [ 2348.588666] ? p9_fd_close+0x4a0/0x4a0 [ 2348.589553] ? wait_for_partner+0x3c0/0x3c0 [ 2348.590540] ? p9_fd_poll+0x1e0/0x2c0 [ 2348.591423] ? p9_fd_create+0x357/0x4a0 [ 2348.592351] ? p9_conn_create+0x510/0x510 [ 2348.593295] ? p9_client_create+0x798/0x1230 [ 2348.594294] ? kfree+0xd7/0x340 [ 2348.595043] ? do_raw_spin_unlock+0x4f/0x220 [ 2348.596088] p9_client_create+0xa76/0x1230 [ 2348.597064] ? p9_client_flush+0x430/0x430 [ 2348.598033] ? trace_hardirqs_on+0x5b/0x180 [ 2348.599021] ? lockdep_init_map_type+0x2c7/0x780 [ 2348.600130] ? __raw_spin_lock_init+0x36/0x110 [ 2348.601198] v9fs_session_init+0x1dd/0x1680 [ 2348.602185] ? lock_release+0x680/0x680 [ 2348.603116] ? kmem_cache_alloc_trace+0x151/0x320 [ 2348.604224] ? v9fs_show_options+0x690/0x690 [ 2348.605238] ? trace_hardirqs_on+0x5b/0x180 [ 2348.606221] ? kasan_unpoison_shadow+0x33/0x50 [ 2348.607289] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2348.608461] v9fs_mount+0x79/0x8f0 [ 2348.609493] ? v9fs_write_inode+0x60/0x60 [ 2348.610453] legacy_get_tree+0x105/0x220 [ 2348.611396] vfs_get_tree+0x8e/0x300 [ 2348.612255] path_mount+0x1429/0x2120 [ 2348.613136] ? strncpy_from_user+0x9e/0x470 [ 2348.614124] ? finish_automount+0xa90/0xa90 [ 2348.615131] ? getname_flags.part.0+0x1dd/0x4f0 [ 2348.616214] ? _copy_from_user+0xfb/0x1b0 [ 2348.617176] __x64_sys_mount+0x282/0x300 [ 2348.618099] ? copy_mnt_ns+0xa00/0xa00 [ 2348.618995] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2348.620241] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2348.621430] do_syscall_64+0x33/0x40 [ 2348.622288] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2348.623461] RIP: 0033:0x7f96c0f0ab19 [ 2348.624328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2348.629202] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2348.630974] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2348.632627] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2348.634272] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2348.635907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2348.637520] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2348.650951] udc-core: couldn't find an available UDC or it's busy [ 2348.652095] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:02:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4603, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 43) 03:02:12 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fbb, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:12 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911b, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:12 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(0x0, 0x0) [ 2348.758667] FAULT_INJECTION: forcing a failure. [ 2348.758667] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.760154] CPU: 1 PID: 10952 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2348.760939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2348.761885] Call Trace: [ 2348.762193] dump_stack+0x107/0x167 [ 2348.762618] should_fail.cold+0x5/0xa [ 2348.763057] ? create_object.isra.0+0x3a/0xa20 [ 2348.763587] should_failslab+0x5/0x20 [ 2348.764024] kmem_cache_alloc+0x5b/0x310 [ 2348.764485] ? lru_cache_add+0x45c/0x800 [ 2348.764948] create_object.isra.0+0x3a/0xa20 [ 2348.765447] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2348.766030] kmem_cache_alloc+0x159/0x310 [ 2348.766519] jbd2__journal_start+0x190/0x7e0 [ 2348.767035] __ext4_journal_start_sb+0x214/0x390 [ 2348.767603] ext4_da_write_begin+0x51f/0xd40 [ 2348.768118] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2348.768802] ? ext4_write_begin+0x10f0/0x10f0 [ 2348.769319] ? copyout_mc+0x140/0x140 [ 2348.769766] generic_perform_write+0x20a/0x4f0 [ 2348.770292] ? page_cache_prev_miss+0x310/0x310 [ 2348.770821] ? down_write_killable+0x180/0x180 [ 2348.771360] ext4_buffered_write_iter+0x232/0x4a0 [ 2348.771912] ext4_file_write_iter+0x3ab/0x1530 [ 2348.772438] ? stack_trace_save+0x8c/0xc0 [ 2348.772911] ? stack_trace_consume_entry+0x160/0x160 [ 2348.773495] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2348.774014] ? kasan_save_stack+0x32/0x40 [ 2348.774485] ? kasan_save_stack+0x1b/0x40 [ 2348.774950] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2348.775536] ? iter_file_splice_write+0x165/0xc90 [ 2348.776081] ? direct_splice_actor+0x10f/0x170 [ 2348.776600] ? splice_direct_to_actor+0x387/0x980 [ 2348.777146] ? do_splice_direct+0x1c4/0x290 [ 2348.777641] ? do_sendfile+0x553/0x11e0 [ 2348.778094] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2348.778622] ? do_syscall_64+0x33/0x40 [ 2348.779065] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2348.779691] do_iter_readv_writev+0x476/0x750 [ 2348.780208] ? new_sync_write+0x660/0x660 [ 2348.780695] ? avc_policy_seqno+0x9/0x70 [ 2348.781160] ? selinux_file_permission+0x92/0x520 [ 2348.781720] ? security_file_permission+0xb1/0xe0 [ 2348.782272] do_iter_write+0x191/0x700 [ 2348.782719] ? trace_hardirqs_on+0x5b/0x180 [ 2348.783221] vfs_iter_write+0x70/0xa0 [ 2348.783659] iter_file_splice_write+0x726/0xc90 [ 2348.784195] ? generic_splice_sendpage+0x140/0x140 [ 2348.784766] ? security_file_permission+0xb1/0xe0 [ 2348.785317] ? generic_splice_sendpage+0x140/0x140 [ 2348.785877] direct_splice_actor+0x10f/0x170 [ 2348.786380] splice_direct_to_actor+0x387/0x980 [ 2348.786914] ? pipe_to_sendpage+0x380/0x380 [ 2348.787411] ? do_splice_to+0x160/0x160 [ 2348.787864] ? security_file_permission+0xb1/0xe0 [ 2348.788419] do_splice_direct+0x1c4/0x290 [ 2348.788893] ? splice_direct_to_actor+0x980/0x980 [ 2348.789443] ? avc_policy_seqno+0x9/0x70 [ 2348.789907] ? security_file_permission+0xb1/0xe0 [ 2348.790461] do_sendfile+0x553/0x11e0 [ 2348.790903] ? do_pwritev+0x270/0x270 [ 2348.791350] ? wait_for_completion_io+0x270/0x270 [ 2348.791907] ? rcu_read_lock_any_held+0x75/0xa0 [ 2348.792434] ? vfs_write+0x354/0xb10 [ 2348.792862] __x64_sys_sendfile64+0x1d1/0x210 [ 2348.793378] ? __ia32_sys_sendfile+0x220/0x220 [ 2348.793920] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2348.794536] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2348.795156] do_syscall_64+0x33/0x40 [ 2348.795589] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2348.796191] RIP: 0033:0x7f32880cdb19 [ 2348.796628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2348.798799] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2348.799707] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2348.800534] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2348.801388] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2348.802229] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2348.803071] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:02:12 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff01b) [ 2348.819564] udc-core: couldn't find an available UDC or it's busy [ 2348.820543] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:02:12 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4800, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:12 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fbc, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:28 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4c00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:28 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 44) 03:02:28 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, 0x0}]}) 03:02:28 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fbd, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:28 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(0x0, 0x0) 03:02:28 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:28 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff01c) 03:02:28 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 46) [ 2364.900752] udc-core: couldn't find an available UDC or it's busy [ 2364.901741] udc-core: couldn't find an available UDC or it's busy [ 2364.902430] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2364.904030] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2364.914572] FAULT_INJECTION: forcing a failure. [ 2364.914572] name failslab, interval 1, probability 0, space 0, times 0 [ 2364.917412] CPU: 0 PID: 10981 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2364.919013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2364.920903] Call Trace: [ 2364.921502] dump_stack+0x107/0x167 [ 2364.922325] should_fail.cold+0x5/0xa [ 2364.923193] ? create_object.isra.0+0x3a/0xa20 [ 2364.924248] should_failslab+0x5/0x20 [ 2364.925114] kmem_cache_alloc+0x5b/0x310 [ 2364.926039] create_object.isra.0+0x3a/0xa20 [ 2364.927026] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2364.928190] kmem_cache_alloc+0x159/0x310 [ 2364.929154] alloc_buffer_head+0x20/0x110 [ 2364.930085] alloc_page_buffers+0x14d/0x700 [ 2364.930808] FAULT_INJECTION: forcing a failure. [ 2364.930808] name failslab, interval 1, probability 0, space 0, times 0 [ 2364.931079] create_empty_buffers+0x2c/0x640 [ 2364.934515] ? start_this_handle+0xfdd/0x1390 [ 2364.935526] ? start_this_handle+0xd57/0x1390 [ 2364.936538] create_page_buffers+0x1bb/0x230 [ 2364.937539] __block_write_begin_int+0x1d1/0x19c0 [ 2364.938639] ? ext4_da_release_space+0x480/0x480 [ 2364.939717] ? kmem_cache_alloc+0x2a6/0x310 [ 2364.940702] ? remove_inode_buffers+0x300/0x300 [ 2364.941773] ? jbd2__journal_start+0xf3/0x7e0 [ 2364.942816] ext4_da_write_begin+0x37d/0xd40 [ 2364.943862] ? ext4_write_begin+0x10f0/0x10f0 [ 2364.944897] ? copyout_mc+0x140/0x140 [ 2364.945775] generic_perform_write+0x20a/0x4f0 [ 2364.946829] ? page_cache_prev_miss+0x310/0x310 [ 2364.947940] ? down_write_killable+0x180/0x180 [ 2364.949013] ext4_buffered_write_iter+0x232/0x4a0 [ 2364.950137] ext4_file_write_iter+0x3ab/0x1530 [ 2364.951179] ? stack_trace_save+0x8c/0xc0 [ 2364.952154] ? stack_trace_consume_entry+0x160/0x160 [ 2364.953333] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2364.954375] ? kasan_save_stack+0x32/0x40 [ 2364.955334] ? kasan_save_stack+0x1b/0x40 [ 2364.956302] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2364.957464] ? iter_file_splice_write+0x165/0xc90 [ 2364.958567] ? direct_splice_actor+0x10f/0x170 [ 2364.959630] ? splice_direct_to_actor+0x387/0x980 [ 2364.960743] ? do_splice_direct+0x1c4/0x290 [ 2364.961730] ? do_sendfile+0x553/0x11e0 [ 2364.962640] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2364.963716] ? do_syscall_64+0x33/0x40 [ 2364.964609] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2364.965846] do_iter_readv_writev+0x476/0x750 [ 2364.966900] ? new_sync_write+0x660/0x660 [ 2364.967868] ? avc_policy_seqno+0x9/0x70 [ 2364.968801] ? selinux_file_permission+0x92/0x520 [ 2364.969932] ? security_file_permission+0xb1/0xe0 [ 2364.971058] do_iter_write+0x191/0x700 [ 2364.971980] ? trace_hardirqs_on+0x5b/0x180 [ 2364.972979] vfs_iter_write+0x70/0xa0 [ 2364.973843] iter_file_splice_write+0x726/0xc90 [ 2364.974967] ? generic_splice_sendpage+0x140/0x140 [ 2364.976204] ? security_file_permission+0xb1/0xe0 [ 2364.977327] ? generic_splice_sendpage+0x140/0x140 [ 2364.978448] direct_splice_actor+0x10f/0x170 [ 2364.979481] splice_direct_to_actor+0x387/0x980 [ 2364.980551] ? pipe_to_sendpage+0x380/0x380 [ 2364.981545] ? do_splice_to+0x160/0x160 [ 2364.982458] ? security_file_permission+0xb1/0xe0 [ 2364.983595] do_splice_direct+0x1c4/0x290 [ 2364.984552] ? splice_direct_to_actor+0x980/0x980 [ 2364.985651] ? avc_policy_seqno+0x9/0x70 [ 2364.986593] ? security_file_permission+0xb1/0xe0 [ 2364.987732] do_sendfile+0x553/0x11e0 [ 2364.988628] ? do_pwritev+0x270/0x270 [ 2364.989505] ? wait_for_completion_io+0x270/0x270 [ 2364.990611] ? rcu_read_lock_any_held+0x75/0xa0 [ 2364.991697] ? vfs_write+0x354/0xb10 [ 2364.992562] __x64_sys_sendfile64+0x1d1/0x210 [ 2364.993590] ? __ia32_sys_sendfile+0x220/0x220 [ 2364.994647] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2364.995872] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2364.997071] do_syscall_64+0x33/0x40 [ 2364.997939] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2364.999124] RIP: 0033:0x7f32880cdb19 [ 2365.000010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2365.004232] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2365.005977] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2365.007624] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2365.009260] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2365.011242] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2365.013314] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2365.015417] CPU: 1 PID: 10988 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2365.017030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2365.018902] Call Trace: [ 2365.019519] dump_stack+0x107/0x167 [ 2365.020339] should_fail.cold+0x5/0xa [ 2365.021194] ? p9pdu_readf+0xadb/0x1d40 [ 2365.022091] should_failslab+0x5/0x20 [ 2365.022962] __kmalloc+0x72/0x390 [ 2365.023768] p9pdu_readf+0xadb/0x1d40 [ 2365.024636] ? pipe_poll+0x21b/0x800 [ 2365.025477] ? p9pdu_writef+0x100/0x100 [ 2365.026384] ? p9_fd_poll+0x1e0/0x2c0 [ 2365.027244] ? p9_fd_create+0x357/0x4a0 [ 2365.028149] ? p9_conn_create+0x510/0x510 [ 2365.029076] ? p9_client_create+0x798/0x1230 [ 2365.030065] ? kfree+0xd7/0x340 [ 2365.030803] ? do_raw_spin_unlock+0x4f/0x220 [ 2365.031806] p9_client_create+0xaee/0x1230 [ 2365.032787] ? p9_client_flush+0x430/0x430 [ 2365.033740] ? trace_hardirqs_on+0x5b/0x180 [ 2365.034713] ? lockdep_init_map_type+0x2c7/0x780 [ 2365.035796] ? __raw_spin_lock_init+0x36/0x110 [ 2365.036828] v9fs_session_init+0x1dd/0x1680 [ 2365.037795] ? lock_release+0x680/0x680 [ 2365.038703] ? kmem_cache_alloc_trace+0x151/0x320 [ 2365.039790] ? v9fs_show_options+0x690/0x690 [ 2365.040782] ? trace_hardirqs_on+0x5b/0x180 [ 2365.041748] ? kasan_unpoison_shadow+0x33/0x50 [ 2365.042773] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2365.043916] v9fs_mount+0x79/0x8f0 [ 2365.044712] ? v9fs_write_inode+0x60/0x60 [ 2365.045640] legacy_get_tree+0x105/0x220 [ 2365.046550] vfs_get_tree+0x8e/0x300 [ 2365.047390] path_mount+0x1429/0x2120 [ 2365.048264] ? strncpy_from_user+0x9e/0x470 [ 2365.049238] ? finish_automount+0xa90/0xa90 [ 2365.050202] ? getname_flags.part.0+0x1dd/0x4f0 [ 2365.051259] ? _copy_from_user+0xfb/0x1b0 [ 2365.052201] __x64_sys_mount+0x282/0x300 [ 2365.053117] ? copy_mnt_ns+0xa00/0xa00 [ 2365.054003] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2365.055199] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2365.056371] do_syscall_64+0x33/0x40 [ 2365.057213] entry_SYSCALL_64_after_hwframe+0x67/0xd1 03:02:29 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x6800, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2365.058365] RIP: 0033:0x7f96c0f0ab19 [ 2365.059429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2365.063562] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2365.065272] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2365.066875] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2365.068480] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2365.070071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2365.071697] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:02:29 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fbe, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:29 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911d, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:29 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:02:29 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x6c00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 45) [ 2365.305959] udc-core: couldn't find an available UDC or it's busy [ 2365.307655] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2365.367558] FAULT_INJECTION: forcing a failure. [ 2365.367558] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2365.370558] CPU: 1 PID: 11011 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2365.372125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2365.373991] Call Trace: [ 2365.374583] dump_stack+0x107/0x167 [ 2365.375404] should_fail.cold+0x5/0xa [ 2365.376251] __alloc_pages_nodemask+0x182/0x600 [ 2365.377288] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2365.378630] ? find_get_entry+0x2c8/0x740 [ 2365.379562] ? slab_free_freelist_hook+0xa9/0x180 [ 2365.380639] alloc_pages_current+0x187/0x280 [ 2365.381630] __page_cache_alloc+0x2d2/0x360 [ 2365.382583] ? jbd2_journal_stop+0x188/0xdc0 [ 2365.383562] pagecache_get_page+0x2c7/0xc80 [ 2365.384537] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2365.385645] grab_cache_page_write_begin+0x64/0xa0 [ 2365.386719] ext4_da_write_begin+0x2f3/0xd40 [ 2365.387717] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2365.388998] ? ext4_write_begin+0x10f0/0x10f0 [ 2365.389981] ? copyout_mc+0x140/0x140 [ 2365.390832] generic_perform_write+0x20a/0x4f0 [ 2365.391868] ? page_cache_prev_miss+0x310/0x310 [ 2365.392907] ? down_write_killable+0x180/0x180 [ 2365.393922] ext4_buffered_write_iter+0x232/0x4a0 [ 2365.395006] ext4_file_write_iter+0x3ab/0x1530 [ 2365.396030] ? stack_trace_save+0x8c/0xc0 [ 2365.396946] ? stack_trace_consume_entry+0x160/0x160 [ 2365.398086] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2365.399098] ? kasan_save_stack+0x32/0x40 [ 2365.400017] ? kasan_save_stack+0x1b/0x40 [ 2365.400939] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2365.402068] ? iter_file_splice_write+0x165/0xc90 [ 2365.403140] ? direct_splice_actor+0x10f/0x170 [ 2365.404163] ? splice_direct_to_actor+0x387/0x980 [ 2365.405241] ? do_splice_direct+0x1c4/0x290 [ 2365.406211] ? do_sendfile+0x553/0x11e0 [ 2365.407095] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2365.408140] ? do_syscall_64+0x33/0x40 [ 2365.409016] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2365.410218] do_iter_readv_writev+0x476/0x750 [ 2365.411227] ? new_sync_write+0x660/0x660 [ 2365.412171] ? avc_policy_seqno+0x9/0x70 [ 2365.413095] ? selinux_file_permission+0x92/0x520 [ 2365.414185] ? security_file_permission+0xb1/0xe0 [ 2365.415291] do_iter_write+0x191/0x700 [ 2365.416167] ? trace_hardirqs_on+0x5b/0x180 [ 2365.417145] vfs_iter_write+0x70/0xa0 [ 2365.418005] iter_file_splice_write+0x726/0xc90 [ 2365.419070] ? generic_splice_sendpage+0x140/0x140 [ 2365.420201] ? security_file_permission+0xb1/0xe0 [ 2365.421283] ? generic_splice_sendpage+0x140/0x140 [ 2365.422390] direct_splice_actor+0x10f/0x170 [ 2365.423386] splice_direct_to_actor+0x387/0x980 [ 2365.424433] ? pipe_to_sendpage+0x380/0x380 [ 2365.425410] ? do_splice_to+0x160/0x160 [ 2365.426299] ? security_file_permission+0xb1/0xe0 [ 2365.427397] do_splice_direct+0x1c4/0x290 [ 2365.428329] ? splice_direct_to_actor+0x980/0x980 [ 2365.429411] ? avc_policy_seqno+0x9/0x70 [ 2365.430331] ? security_file_permission+0xb1/0xe0 [ 2365.431435] do_sendfile+0x553/0x11e0 [ 2365.432308] ? do_pwritev+0x270/0x270 [ 2365.433165] ? wait_for_completion_io+0x270/0x270 [ 2365.434251] ? rcu_read_lock_any_held+0x75/0xa0 [ 2365.435300] ? vfs_write+0x354/0xb10 [ 2365.436138] __x64_sys_sendfile64+0x1d1/0x210 [ 2365.437139] ? __ia32_sys_sendfile+0x220/0x220 [ 2365.438167] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2365.439350] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2365.440511] do_syscall_64+0x33/0x40 [ 2365.441347] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2365.442518] RIP: 0033:0x7f32880cdb19 [ 2365.443360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2365.447468] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2365.449179] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2365.450783] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2365.452385] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2365.453981] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2365.455579] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:02:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 46) 03:02:41 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff01d) 03:02:41 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, 0x0}]}) 03:02:41 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911e, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:41 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 47) 03:02:41 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fbf, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:41 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:02:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x7400, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2377.444853] FAULT_INJECTION: forcing a failure. [ 2377.444853] name failslab, interval 1, probability 0, space 0, times 0 [ 2377.446358] CPU: 1 PID: 11022 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2377.447215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2377.448238] Call Trace: [ 2377.448578] dump_stack+0x107/0x167 [ 2377.449024] should_fail.cold+0x5/0xa [ 2377.449493] ? create_object.isra.0+0x3a/0xa20 [ 2377.450058] should_failslab+0x5/0x20 [ 2377.450533] kmem_cache_alloc+0x5b/0x310 [ 2377.451040] create_object.isra.0+0x3a/0xa20 [ 2377.451585] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.452212] kmem_cache_alloc+0x159/0x310 [ 2377.452724] alloc_buffer_head+0x20/0x110 [ 2377.453232] alloc_page_buffers+0x14d/0x700 [ 2377.453769] create_empty_buffers+0x2c/0x640 [ 2377.454306] ? start_this_handle+0xfdd/0x1390 [ 2377.454854] ? start_this_handle+0xd57/0x1390 [ 2377.455412] create_page_buffers+0x1bb/0x230 [ 2377.455952] __block_write_begin_int+0x1d1/0x19c0 [ 2377.456548] ? ext4_da_release_space+0x480/0x480 [ 2377.457137] ? kmem_cache_alloc+0x2a6/0x310 [ 2377.457673] ? remove_inode_buffers+0x300/0x300 [ 2377.458238] ? jbd2__journal_start+0xf3/0x7e0 [ 2377.458796] ext4_da_write_begin+0x37d/0xd40 [ 2377.459338] ? ext4_write_begin+0x10f0/0x10f0 [ 2377.459898] ? copyout_mc+0x140/0x140 [ 2377.460372] generic_perform_write+0x20a/0x4f0 [ 2377.460933] ? page_cache_prev_miss+0x310/0x310 [ 2377.461500] ? down_write_killable+0x180/0x180 [ 2377.462062] ext4_buffered_write_iter+0x232/0x4a0 [ 2377.462647] ext4_file_write_iter+0x3ab/0x1530 [ 2377.463203] ? stack_trace_save+0x8c/0xc0 [ 2377.463713] ? stack_trace_consume_entry+0x160/0x160 [ 2377.464340] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2377.464890] ? kasan_save_stack+0x32/0x40 [ 2377.465392] ? kasan_save_stack+0x1b/0x40 [ 2377.465899] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.466525] ? iter_file_splice_write+0x165/0xc90 [ 2377.467110] ? direct_splice_actor+0x10f/0x170 [ 2377.467668] ? splice_direct_to_actor+0x387/0x980 [ 2377.468254] ? do_splice_direct+0x1c4/0x290 [ 2377.468778] ? do_sendfile+0x553/0x11e0 [ 2377.469260] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2377.469822] ? do_syscall_64+0x33/0x40 [ 2377.470298] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2377.470948] do_iter_readv_writev+0x476/0x750 [ 2377.471501] ? new_sync_write+0x660/0x660 [ 2377.472002] ? avc_policy_seqno+0x9/0x70 [ 2377.472499] ? selinux_file_permission+0x92/0x520 [ 2377.473087] ? security_file_permission+0xb1/0xe0 [ 2377.473677] do_iter_write+0x191/0x700 [ 2377.474151] ? trace_hardirqs_on+0x5b/0x180 [ 2377.474679] vfs_iter_write+0x70/0xa0 [ 2377.475146] iter_file_splice_write+0x726/0xc90 [ 2377.475741] ? generic_splice_sendpage+0x140/0x140 [ 2377.476350] ? security_file_permission+0xb1/0xe0 [ 2377.476942] ? generic_splice_sendpage+0x140/0x140 [ 2377.477464] FAULT_INJECTION: forcing a failure. [ 2377.477464] name failslab, interval 1, probability 0, space 0, times 0 [ 2377.477542] direct_splice_actor+0x10f/0x170 [ 2377.480409] splice_direct_to_actor+0x387/0x980 [ 2377.480976] ? pipe_to_sendpage+0x380/0x380 [ 2377.481499] ? do_splice_to+0x160/0x160 [ 2377.481976] ? security_file_permission+0xb1/0xe0 [ 2377.482565] do_splice_direct+0x1c4/0x290 [ 2377.483068] ? splice_direct_to_actor+0x980/0x980 [ 2377.483655] ? avc_policy_seqno+0x9/0x70 [ 2377.484146] ? security_file_permission+0xb1/0xe0 [ 2377.484731] do_sendfile+0x553/0x11e0 [ 2377.485198] ? do_pwritev+0x270/0x270 [ 2377.485656] ? wait_for_completion_io+0x270/0x270 [ 2377.486237] ? rcu_read_lock_any_held+0x75/0xa0 [ 2377.486799] ? vfs_write+0x354/0xb10 [ 2377.487249] __x64_sys_sendfile64+0x1d1/0x210 [ 2377.487794] ? __ia32_sys_sendfile+0x220/0x220 [ 2377.488347] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2377.488979] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2377.489602] do_syscall_64+0x33/0x40 [ 2377.490053] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2377.490669] RIP: 0033:0x7f32880cdb19 [ 2377.491122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2377.493343] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2377.494267] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2377.495134] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2377.496007] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2377.496862] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2377.497718] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2377.498600] CPU: 0 PID: 11028 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2377.500091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2377.501841] Call Trace: [ 2377.502397] dump_stack+0x107/0x167 [ 2377.503312] should_fail.cold+0x5/0xa [ 2377.504126] ? create_object.isra.0+0x3a/0xa20 [ 2377.505094] should_failslab+0x5/0x20 [ 2377.505898] kmem_cache_alloc+0x5b/0x310 [ 2377.506762] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2377.507904] ? trace_hardirqs_on+0x5b/0x180 [ 2377.508814] create_object.isra.0+0x3a/0xa20 [ 2377.509742] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.510832] __kmalloc+0x16e/0x390 [ 2377.511592] p9pdu_readf+0xadb/0x1d40 [ 2377.512398] ? pipe_poll+0x21b/0x800 [ 2377.513182] ? p9pdu_writef+0x100/0x100 [ 2377.514021] ? p9_fd_poll+0x1e0/0x2c0 [ 2377.514830] ? p9_fd_create+0x357/0x4a0 [ 2377.515673] ? p9_conn_create+0x510/0x510 [ 2377.516547] ? p9_client_create+0x798/0x1230 [ 2377.517475] ? kfree+0xd7/0x340 [ 2377.518166] ? do_raw_spin_unlock+0x4f/0x220 [ 2377.519097] p9_client_create+0xaee/0x1230 [ 2377.519997] ? p9_client_flush+0x430/0x430 [ 2377.520884] ? trace_hardirqs_on+0x5b/0x180 [ 2377.521787] ? lockdep_init_map_type+0x2c7/0x780 [ 2377.522790] ? __raw_spin_lock_init+0x36/0x110 [ 2377.523759] v9fs_session_init+0x1dd/0x1680 [ 2377.524667] ? lock_release+0x680/0x680 [ 2377.525509] ? kmem_cache_alloc_trace+0x151/0x320 [ 2377.526517] ? v9fs_show_options+0x690/0x690 [ 2377.527450] ? trace_hardirqs_on+0x5b/0x180 [ 2377.528354] ? kasan_unpoison_shadow+0x33/0x50 [ 2377.529309] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.530368] v9fs_mount+0x79/0x8f0 [ 2377.531110] ? v9fs_write_inode+0x60/0x60 [ 2377.531990] legacy_get_tree+0x105/0x220 [ 2377.532843] vfs_get_tree+0x8e/0x300 [ 2377.533624] path_mount+0x1429/0x2120 [ 2377.534424] ? strncpy_from_user+0x9e/0x470 [ 2377.535419] ? finish_automount+0xa90/0xa90 [ 2377.536391] ? getname_flags.part.0+0x1dd/0x4f0 [ 2377.537364] ? _copy_from_user+0xfb/0x1b0 [ 2377.538306] __x64_sys_mount+0x282/0x300 [ 2377.539271] ? copy_mnt_ns+0xa00/0xa00 [ 2377.540223] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2377.541471] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2377.542712] do_syscall_64+0x33/0x40 [ 2377.543613] entry_SYSCALL_64_after_hwframe+0x67/0xd1 03:02:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x7a00, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2377.544853] RIP: 0033:0x7f96c0f0ab19 [ 2377.545813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2377.550273] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2377.552118] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2377.553839] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2377.555569] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2377.557287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2377.558995] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2377.576728] udc-core: couldn't find an available UDC or it's busy [ 2377.578903] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:02:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 47) 03:02:41 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:41 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911f, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:41 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xedc0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:41 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff01e) 03:02:41 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2377.682863] FAULT_INJECTION: forcing a failure. [ 2377.682863] name failslab, interval 1, probability 0, space 0, times 0 [ 2377.685613] CPU: 0 PID: 11043 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2377.687207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2377.689122] Call Trace: [ 2377.689734] dump_stack+0x107/0x167 [ 2377.690576] should_fail.cold+0x5/0xa [ 2377.691466] ? create_object.isra.0+0x3a/0xa20 [ 2377.692518] should_failslab+0x5/0x20 [ 2377.693395] kmem_cache_alloc+0x5b/0x310 [ 2377.694324] ? lru_cache_add+0x45c/0x800 [ 2377.695264] create_object.isra.0+0x3a/0xa20 [ 2377.696282] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.697455] kmem_cache_alloc+0x159/0x310 [ 2377.698418] jbd2__journal_start+0x190/0x7e0 [ 2377.699443] __ext4_journal_start_sb+0x214/0x390 [ 2377.700540] ext4_da_write_begin+0x51f/0xd40 [ 2377.701562] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2377.702892] ? ext4_write_begin+0x10f0/0x10f0 [ 2377.703934] ? copyout_mc+0x140/0x140 [ 2377.704820] generic_perform_write+0x20a/0x4f0 [ 2377.705885] ? page_cache_prev_miss+0x310/0x310 [ 2377.706957] ? down_write_killable+0x180/0x180 [ 2377.708033] ext4_buffered_write_iter+0x232/0x4a0 [ 2377.709149] ext4_file_write_iter+0x3ab/0x1530 [ 2377.710204] ? stack_trace_save+0x8c/0xc0 [ 2377.711160] ? stack_trace_consume_entry+0x160/0x160 [ 2377.712487] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2377.713534] ? kasan_save_stack+0x32/0x40 [ 2377.714481] ? kasan_save_stack+0x1b/0x40 [ 2377.715440] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.716602] ? iter_file_splice_write+0x165/0xc90 03:02:41 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc1, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2377.717707] ? direct_splice_actor+0x10f/0x170 [ 2377.718868] ? splice_direct_to_actor+0x387/0x980 [ 2377.719980] ? do_splice_direct+0x1c4/0x290 [ 2377.720970] ? do_sendfile+0x553/0x11e0 [ 2377.721881] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2377.722948] ? do_syscall_64+0x33/0x40 [ 2377.723849] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2377.725080] do_iter_readv_writev+0x476/0x750 [ 2377.726115] ? new_sync_write+0x660/0x660 [ 2377.727066] ? avc_policy_seqno+0x9/0x70 [ 2377.728008] ? selinux_file_permission+0x92/0x520 [ 2377.729122] ? security_file_permission+0xb1/0xe0 [ 2377.730241] do_iter_write+0x191/0x700 [ 2377.731138] ? trace_hardirqs_on+0x5b/0x180 [ 2377.732147] vfs_iter_write+0x70/0xa0 [ 2377.733024] iter_file_splice_write+0x726/0xc90 [ 2377.734110] ? generic_splice_sendpage+0x140/0x140 [ 2377.735258] ? security_file_permission+0xb1/0xe0 [ 2377.736378] ? generic_splice_sendpage+0x140/0x140 [ 2377.737507] direct_splice_actor+0x10f/0x170 [ 2377.738527] splice_direct_to_actor+0x387/0x980 [ 2377.739612] ? pipe_to_sendpage+0x380/0x380 [ 2377.740610] ? do_splice_to+0x160/0x160 [ 2377.741527] ? security_file_permission+0xb1/0xe0 [ 2377.742648] do_splice_direct+0x1c4/0x290 [ 2377.743611] ? splice_direct_to_actor+0x980/0x980 [ 2377.744720] ? avc_policy_seqno+0x9/0x70 [ 2377.745660] ? security_file_permission+0xb1/0xe0 [ 2377.746780] do_sendfile+0x553/0x11e0 [ 2377.747682] ? do_pwritev+0x270/0x270 [ 2377.748561] ? wait_for_completion_io+0x270/0x270 [ 2377.749674] ? rcu_read_lock_any_held+0x75/0xa0 [ 2377.750743] ? vfs_write+0x354/0xb10 [ 2377.751616] __x64_sys_sendfile64+0x1d1/0x210 [ 2377.752647] ? __ia32_sys_sendfile+0x220/0x220 [ 2377.753703] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2377.754912] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2377.756111] do_syscall_64+0x33/0x40 [ 2377.756968] entry_SYSCALL_64_after_hwframe+0x67/0xd1 03:02:41 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19120, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:41 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 48) [ 2377.758151] RIP: 0033:0x7f32880cdb19 [ 2377.759106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2377.763340] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2377.765099] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2377.766743] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2377.768400] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2377.770039] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2377.771698] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2377.815747] udc-core: couldn't find an available UDC or it's busy [ 2377.817458] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2377.822075] FAULT_INJECTION: forcing a failure. [ 2377.822075] name failslab, interval 1, probability 0, space 0, times 0 [ 2377.823567] CPU: 1 PID: 11064 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2377.824351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2377.825285] Call Trace: [ 2377.825586] dump_stack+0x107/0x167 [ 2377.825998] should_fail.cold+0x5/0xa [ 2377.826440] should_failslab+0x5/0x20 [ 2377.826876] __kmalloc_track_caller+0x79/0x370 [ 2377.827404] ? kasprintf+0xbb/0xf0 [ 2377.827810] ? __delete_object+0xb3/0x100 [ 2377.828281] kvasprintf+0xb5/0x150 [ 2377.828682] ? bust_spinlocks+0xe0/0xe0 [ 2377.829133] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2377.829731] kasprintf+0xbb/0xf0 [ 2377.830118] ? kvasprintf_const+0x1a0/0x1a0 [ 2377.830606] ? kmem_cache_free+0x249/0x2d0 [ 2377.831091] ? p9_client_create+0xbfa/0x1230 [ 2377.831594] p9_client_create+0xc1b/0x1230 [ 2377.832077] ? p9_client_flush+0x430/0x430 [ 2377.832555] ? trace_hardirqs_on+0x5b/0x180 [ 2377.833043] ? lockdep_init_map_type+0x2c7/0x780 [ 2377.833578] ? __raw_spin_lock_init+0x36/0x110 [ 2377.834097] v9fs_session_init+0x1dd/0x1680 [ 2377.834603] ? lock_release+0x680/0x680 [ 2377.835064] ? kmem_cache_alloc_trace+0x151/0x320 [ 2377.835634] ? v9fs_show_options+0x690/0x690 [ 2377.836147] ? trace_hardirqs_on+0x5b/0x180 [ 2377.836639] ? kasan_unpoison_shadow+0x33/0x50 [ 2377.837163] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2377.837734] v9fs_mount+0x79/0x8f0 [ 2377.838136] ? v9fs_write_inode+0x60/0x60 [ 2377.838605] legacy_get_tree+0x105/0x220 [ 2377.839064] vfs_get_tree+0x8e/0x300 [ 2377.839495] path_mount+0x1429/0x2120 [ 2377.839931] ? strncpy_from_user+0x9e/0x470 [ 2377.840421] ? finish_automount+0xa90/0xa90 [ 2377.840908] ? getname_flags.part.0+0x1dd/0x4f0 [ 2377.841432] ? _copy_from_user+0xfb/0x1b0 [ 2377.841903] __x64_sys_mount+0x282/0x300 [ 2377.842359] ? copy_mnt_ns+0xa00/0xa00 [ 2377.842803] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2377.843401] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2377.843986] do_syscall_64+0x33/0x40 [ 2377.844408] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2377.844985] RIP: 0033:0x7f96c0f0ab19 [ 2377.845406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2377.847484] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2377.848341] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2377.849146] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2377.849948] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2377.850755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2377.851566] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2390.719850] udc-core: couldn't find an available UDC or it's busy [ 2390.721883] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:02:54 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 48) 03:02:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff021) 03:02:54 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xf1f3, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:54 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc2, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:54 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19121, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:54 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:02:54 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 49) 03:02:54 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[]}]}) [ 2390.752719] udc-core: couldn't find an available UDC or it's busy [ 2390.754495] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2390.775165] FAULT_INJECTION: forcing a failure. [ 2390.775165] name failslab, interval 1, probability 0, space 0, times 0 [ 2390.777964] CPU: 0 PID: 11089 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2390.779534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2390.781410] Call Trace: [ 2390.781430] FAULT_INJECTION: forcing a failure. [ 2390.781430] name failslab, interval 1, probability 0, space 0, times 0 [ 2390.784486] dump_stack+0x107/0x167 [ 2390.785314] should_fail.cold+0x5/0xa [ 2390.786173] ? create_object.isra.0+0x3a/0xa20 [ 2390.787197] should_failslab+0x5/0x20 [ 2390.788064] kmem_cache_alloc+0x5b/0x310 [ 2390.788988] create_object.isra.0+0x3a/0xa20 [ 2390.789972] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2390.791113] kmem_cache_alloc+0x159/0x310 [ 2390.792059] alloc_buffer_head+0x20/0x110 [ 2390.792983] alloc_page_buffers+0x14d/0x700 [ 2390.793952] create_empty_buffers+0x2c/0x640 [ 2390.794935] ? start_this_handle+0xfdd/0x1390 [ 2390.795944] ? start_this_handle+0xd57/0x1390 [ 2390.796952] create_page_buffers+0x1bb/0x230 [ 2390.797948] __block_write_begin_int+0x1d1/0x19c0 [ 2390.799048] ? ext4_da_release_space+0x480/0x480 [ 2390.800120] ? kmem_cache_alloc+0x2a6/0x310 [ 2390.801094] ? remove_inode_buffers+0x300/0x300 [ 2390.802141] ? jbd2__journal_start+0xf3/0x7e0 [ 2390.803165] ext4_da_write_begin+0x37d/0xd40 [ 2390.804177] ? ext4_write_begin+0x10f0/0x10f0 [ 2390.805180] ? copyout_mc+0x140/0x140 [ 2390.806047] generic_perform_write+0x20a/0x4f0 [ 2390.807082] ? page_cache_prev_miss+0x310/0x310 [ 2390.808133] ? down_write_killable+0x180/0x180 [ 2390.809170] ext4_buffered_write_iter+0x232/0x4a0 [ 2390.810266] ext4_file_write_iter+0x3ab/0x1530 [ 2390.811290] ? stack_trace_save+0x8c/0xc0 [ 2390.812224] ? stack_trace_consume_entry+0x160/0x160 [ 2390.813366] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2390.814384] ? kasan_save_stack+0x32/0x40 [ 2390.815306] ? kasan_save_stack+0x1b/0x40 [ 2390.816240] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2390.817374] ? iter_file_splice_write+0x165/0xc90 [ 2390.818457] ? direct_splice_actor+0x10f/0x170 [ 2390.819476] ? splice_direct_to_actor+0x387/0x980 [ 2390.820562] ? do_splice_direct+0x1c4/0x290 [ 2390.821529] ? do_sendfile+0x553/0x11e0 [ 2390.822415] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2390.823452] ? do_syscall_64+0x33/0x40 [ 2390.824336] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2390.825539] do_iter_readv_writev+0x476/0x750 [ 2390.826547] ? new_sync_write+0x660/0x660 [ 2390.827475] ? avc_policy_seqno+0x9/0x70 [ 2390.828388] ? selinux_file_permission+0x92/0x520 [ 2390.829469] ? security_file_permission+0xb1/0xe0 [ 2390.830570] do_iter_write+0x191/0x700 [ 2390.831446] ? trace_hardirqs_on+0x5b/0x180 [ 2390.832433] vfs_iter_write+0x70/0xa0 [ 2390.833289] iter_file_splice_write+0x726/0xc90 [ 2390.834350] ? generic_splice_sendpage+0x140/0x140 [ 2390.835469] ? security_file_permission+0xb1/0xe0 [ 2390.836566] ? generic_splice_sendpage+0x140/0x140 [ 2390.837674] direct_splice_actor+0x10f/0x170 [ 2390.838660] splice_direct_to_actor+0x387/0x980 [ 2390.839716] ? pipe_to_sendpage+0x380/0x380 [ 2390.840690] ? do_splice_to+0x160/0x160 [ 2390.841581] ? security_file_permission+0xb1/0xe0 [ 2390.842674] do_splice_direct+0x1c4/0x290 [ 2390.843611] ? splice_direct_to_actor+0x980/0x980 [ 2390.844687] ? avc_policy_seqno+0x9/0x70 [ 2390.845602] ? security_file_permission+0xb1/0xe0 [ 2390.846698] do_sendfile+0x553/0x11e0 [ 2390.847576] ? do_pwritev+0x270/0x270 [ 2390.848440] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2390.849610] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2390.850817] ? trace_hardirqs_on+0x5b/0x180 [ 2390.851795] __x64_sys_sendfile64+0x1d1/0x210 [ 2390.852800] ? __ia32_sys_sendfile+0x220/0x220 [ 2390.853829] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2390.854996] do_syscall_64+0x33/0x40 [ 2390.855839] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2390.856983] RIP: 0033:0x7f32880cdb19 [ 2390.857823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2390.861960] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2390.863675] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2390.865272] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2390.866873] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2390.868490] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2390.870084] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2390.871733] CPU: 1 PID: 11086 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2390.873332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2390.875209] Call Trace: [ 2390.875814] dump_stack+0x107/0x167 [ 2390.876633] should_fail.cold+0x5/0xa [ 2390.877494] ? create_object.isra.0+0x3a/0xa20 [ 2390.878522] should_failslab+0x5/0x20 [ 2390.879373] kmem_cache_alloc+0x5b/0x310 [ 2390.880305] create_object.isra.0+0x3a/0xa20 [ 2390.881286] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2390.882429] __kmalloc_track_caller+0x177/0x370 [ 2390.883465] ? kasprintf+0xbb/0xf0 [ 2390.884283] kvasprintf+0xb5/0x150 [ 2390.885085] ? bust_spinlocks+0xe0/0xe0 [ 2390.885986] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2390.887184] kasprintf+0xbb/0xf0 [ 2390.887957] ? kvasprintf_const+0x1a0/0x1a0 [ 2390.888935] ? kmem_cache_free+0x249/0x2d0 [ 2390.889893] ? p9_client_create+0xbfa/0x1230 [ 2390.890885] p9_client_create+0xc1b/0x1230 [ 2390.891862] ? p9_client_flush+0x430/0x430 [ 2390.892814] ? trace_hardirqs_on+0x5b/0x180 [ 2390.893787] ? lockdep_init_map_type+0x2c7/0x780 [ 2390.894848] ? __raw_spin_lock_init+0x36/0x110 [ 2390.895888] v9fs_session_init+0x1dd/0x1680 [ 2390.896853] ? lock_release+0x680/0x680 [ 2390.897759] ? kmem_cache_alloc_trace+0x151/0x320 [ 2390.898835] ? v9fs_show_options+0x690/0x690 [ 2390.899837] ? trace_hardirqs_on+0x5b/0x180 [ 2390.900800] ? kasan_unpoison_shadow+0x33/0x50 [ 2390.901825] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2390.902962] v9fs_mount+0x79/0x8f0 [ 2390.903770] ? v9fs_write_inode+0x60/0x60 [ 2390.904697] legacy_get_tree+0x105/0x220 [ 2390.905607] vfs_get_tree+0x8e/0x300 [ 2390.906444] path_mount+0x1429/0x2120 [ 2390.907302] ? strncpy_from_user+0x9e/0x470 [ 2390.908277] ? finish_automount+0xa90/0xa90 [ 2390.909248] ? getname_flags.part.0+0x1dd/0x4f0 [ 2390.910287] ? _copy_from_user+0xfb/0x1b0 [ 2390.911228] __x64_sys_mount+0x282/0x300 [ 2390.912158] ? copy_mnt_ns+0xa00/0xa00 [ 2390.913036] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2390.914208] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2390.915373] do_syscall_64+0x33/0x40 [ 2390.916218] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2390.917374] RIP: 0033:0x7f96c0f0ab19 [ 2390.918210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2390.922337] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2390.924062] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2390.925658] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2390.927251] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2390.928866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2390.930467] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:02:54 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19122, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:54 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc3, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:54 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xf3f1, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xfd03, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:02:55 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc4, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:55 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 50) 03:02:55 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19123, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:55 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:02:55 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 49) 03:02:55 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff022) [ 2391.221513] udc-core: couldn't find an available UDC or it's busy [ 2391.223687] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2391.264599] FAULT_INJECTION: forcing a failure. [ 2391.264599] name failslab, interval 1, probability 0, space 0, times 0 [ 2391.267447] CPU: 0 PID: 11112 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2391.268909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2391.270646] Call Trace: [ 2391.271201] dump_stack+0x107/0x167 [ 2391.271983] should_fail.cold+0x5/0xa [ 2391.272780] ? create_object.isra.0+0x3a/0xa20 [ 2391.273744] should_failslab+0x5/0x20 [ 2391.274539] kmem_cache_alloc+0x5b/0x310 [ 2391.275386] ? vsnprintf+0x4ba/0x1600 [ 2391.276195] create_object.isra.0+0x3a/0xa20 [ 2391.277110] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2391.278175] __kmalloc_track_caller+0x177/0x370 [ 2391.279143] ? kasprintf+0xbb/0xf0 [ 2391.279903] kvasprintf+0xb5/0x150 [ 2391.280648] ? bust_spinlocks+0xe0/0xe0 [ 2391.281476] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2391.282577] kasprintf+0xbb/0xf0 [ 2391.283286] ? kvasprintf_const+0x1a0/0x1a0 [ 2391.284208] ? kmem_cache_free+0x249/0x2d0 [ 2391.285100] ? p9_client_create+0xbfa/0x1230 [ 2391.286016] p9_client_create+0xc1b/0x1230 [ 2391.286904] ? p9_client_flush+0x430/0x430 [ 2391.287798] ? trace_hardirqs_on+0x5b/0x180 [ 2391.288698] ? lockdep_init_map_type+0x2c7/0x780 [ 2391.289687] ? __raw_spin_lock_init+0x36/0x110 [ 2391.290647] v9fs_session_init+0x1dd/0x1680 [ 2391.291555] ? lock_release+0x680/0x680 [ 2391.292397] ? kmem_cache_alloc_trace+0x151/0x320 [ 2391.293404] ? v9fs_show_options+0x690/0x690 [ 2391.294326] ? trace_hardirqs_on+0x5b/0x180 [ 2391.295224] ? kasan_unpoison_shadow+0x33/0x50 [ 2391.296183] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2391.297245] v9fs_mount+0x79/0x8f0 [ 2391.297985] ? v9fs_write_inode+0x60/0x60 [ 2391.298854] legacy_get_tree+0x105/0x220 [ 2391.299707] vfs_get_tree+0x8e/0x300 [ 2391.300481] path_mount+0x1429/0x2120 [ 2391.301278] ? strncpy_from_user+0x9e/0x470 [ 2391.302182] ? finish_automount+0xa90/0xa90 [ 2391.303084] ? getname_flags.part.0+0x1dd/0x4f0 [ 2391.303490] FAULT_INJECTION: forcing a failure. [ 2391.303490] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2391.304055] ? _copy_from_user+0xfb/0x1b0 [ 2391.304082] __x64_sys_mount+0x282/0x300 [ 2391.304104] ? copy_mnt_ns+0xa00/0xa00 [ 2391.308993] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2391.310088] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2391.311163] do_syscall_64+0x33/0x40 [ 2391.311944] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2391.313007] RIP: 0033:0x7f96c0f0ab19 [ 2391.313797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2391.317647] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2391.319242] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2391.320741] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2391.322243] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2391.323736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2391.325228] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2391.326761] CPU: 1 PID: 11124 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2391.328520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2391.330594] Call Trace: [ 2391.331253] dump_stack+0x107/0x167 [ 2391.332170] should_fail.cold+0x5/0xa [ 2391.333127] __alloc_pages_nodemask+0x182/0x600 [ 2391.334291] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2391.335809] ? find_get_entry+0x2c8/0x740 [ 2391.336836] ? slab_free_freelist_hook+0xa9/0x180 [ 2391.338042] alloc_pages_current+0x187/0x280 [ 2391.339143] __page_cache_alloc+0x2d2/0x360 [ 2391.340231] ? jbd2_journal_stop+0x188/0xdc0 [ 2391.341339] pagecache_get_page+0x2c7/0xc80 [ 2391.342415] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2391.343646] grab_cache_page_write_begin+0x64/0xa0 [ 2391.344876] ext4_da_write_begin+0x2f3/0xd40 [ 2391.345980] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2391.347417] ? ext4_write_begin+0x10f0/0x10f0 [ 2391.348533] ? copyout_mc+0x140/0x140 [ 2391.349490] generic_perform_write+0x20a/0x4f0 [ 2391.350644] ? page_cache_prev_miss+0x310/0x310 [ 2391.351803] ? down_write_killable+0x180/0x180 [ 2391.352944] ext4_buffered_write_iter+0x232/0x4a0 [ 2391.354145] ext4_file_write_iter+0x3ab/0x1530 [ 2391.355281] ? stack_trace_save+0x8c/0xc0 [ 2391.356319] ? stack_trace_consume_entry+0x160/0x160 [ 2391.357596] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2391.358736] ? kasan_save_stack+0x32/0x40 [ 2391.359773] ? kasan_save_stack+0x1b/0x40 [ 2391.360801] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2391.362059] ? iter_file_splice_write+0x165/0xc90 [ 2391.363254] ? direct_splice_actor+0x10f/0x170 [ 2391.364401] ? splice_direct_to_actor+0x387/0x980 [ 2391.365598] ? do_splice_direct+0x1c4/0x290 [ 2391.366668] ? do_sendfile+0x553/0x11e0 [ 2391.367660] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2391.368808] ? do_syscall_64+0x33/0x40 [ 2391.369773] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2391.371107] do_iter_readv_writev+0x476/0x750 [ 2391.372245] ? new_sync_write+0x660/0x660 [ 2391.373263] ? avc_policy_seqno+0x9/0x70 [ 2391.374260] ? selinux_file_permission+0x92/0x520 [ 2391.375447] ? security_file_permission+0xb1/0xe0 [ 2391.376650] do_iter_write+0x191/0x700 [ 2391.377608] ? trace_hardirqs_on+0x5b/0x180 [ 2391.378677] vfs_iter_write+0x70/0xa0 [ 2391.379623] iter_file_splice_write+0x726/0xc90 [ 2391.380784] ? generic_splice_sendpage+0x140/0x140 [ 2391.382008] ? security_file_permission+0xb1/0xe0 [ 2391.383195] ? generic_splice_sendpage+0x140/0x140 [ 2391.384410] direct_splice_actor+0x10f/0x170 [ 2391.385495] splice_direct_to_actor+0x387/0x980 [ 2391.386644] ? pipe_to_sendpage+0x380/0x380 [ 2391.387717] ? do_splice_to+0x160/0x160 [ 2391.388691] ? security_file_permission+0xb1/0xe0 [ 2391.389883] do_splice_direct+0x1c4/0x290 [ 2391.390902] ? splice_direct_to_actor+0x980/0x980 [ 2391.392093] ? avc_policy_seqno+0x9/0x70 [ 2391.393096] ? security_file_permission+0xb1/0xe0 [ 2391.394294] do_sendfile+0x553/0x11e0 [ 2391.395243] ? do_pwritev+0x270/0x270 [ 2391.396186] ? wait_for_completion_io+0x270/0x270 [ 2391.397372] ? rcu_read_lock_any_held+0x75/0xa0 [ 2391.398511] ? vfs_write+0x354/0xb10 [ 2391.399430] __x64_sys_sendfile64+0x1d1/0x210 [ 2391.400538] ? __ia32_sys_sendfile+0x220/0x220 [ 2391.401666] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2391.402958] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2391.404233] do_syscall_64+0x33/0x40 [ 2391.405149] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2391.406409] RIP: 0033:0x7f32880cdb19 [ 2391.407319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2391.411802] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2391.413651] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2391.415381] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2391.417122] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2391.418857] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2391.420596] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:02:55 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc5, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:55 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19124, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:02:55 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xfeff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:08 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 51) 03:03:08 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[]}]}) 03:03:08 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xff03, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:08 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff023) 03:03:08 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2404.536638] udc-core: couldn't find an available UDC or it's busy [ 2404.539064] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:03:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 50) 03:03:08 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc6, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:08 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19125, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2404.566467] udc-core: couldn't find an available UDC or it's busy [ 2404.567889] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2404.579025] FAULT_INJECTION: forcing a failure. [ 2404.579025] name failslab, interval 1, probability 0, space 0, times 0 [ 2404.580916] FAULT_INJECTION: forcing a failure. [ 2404.580916] name failslab, interval 1, probability 0, space 0, times 0 [ 2404.581949] CPU: 1 PID: 11147 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2404.585497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2404.587225] Call Trace: [ 2404.587789] dump_stack+0x107/0x167 [ 2404.588553] should_fail.cold+0x5/0xa [ 2404.589347] ? create_object.isra.0+0x3a/0xa20 [ 2404.590309] should_failslab+0x5/0x20 [ 2404.591111] kmem_cache_alloc+0x5b/0x310 [ 2404.591968] ? lock_acquire+0x197/0x470 [ 2404.592810] create_object.isra.0+0x3a/0xa20 [ 2404.593726] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2404.594795] __kmalloc_track_caller+0x177/0x370 [ 2404.595773] ? kstrdup_const+0x53/0x80 [ 2404.596581] ? kasprintf+0xbb/0xf0 [ 2404.597319] kstrdup+0x36/0x70 [ 2404.597989] kstrdup_const+0x53/0x80 [ 2404.598777] kmem_cache_create_usercopy+0x12f/0x2f0 [ 2404.599836] p9_client_create+0xc6a/0x1230 [ 2404.600731] ? p9_client_flush+0x430/0x430 [ 2404.601617] ? trace_hardirqs_on+0x5b/0x180 [ 2404.602525] ? lockdep_init_map_type+0x2c7/0x780 [ 2404.603525] ? __raw_spin_lock_init+0x36/0x110 [ 2404.604489] v9fs_session_init+0x1dd/0x1680 [ 2404.605391] ? lock_release+0x680/0x680 [ 2404.606225] ? kmem_cache_alloc_trace+0x151/0x320 [ 2404.607232] ? v9fs_show_options+0x690/0x690 [ 2404.608163] ? trace_hardirqs_on+0x5b/0x180 [ 2404.609073] ? kasan_unpoison_shadow+0x33/0x50 [ 2404.610028] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2404.611090] v9fs_mount+0x79/0x8f0 [ 2404.611846] ? v9fs_write_inode+0x60/0x60 [ 2404.612714] legacy_get_tree+0x105/0x220 [ 2404.613561] vfs_get_tree+0x8e/0x300 [ 2404.614337] path_mount+0x1429/0x2120 [ 2404.615136] ? strncpy_from_user+0x9e/0x470 [ 2404.616044] ? finish_automount+0xa90/0xa90 [ 2404.616949] ? getname_flags.part.0+0x1dd/0x4f0 [ 2404.617914] ? _copy_from_user+0xfb/0x1b0 [ 2404.618782] __x64_sys_mount+0x282/0x300 [ 2404.619624] ? copy_mnt_ns+0xa00/0xa00 [ 2404.620444] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2404.621542] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2404.622616] do_syscall_64+0x33/0x40 [ 2404.623391] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2404.624475] RIP: 0033:0x7f96c0f0ab19 [ 2404.625243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2404.629084] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2404.630664] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2404.632172] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2404.633653] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2404.635136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2404.636623] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2404.638135] CPU: 0 PID: 11152 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2404.639607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2404.641348] Call Trace: [ 2404.641899] dump_stack+0x107/0x167 [ 2404.642662] should_fail.cold+0x5/0xa [ 2404.643463] ? jbd2__journal_start+0x190/0x7e0 [ 2404.644427] should_failslab+0x5/0x20 [ 2404.645230] kmem_cache_alloc+0x5b/0x310 [ 2404.646089] jbd2__journal_start+0x190/0x7e0 [ 2404.647016] __ext4_journal_start_sb+0x214/0x390 [ 2404.648022] ext4_da_write_begin+0x51f/0xd40 [ 2404.648947] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2404.650153] ? ext4_write_begin+0x10f0/0x10f0 [ 2404.651093] ? copyout_mc+0x140/0x140 [ 2404.651906] generic_perform_write+0x20a/0x4f0 [ 2404.652873] ? page_cache_prev_miss+0x310/0x310 [ 2404.653848] ? down_write_killable+0x180/0x180 [ 2404.654812] ext4_buffered_write_iter+0x232/0x4a0 [ 2404.655834] ext4_file_write_iter+0x3ab/0x1530 [ 2404.656793] ? stack_trace_save+0x8c/0xc0 [ 2404.657669] ? stack_trace_consume_entry+0x160/0x160 [ 2404.658740] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2404.659701] ? kasan_save_stack+0x32/0x40 [ 2404.660565] ? kasan_save_stack+0x1b/0x40 [ 2404.661426] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2404.662477] ? iter_file_splice_write+0x165/0xc90 [ 2404.663476] ? direct_splice_actor+0x10f/0x170 [ 2404.664440] ? splice_direct_to_actor+0x387/0x980 [ 2404.665446] ? do_splice_direct+0x1c4/0x290 [ 2404.666356] ? do_sendfile+0x553/0x11e0 [ 2404.667182] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2404.668156] ? do_syscall_64+0x33/0x40 [ 2404.668970] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2404.670084] do_iter_readv_writev+0x476/0x750 [ 2404.671032] ? new_sync_write+0x660/0x660 [ 2404.671906] ? avc_policy_seqno+0x9/0x70 [ 2404.672756] ? selinux_file_permission+0x92/0x520 [ 2404.673770] ? security_file_permission+0xb1/0xe0 [ 2404.674786] do_iter_write+0x191/0x700 [ 2404.675598] ? trace_hardirqs_on+0x5b/0x180 [ 2404.676516] vfs_iter_write+0x70/0xa0 [ 2404.677311] iter_file_splice_write+0x726/0xc90 [ 2404.678306] ? generic_splice_sendpage+0x140/0x140 [ 2404.679347] ? security_file_permission+0xb1/0xe0 [ 2404.680530] ? generic_splice_sendpage+0x140/0x140 [ 2404.681557] direct_splice_actor+0x10f/0x170 [ 2404.682479] splice_direct_to_actor+0x387/0x980 [ 2404.683459] ? pipe_to_sendpage+0x380/0x380 [ 2404.684374] ? do_splice_to+0x160/0x160 [ 2404.685203] ? security_file_permission+0xb1/0xe0 [ 2404.686212] do_splice_direct+0x1c4/0x290 [ 2404.687083] ? splice_direct_to_actor+0x980/0x980 [ 2404.688100] ? avc_policy_seqno+0x9/0x70 [ 2404.688957] ? security_file_permission+0xb1/0xe0 [ 2404.689974] do_sendfile+0x553/0x11e0 [ 2404.690781] ? do_pwritev+0x270/0x270 [ 2404.691577] ? wait_for_completion_io+0x270/0x270 [ 2404.692593] ? rcu_read_lock_any_held+0x75/0xa0 [ 2404.693558] ? vfs_write+0x354/0xb10 [ 2404.694341] __x64_sys_sendfile64+0x1d1/0x210 [ 2404.695281] ? __ia32_sys_sendfile+0x220/0x220 [ 2404.696244] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2404.697330] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2404.698407] do_syscall_64+0x33/0x40 [ 2404.699181] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2404.700252] RIP: 0033:0x7f32880cdb19 [ 2404.701038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2404.704888] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2404.706481] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2404.708003] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2404.709490] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2404.710986] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2404.712487] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:03:08 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc7, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xfffe, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:24 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[]}]}) 03:03:24 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 52) 03:03:24 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1911a, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19126, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:24 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc8, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff024) 03:03:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 51) 03:03:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19127, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2420.077584] FAULT_INJECTION: forcing a failure. [ 2420.077584] name failslab, interval 1, probability 0, space 0, times 0 [ 2420.080588] CPU: 0 PID: 11176 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2420.082136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2420.084003] Call Trace: [ 2420.084594] dump_stack+0x107/0x167 [ 2420.085404] should_fail.cold+0x5/0xa [ 2420.086252] ? create_object.isra.0+0x3a/0xa20 [ 2420.087432] should_failslab+0x5/0x20 [ 2420.088285] kmem_cache_alloc+0x5b/0x310 [ 2420.089189] create_object.isra.0+0x3a/0xa20 [ 2420.090157] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2420.091282] kmem_cache_alloc+0x159/0x310 [ 2420.092214] kmem_cache_create_usercopy+0x190/0x2f0 [ 2420.093324] p9_client_create+0xc6a/0x1230 [ 2420.094272] ? p9_client_flush+0x430/0x430 [ 2420.095209] ? trace_hardirqs_on+0x5b/0x180 [ 2420.096179] ? lockdep_init_map_type+0x2c7/0x780 [ 2420.097233] ? __raw_spin_lock_init+0x36/0x110 [ 2420.098256] v9fs_session_init+0x1dd/0x1680 [ 2420.099213] ? lock_release+0x680/0x680 [ 2420.100119] ? kmem_cache_alloc_trace+0x151/0x320 [ 2420.101187] ? v9fs_show_options+0x690/0x690 [ 2420.102174] ? trace_hardirqs_on+0x5b/0x180 [ 2420.103132] ? kasan_unpoison_shadow+0x33/0x50 [ 2420.104147] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2420.105267] v9fs_mount+0x79/0x8f0 [ 2420.106051] ? v9fs_write_inode+0x60/0x60 [ 2420.106967] legacy_get_tree+0x105/0x220 [ 2420.107871] vfs_get_tree+0x8e/0x300 [ 2420.108693] path_mount+0x1429/0x2120 [ 2420.109540] ? strncpy_from_user+0x9e/0x470 [ 2420.110491] ? finish_automount+0xa90/0xa90 [ 2420.111447] ? getname_flags.part.0+0x1dd/0x4f0 [ 2420.112515] ? _copy_from_user+0xfb/0x1b0 [ 2420.113131] FAULT_INJECTION: forcing a failure. [ 2420.113131] name failslab, interval 1, probability 0, space 0, times 0 [ 2420.113440] __x64_sys_mount+0x282/0x300 [ 2420.113460] ? copy_mnt_ns+0xa00/0xa00 [ 2420.113486] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2420.113508] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2420.113532] do_syscall_64+0x33/0x40 [ 2420.113553] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2420.113567] RIP: 0033:0x7f96c0f0ab19 [ 2420.113593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2420.126372] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2420.128206] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2420.129907] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2420.131610] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2420.133324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2420.135023] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2420.136763] CPU: 1 PID: 11187 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2420.137720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2420.138767] Call Trace: [ 2420.139106] dump_stack+0x107/0x167 [ 2420.139568] should_fail.cold+0x5/0xa [ 2420.140072] ? create_object.isra.0+0x3a/0xa20 [ 2420.140646] should_failslab+0x5/0x20 [ 2420.141130] kmem_cache_alloc+0x5b/0x310 [ 2420.141640] ? lru_cache_add+0x45c/0x800 [ 2420.142160] create_object.isra.0+0x3a/0xa20 [ 2420.142714] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2420.143357] kmem_cache_alloc+0x159/0x310 [ 2420.143900] jbd2__journal_start+0x190/0x7e0 [ 2420.144461] __ext4_journal_start_sb+0x214/0x390 [ 2420.145063] ext4_da_write_begin+0x51f/0xd40 [ 2420.145626] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2420.146351] ? ext4_write_begin+0x10f0/0x10f0 [ 2420.146908] ? copyout_mc+0x140/0x140 [ 2420.147395] generic_perform_write+0x20a/0x4f0 [ 2420.147979] ? page_cache_prev_miss+0x310/0x310 [ 2420.148560] ? down_write_killable+0x180/0x180 [ 2420.149137] ext4_buffered_write_iter+0x232/0x4a0 [ 2420.149741] ext4_file_write_iter+0x3ab/0x1530 [ 2420.150314] ? stack_trace_save+0x8c/0xc0 [ 2420.150831] ? stack_trace_consume_entry+0x160/0x160 [ 2420.151467] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2420.152044] ? kasan_save_stack+0x32/0x40 [ 2420.152563] ? kasan_save_stack+0x1b/0x40 [ 2420.153087] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2420.153730] ? iter_file_splice_write+0x165/0xc90 [ 2420.154332] ? direct_splice_actor+0x10f/0x170 [ 2420.154897] ? splice_direct_to_actor+0x387/0x980 [ 2420.155499] ? do_splice_direct+0x1c4/0x290 [ 2420.156047] ? do_sendfile+0x553/0x11e0 [ 2420.156537] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2420.157117] ? do_syscall_64+0x33/0x40 [ 2420.157606] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2420.158276] do_iter_readv_writev+0x476/0x750 [ 2420.158835] ? new_sync_write+0x660/0x660 [ 2420.159349] ? avc_policy_seqno+0x9/0x70 [ 2420.159858] ? selinux_file_permission+0x92/0x520 [ 2420.160460] ? security_file_permission+0xb1/0xe0 [ 2420.161060] do_iter_write+0x191/0x700 [ 2420.161542] ? trace_hardirqs_on+0x5b/0x180 [ 2420.162078] vfs_iter_write+0x70/0xa0 [ 2420.162555] iter_file_splice_write+0x726/0xc90 [ 2420.163139] ? generic_splice_sendpage+0x140/0x140 [ 2420.163757] ? security_file_permission+0xb1/0xe0 [ 2420.164359] ? generic_splice_sendpage+0x140/0x140 [ 2420.164965] direct_splice_actor+0x10f/0x170 [ 2420.165511] splice_direct_to_actor+0x387/0x980 [ 2420.166086] ? pipe_to_sendpage+0x380/0x380 [ 2420.166621] ? do_splice_to+0x160/0x160 [ 2420.167111] ? security_file_permission+0xb1/0xe0 [ 2420.167716] do_splice_direct+0x1c4/0x290 [ 2420.168240] ? splice_direct_to_actor+0x980/0x980 [ 2420.168831] ? avc_policy_seqno+0x9/0x70 [ 2420.169337] ? security_file_permission+0xb1/0xe0 [ 2420.169934] do_sendfile+0x553/0x11e0 [ 2420.170420] ? do_pwritev+0x270/0x270 [ 2420.170895] ? wait_for_completion_io+0x270/0x270 [ 2420.171491] ? rcu_read_lock_any_held+0x75/0xa0 [ 2420.172069] ? vfs_write+0x354/0xb10 [ 2420.172529] __x64_sys_sendfile64+0x1d1/0x210 [ 2420.173082] ? __ia32_sys_sendfile+0x220/0x220 [ 2420.173650] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2420.174302] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2420.174939] do_syscall_64+0x33/0x40 [ 2420.175400] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2420.176040] RIP: 0033:0x7f32880cdb19 [ 2420.176501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2420.178785] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2420.179723] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2420.180603] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2420.181476] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2420.182354] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2420.183232] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2420.195495] udc-core: couldn't find an available UDC or it's busy [ 2420.196385] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:03:24 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f32, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:24 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0xfeff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:24 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19128, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:24 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc9, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2432.659533] udc-core: couldn't find an available UDC or it's busy [ 2432.661213] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2432.664765] FAULT_INJECTION: forcing a failure. [ 2432.664765] name failslab, interval 1, probability 0, space 0, times 0 [ 2432.666493] CPU: 0 PID: 11224 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2432.667474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2432.668920] Call Trace: [ 2432.669297] dump_stack+0x107/0x167 [ 2432.669819] should_fail.cold+0x5/0xa [ 2432.670366] ? create_object.isra.0+0x3a/0xa20 [ 2432.671020] should_failslab+0x5/0x20 [ 2432.671558] kmem_cache_alloc+0x5b/0x310 [ 2432.672156] create_object.isra.0+0x3a/0xa20 [ 2432.672789] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2432.673508] kmem_cache_alloc+0x159/0x310 [ 2432.674106] alloc_buffer_head+0x20/0x110 [ 2432.674697] alloc_page_buffers+0x14d/0x700 [ 2432.675314] create_empty_buffers+0x2c/0x640 [ 2432.675945] ? start_this_handle+0xfdd/0x1390 [ 2432.676585] ? start_this_handle+0xd57/0x1390 [ 2432.677227] create_page_buffers+0x1bb/0x230 [ 2432.677850] __block_write_begin_int+0x1d1/0x19c0 [ 2432.678533] ? ext4_da_release_space+0x480/0x480 [ 2432.679203] ? kmem_cache_alloc+0x2a6/0x310 [ 2432.679819] ? remove_inode_buffers+0x300/0x300 [ 2432.680489] ? jbd2__journal_start+0xf3/0x7e0 [ 2432.681138] ext4_da_write_begin+0x37d/0xd40 [ 2432.681772] ? ext4_write_begin+0x10f0/0x10f0 [ 2432.682408] ? copyout_mc+0x140/0x140 [ 2432.682968] generic_perform_write+0x20a/0x4f0 [ 2432.683627] ? page_cache_prev_miss+0x310/0x310 [ 2432.684293] ? down_write_killable+0x180/0x180 [ 2432.684954] ext4_buffered_write_iter+0x232/0x4a0 [ 2432.685649] ext4_file_write_iter+0x3ab/0x1530 [ 2432.686302] ? stack_trace_save+0x8c/0xc0 [ 2432.686897] ? stack_trace_consume_entry+0x160/0x160 [ 2432.687625] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2432.688289] ? kasan_save_stack+0x32/0x40 [ 2432.688880] ? kasan_save_stack+0x1b/0x40 [ 2432.689466] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2432.690183] ? iter_file_splice_write+0x165/0xc90 [ 2432.690881] ? direct_splice_actor+0x10f/0x170 [ 2432.691529] ? splice_direct_to_actor+0x387/0x980 [ 2432.692218] ? do_splice_direct+0x1c4/0x290 [ 2432.692839] ? do_sendfile+0x553/0x11e0 [ 2432.693397] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2432.694065] ? do_syscall_64+0x33/0x40 [ 2432.694624] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2432.695384] do_iter_readv_writev+0x476/0x750 [ 2432.696038] ? new_sync_write+0x660/0x660 [ 2432.696627] ? avc_policy_seqno+0x9/0x70 [ 2432.697204] ? selinux_file_permission+0x92/0x520 [ 2432.697898] ? security_file_permission+0xb1/0xe0 [ 2432.698592] do_iter_write+0x191/0x700 [ 2432.699148] ? trace_hardirqs_on+0x5b/0x180 [ 2432.699768] vfs_iter_write+0x70/0xa0 [ 2432.700320] iter_file_splice_write+0x726/0xc90 [ 2432.700997] ? generic_splice_sendpage+0x140/0x140 [ 2432.701697] ? security_file_permission+0xb1/0xe0 [ 2432.702388] ? generic_splice_sendpage+0x140/0x140 [ 2432.703094] direct_splice_actor+0x10f/0x170 [ 2432.703726] splice_direct_to_actor+0x387/0x980 [ 2432.704393] ? pipe_to_sendpage+0x380/0x380 [ 2432.705010] ? do_splice_to+0x160/0x160 [ 2432.705578] ? security_file_permission+0xb1/0xe0 [ 2432.706271] do_splice_direct+0x1c4/0x290 [ 2432.706866] ? splice_direct_to_actor+0x980/0x980 [ 2432.707554] ? avc_policy_seqno+0x9/0x70 [ 2432.708141] ? security_file_permission+0xb1/0xe0 [ 2432.708837] do_sendfile+0x553/0x11e0 [ 2432.709384] ? do_pwritev+0x270/0x270 [ 2432.709928] ? wait_for_completion_io+0x270/0x270 [ 2432.710618] ? rcu_read_lock_any_held+0x75/0xa0 [ 2432.711274] ? vfs_write+0x354/0xb10 [ 2432.711699] FAULT_INJECTION: forcing a failure. [ 2432.711699] name failslab, interval 1, probability 0, space 0, times 0 [ 2432.711811] __x64_sys_sendfile64+0x1d1/0x210 [ 2432.715000] ? __ia32_sys_sendfile+0x220/0x220 [ 2432.715649] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2432.716392] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2432.717132] do_syscall_64+0x33/0x40 [ 2432.717657] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2432.718381] RIP: 0033:0x7f32880cdb19 [ 2432.718915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2432.721549] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2432.722635] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2432.723654] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2432.724669] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2432.725685] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2432.726696] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2432.727737] CPU: 1 PID: 11220 Comm: syz-executor.1 Not tainted 5.10.238 #1 03:03:36 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB]}]}) 03:03:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f33, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:36 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) [ 2432.729381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 53) 03:03:36 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 52) 03:03:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19129, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:36 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff025) 03:03:36 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fca, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:36 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fc8, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2432.731607] Call Trace: [ 2432.732274] dump_stack+0x107/0x167 [ 2432.733118] should_fail.cold+0x5/0xa [ 2432.733996] ? __kmem_cache_create+0x10e/0x520 [ 2432.735038] should_failslab+0x5/0x20 [ 2432.735905] kmem_cache_alloc_node+0x55/0x330 [ 2432.736951] __kmem_cache_create+0x10e/0x520 [ 2432.737962] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2432.739107] p9_client_create+0xc6a/0x1230 [ 2432.740090] ? p9_client_flush+0x430/0x430 [ 2432.741053] ? trace_hardirqs_on+0x5b/0x180 [ 2432.742038] ? lockdep_init_map_type+0x2c7/0x780 [ 2432.743116] ? __raw_spin_lock_init+0x36/0x110 [ 2432.744170] v9fs_session_init+0x1dd/0x1680 [ 2432.745152] ? lock_release+0x680/0x680 [ 2432.746068] ? kmem_cache_alloc_trace+0x151/0x320 [ 2432.747164] ? v9fs_show_options+0x690/0x690 [ 2432.748183] ? trace_hardirqs_on+0x5b/0x180 [ 2432.749166] ? kasan_unpoison_shadow+0x33/0x50 [ 2432.750203] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2432.751358] v9fs_mount+0x79/0x8f0 [ 2432.752176] ? v9fs_write_inode+0x60/0x60 [ 2432.753121] legacy_get_tree+0x105/0x220 [ 2432.754045] vfs_get_tree+0x8e/0x300 [ 2432.754893] path_mount+0x1429/0x2120 [ 2432.755767] ? strncpy_from_user+0x9e/0x470 [ 2432.756757] ? finish_automount+0xa90/0xa90 [ 2432.757738] ? getname_flags.part.0+0x1dd/0x4f0 [ 2432.758797] ? _copy_from_user+0xfb/0x1b0 [ 2432.759748] __x64_sys_mount+0x282/0x300 [ 2432.760679] ? copy_mnt_ns+0xa00/0xa00 [ 2432.761572] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2432.762765] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2432.763942] do_syscall_64+0x33/0x40 [ 2432.764798] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2432.765962] RIP: 0033:0x7f96c0f0ab19 [ 2432.766808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2432.771016] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2432.772763] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2432.774384] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2432.776012] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2432.777635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2432.779257] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2432.781470] kmem_cache_create(9p-fcall-cache-745) failed with error -22 [ 2432.783144] CPU: 1 PID: 11220 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2432.784733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2432.786627] Call Trace: [ 2432.787224] dump_stack+0x107/0x167 [ 2432.788069] kmem_cache_create_usercopy.cold+0x17/0x65 [ 2432.789272] p9_client_create+0xc6a/0x1230 [ 2432.790247] ? p9_client_flush+0x430/0x430 [ 2432.791213] ? trace_hardirqs_on+0x5b/0x180 [ 2432.792366] ? lockdep_init_map_type+0x2c7/0x780 [ 2432.793526] ? __raw_spin_lock_init+0x36/0x110 [ 2432.794567] v9fs_session_init+0x1dd/0x1680 [ 2432.795550] ? lock_release+0x680/0x680 [ 2432.796475] ? kmem_cache_alloc_trace+0x151/0x320 [ 2432.797569] ? v9fs_show_options+0x690/0x690 [ 2432.798575] ? trace_hardirqs_on+0x5b/0x180 [ 2432.799556] ? kasan_unpoison_shadow+0x33/0x50 [ 2432.800600] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2432.801752] v9fs_mount+0x79/0x8f0 [ 2432.802562] ? v9fs_write_inode+0x60/0x60 [ 2432.803503] legacy_get_tree+0x105/0x220 [ 2432.804437] vfs_get_tree+0x8e/0x300 [ 2432.805409] path_mount+0x1429/0x2120 [ 2432.806283] ? strncpy_from_user+0x9e/0x470 [ 2432.807265] ? finish_automount+0xa90/0xa90 [ 2432.808262] ? getname_flags.part.0+0x1dd/0x4f0 [ 2432.809323] ? _copy_from_user+0xfb/0x1b0 [ 2432.810278] __x64_sys_mount+0x282/0x300 [ 2432.811203] ? copy_mnt_ns+0xa00/0xa00 [ 2432.812105] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2432.813300] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2432.814477] do_syscall_64+0x33/0x40 [ 2432.815332] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2432.816507] RIP: 0033:0x7f96c0f0ab19 [ 2432.817351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2432.821556] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2432.823296] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2432.824937] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2432.826563] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2432.828195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2432.829826] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:03:36 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fcb, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:36 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x300, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:36 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f34, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:36 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18ffb, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:36 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x4c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:36 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff026) 03:03:36 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 53) 03:03:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1912a, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2433.048756] FAULT_INJECTION: forcing a failure. [ 2433.048756] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2433.051762] CPU: 1 PID: 11249 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2433.053363] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2433.055258] Call Trace: [ 2433.055864] dump_stack+0x107/0x167 [ 2433.056715] should_fail.cold+0x5/0xa [ 2433.057602] __alloc_pages_nodemask+0x182/0x600 [ 2433.058668] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2433.060053] ? find_get_entry+0x2c8/0x740 [ 2433.061008] ? slab_free_freelist_hook+0xa9/0x180 [ 2433.062115] alloc_pages_current+0x187/0x280 [ 2433.063123] __page_cache_alloc+0x2d2/0x360 [ 2433.064117] ? jbd2_journal_stop+0x188/0xdc0 [ 2433.065128] pagecache_get_page+0x2c7/0xc80 [ 2433.066114] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2433.067243] grab_cache_page_write_begin+0x64/0xa0 [ 2433.068373] ext4_da_write_begin+0x2f3/0xd40 [ 2433.069386] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2433.070704] ? ext4_write_begin+0x10f0/0x10f0 [ 2433.071726] ? copyout_mc+0x140/0x140 [ 2433.072617] generic_perform_write+0x20a/0x4f0 [ 2433.073670] ? page_cache_prev_miss+0x310/0x310 [ 2433.074732] ? down_write_killable+0x180/0x180 [ 2433.076013] ext4_buffered_write_iter+0x232/0x4a0 [ 2433.077227] ext4_file_write_iter+0x3ab/0x1530 [ 2433.078274] ? stack_trace_save+0x8c/0xc0 [ 2433.079228] ? stack_trace_consume_entry+0x160/0x160 [ 2433.080412] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2433.081454] ? kasan_save_stack+0x32/0x40 [ 2433.082399] ? kasan_save_stack+0x1b/0x40 [ 2433.083346] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2433.084508] ? iter_file_splice_write+0x165/0xc90 [ 2433.085603] ? direct_splice_actor+0x10f/0x170 [ 2433.086643] ? splice_direct_to_actor+0x387/0x980 [ 2433.087741] ? do_splice_direct+0x1c4/0x290 [ 2433.088736] ? do_sendfile+0x553/0x11e0 [ 2433.089648] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2433.090708] ? do_syscall_64+0x33/0x40 [ 2433.091597] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2433.092828] do_iter_readv_writev+0x476/0x750 [ 2433.093857] ? new_sync_write+0x660/0x660 [ 2433.094800] ? avc_policy_seqno+0x9/0x70 [ 2433.095723] ? selinux_file_permission+0x92/0x520 [ 2433.096836] ? security_file_permission+0xb1/0xe0 [ 2433.097947] do_iter_write+0x191/0x700 [ 2433.098837] ? trace_hardirqs_on+0x5b/0x180 [ 2433.099826] vfs_iter_write+0x70/0xa0 [ 2433.100705] iter_file_splice_write+0x726/0xc90 [ 2433.101782] ? generic_splice_sendpage+0x140/0x140 [ 2433.102920] ? security_file_permission+0xb1/0xe0 [ 2433.104027] ? generic_splice_sendpage+0x140/0x140 [ 2433.105145] direct_splice_actor+0x10f/0x170 [ 2433.106150] splice_direct_to_actor+0x387/0x980 [ 2433.107214] ? pipe_to_sendpage+0x380/0x380 [ 2433.108207] ? do_splice_to+0x160/0x160 [ 2433.109112] ? security_file_permission+0xb1/0xe0 [ 2433.110216] do_splice_direct+0x1c4/0x290 [ 2433.111161] ? splice_direct_to_actor+0x980/0x980 [ 2433.112263] ? avc_policy_seqno+0x9/0x70 [ 2433.113194] ? security_file_permission+0xb1/0xe0 [ 2433.114304] do_sendfile+0x553/0x11e0 [ 2433.115408] ? do_pwritev+0x270/0x270 [ 2433.116326] ? wait_for_completion_io+0x270/0x270 [ 2433.117433] ? rcu_read_lock_any_held+0x75/0xa0 [ 2433.118492] ? vfs_write+0x354/0xb10 [ 2433.119349] __x64_sys_sendfile64+0x1d1/0x210 [ 2433.120384] ? __ia32_sys_sendfile+0x220/0x220 [ 2433.121437] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2433.122635] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2433.123820] do_syscall_64+0x33/0x40 [ 2433.124685] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2433.125857] RIP: 0033:0x7f32880cdb19 [ 2433.126714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2433.130932] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2433.132677] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2433.134302] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2433.135929] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2433.137561] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2433.139188] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 03:03:51 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0xb, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 54) 03:03:51 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB]}]}) 03:03:51 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f35, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:03:51 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1912b, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:51 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 54) 03:03:51 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18ffc, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:51 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff027) [ 2447.829165] FAULT_INJECTION: forcing a failure. [ 2447.829165] name failslab, interval 1, probability 0, space 0, times 0 [ 2447.831987] CPU: 1 PID: 11264 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2447.833552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2447.835436] Call Trace: [ 2447.836039] dump_stack+0x107/0x167 [ 2447.836876] should_fail.cold+0x5/0xa [ 2447.837740] ? create_object.isra.0+0x3a/0xa20 [ 2447.838779] should_failslab+0x5/0x20 [ 2447.839638] kmem_cache_alloc+0x5b/0x310 [ 2447.840567] create_object.isra.0+0x3a/0xa20 [ 2447.841562] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2447.842709] kmem_cache_alloc+0x159/0x310 [ 2447.843662] alloc_buffer_head+0x20/0x110 [ 2447.844601] alloc_page_buffers+0x14d/0x700 [ 2447.845577] create_empty_buffers+0x2c/0x640 [ 2447.846560] ? start_this_handle+0xfdd/0x1390 [ 2447.847561] ? start_this_handle+0xd57/0x1390 [ 2447.848571] create_page_buffers+0x1bb/0x230 [ 2447.849567] __block_write_begin_int+0x1d1/0x19c0 [ 2447.850660] ? ext4_da_release_space+0x480/0x480 [ 2447.851726] ? kmem_cache_alloc+0x2a6/0x310 [ 2447.852707] ? remove_inode_buffers+0x300/0x300 [ 2447.853745] ? jbd2__journal_start+0xf3/0x7e0 [ 2447.854765] ext4_da_write_begin+0x37d/0xd40 [ 2447.855761] ? ext4_write_begin+0x10f0/0x10f0 [ 2447.856765] ? copyout_mc+0x140/0x140 [ 2447.857632] generic_perform_write+0x20a/0x4f0 [ 2447.858663] ? page_cache_prev_miss+0x310/0x310 [ 2447.859712] ? down_write_killable+0x180/0x180 [ 2447.860762] ext4_buffered_write_iter+0x232/0x4a0 [ 2447.861853] ext4_file_write_iter+0x3ab/0x1530 [ 2447.862873] ? stack_trace_save+0x8c/0xc0 [ 2447.863810] ? stack_trace_consume_entry+0x160/0x160 [ 2447.864964] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2447.865980] ? kasan_save_stack+0x32/0x40 [ 2447.866905] ? kasan_save_stack+0x1b/0x40 [ 2447.867828] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2447.869010] ? iter_file_splice_write+0x165/0xc90 [ 2447.870085] ? direct_splice_actor+0x10f/0x170 [ 2447.871103] ? splice_direct_to_actor+0x387/0x980 [ 2447.872187] ? do_splice_direct+0x1c4/0x290 [ 2447.873152] ? do_sendfile+0x553/0x11e0 [ 2447.874042] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2447.875082] ? do_syscall_64+0x33/0x40 [ 2447.875957] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2447.877169] do_iter_readv_writev+0x476/0x750 [ 2447.878187] ? new_sync_write+0x660/0x660 [ 2447.879114] ? avc_policy_seqno+0x9/0x70 [ 2447.880023] ? selinux_file_permission+0x92/0x520 [ 2447.881110] ? security_file_permission+0xb1/0xe0 [ 2447.882200] do_iter_write+0x191/0x700 [ 2447.883082] ? trace_hardirqs_on+0x5b/0x180 [ 2447.884062] vfs_iter_write+0x70/0xa0 [ 2447.884935] iter_file_splice_write+0x726/0xc90 [ 2447.885994] ? generic_splice_sendpage+0x140/0x140 [ 2447.887111] ? security_file_permission+0xb1/0xe0 [ 2447.888207] ? generic_splice_sendpage+0x140/0x140 [ 2447.889307] direct_splice_actor+0x10f/0x170 [ 2447.890298] splice_direct_to_actor+0x387/0x980 [ 2447.891351] ? pipe_to_sendpage+0x380/0x380 [ 2447.892332] ? do_splice_to+0x160/0x160 [ 2447.893221] ? security_file_permission+0xb1/0xe0 [ 2447.894312] do_splice_direct+0x1c4/0x290 [ 2447.895247] ? splice_direct_to_actor+0x980/0x980 [ 2447.896332] ? avc_policy_seqno+0x9/0x70 [ 2447.897245] ? security_file_permission+0xb1/0xe0 [ 2447.898337] do_sendfile+0x553/0x11e0 [ 2447.899208] ? do_pwritev+0x270/0x270 [ 2447.900067] ? wait_for_completion_io+0x270/0x270 [ 2447.901156] ? rcu_read_lock_any_held+0x75/0xa0 [ 2447.902195] ? vfs_write+0x354/0xb10 [ 2447.903036] __x64_sys_sendfile64+0x1d1/0x210 [ 2447.904043] ? __ia32_sys_sendfile+0x220/0x220 [ 2447.905088] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2447.906258] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2447.907427] do_syscall_64+0x33/0x40 [ 2447.908267] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2447.909419] RIP: 0033:0x7f32880cdb19 [ 2447.910257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2447.914369] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2447.916072] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2447.917691] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2447.919284] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2447.920900] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2447.922506] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2447.940491] udc-core: couldn't find an available UDC or it's busy [ 2447.942143] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:03:51 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1912c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:51 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18ffd, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:51 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) (fail_nth: 1) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2447.964150] FAULT_INJECTION: forcing a failure. [ 2447.964150] name failslab, interval 1, probability 0, space 0, times 0 [ 2447.966964] CPU: 1 PID: 11276 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2447.968531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2447.970424] Call Trace: [ 2447.971035] dump_stack+0x107/0x167 [ 2447.971874] should_fail.cold+0x5/0xa [ 2447.972760] ? create_object.isra.0+0x3a/0xa20 [ 2447.973804] should_failslab+0x5/0x20 [ 2447.974672] kmem_cache_alloc+0x5b/0x310 [ 2447.975601] create_object.isra.0+0x3a/0xa20 [ 2447.976614] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2447.977781] kmem_cache_alloc_node+0x169/0x330 [ 2447.978841] __kmem_cache_create+0x10e/0x520 [ 2447.979847] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2447.981013] p9_client_create+0xc6a/0x1230 [ 2447.981990] ? p9_client_flush+0x430/0x430 [ 2447.982938] ? trace_hardirqs_on+0x5b/0x180 [ 2447.983936] ? lockdep_init_map_type+0x2c7/0x780 [ 2447.985024] ? __raw_spin_lock_init+0x36/0x110 [ 2447.986075] v9fs_session_init+0x1dd/0x1680 [ 2447.987044] ? lock_release+0x680/0x680 [ 2447.987962] ? kmem_cache_alloc_trace+0x151/0x320 [ 2447.989047] ? v9fs_show_options+0x690/0x690 [ 2447.990067] ? trace_hardirqs_on+0x5b/0x180 [ 2447.991056] ? kasan_unpoison_shadow+0x33/0x50 [ 2447.992094] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2447.993264] v9fs_mount+0x79/0x8f0 [ 2447.994078] ? v9fs_write_inode+0x60/0x60 [ 2447.995024] legacy_get_tree+0x105/0x220 [ 2447.995950] vfs_get_tree+0x8e/0x300 [ 2447.996822] path_mount+0x1429/0x2120 [ 2447.997697] ? strncpy_from_user+0x9e/0x470 [ 2447.998666] ? finish_automount+0xa90/0xa90 [ 2447.999653] ? getname_flags.part.0+0x1dd/0x4f0 [ 2448.000700] ? _copy_from_user+0xfb/0x1b0 [ 2448.001641] __x64_sys_mount+0x282/0x300 [ 2448.002552] ? copy_mnt_ns+0xa00/0xa00 [ 2448.003438] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2448.004656] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2448.005832] do_syscall_64+0x33/0x40 [ 2448.006691] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2448.007875] RIP: 0033:0x7f96c0f0ab19 [ 2448.008753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2448.013007] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2448.014756] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2448.016402] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2448.018208] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2448.019968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2448.021624] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:03:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f36, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2448.045963] FAULT_INJECTION: forcing a failure. [ 2448.045963] name failslab, interval 1, probability 0, space 0, times 0 [ 2448.048821] CPU: 1 PID: 11289 Comm: syz-executor.2 Not tainted 5.10.238 #1 [ 2448.050390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2448.052273] Call Trace: [ 2448.052867] dump_stack+0x107/0x167 [ 2448.053696] should_fail.cold+0x5/0xa [ 2448.054560] ? getname_flags.part.0+0x50/0x4f0 [ 2448.055591] should_failslab+0x5/0x20 [ 2448.056454] kmem_cache_alloc+0x5b/0x310 [ 2448.057393] ? lock_downgrade+0x6d0/0x6d0 [ 2448.058330] getname_flags.part.0+0x50/0x4f0 [ 2448.059347] getname+0x8e/0xd0 [ 2448.060072] do_sys_openat2+0xf9/0x4d0 [ 2448.060979] ? proc_fail_nth_write+0x94/0x220 [ 2448.062016] ? build_open_flags+0x6f0/0x6f0 [ 2448.063028] __x64_sys_openat+0x13f/0x1f0 [ 2448.063985] ? __ia32_sys_open+0x1c0/0x1c0 [ 2448.064968] ? ksys_write+0x1a9/0x260 [ 2448.065854] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2448.067062] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2448.068267] do_syscall_64+0x33/0x40 [ 2448.069123] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2448.070304] RIP: 0033:0x7fbd39daaa04 [ 2448.071162] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2448.075407] RSP: 002b:00007fbd3736b040 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2448.077164] RAX: ffffffffffffffda RBX: 00007fbd39f0af60 RCX: 00007fbd39daaa04 [ 2448.078805] RDX: 0000000000000002 RSI: 00007fbd39e50e22 RDI: 00000000ffffff9c [ 2448.080451] RBP: 00007fbd39e50e22 R08: 0000000000000000 R09: 0000000000000000 [ 2448.082092] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 2448.083735] R13: 0000000020000700 R14: 0000000020000340 R15: 0000000000022000 03:03:52 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1912d, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:52 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18ffe, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:03:52 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:03:52 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff028) 03:03:52 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f37, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2448.252783] udc-core: couldn't find an available UDC or it's busy [ 2448.254382] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:04:05 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB]}]}) 03:04:05 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1912e, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:05 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 55) 03:04:05 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 55) 03:04:05 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x18fff, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f38, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:05 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff029) [ 2461.422044] udc-core: couldn't find an available UDC or it's busy [ 2461.423761] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2461.436786] udc-core: couldn't find an available UDC or it's busy [ 2461.438564] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2461.444038] FAULT_INJECTION: forcing a failure. [ 2461.444038] name failslab, interval 1, probability 0, space 0, times 0 [ 2461.446894] CPU: 1 PID: 11324 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2461.448514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2461.450433] Call Trace: [ 2461.451046] dump_stack+0x107/0x167 [ 2461.451893] should_fail.cold+0x5/0xa [ 2461.452786] ? create_object.isra.0+0x3a/0xa20 [ 2461.453849] should_failslab+0x5/0x20 [ 2461.454731] kmem_cache_alloc+0x5b/0x310 [ 2461.455671] ? lru_cache_add+0x45c/0x800 [ 2461.456617] create_object.isra.0+0x3a/0xa20 [ 2461.457629] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2461.458814] kmem_cache_alloc+0x159/0x310 [ 2461.459779] jbd2__journal_start+0x190/0x7e0 [ 2461.460797] __ext4_journal_start_sb+0x214/0x390 [ 2461.461893] ext4_da_write_begin+0x51f/0xd40 [ 2461.462897] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2461.464228] ? ext4_write_begin+0x10f0/0x10f0 [ 2461.465264] ? copyout_mc+0x140/0x140 [ 2461.466157] generic_perform_write+0x20a/0x4f0 [ 2461.467225] ? page_cache_prev_miss+0x310/0x310 [ 2461.468308] ? down_write_killable+0x180/0x180 [ 2461.469371] ext4_buffered_write_iter+0x232/0x4a0 [ 2461.470457] ext4_file_write_iter+0x3ab/0x1530 [ 2461.471515] ? finish_task_switch+0xef/0x5d0 [ 2461.472540] ? __switch_to_asm+0x3a/0x60 [ 2461.473467] ? __switch_to_asm+0x34/0x60 [ 2461.474397] ? __schedule+0x82c/0x1ea0 [ 2461.475267] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2461.476321] ? io_schedule_timeout+0x140/0x140 [ 2461.477358] ? splice_direct_to_actor+0x387/0x980 [ 2461.478451] ? do_splice_direct+0x1c4/0x290 [ 2461.479422] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2461.480473] ? do_syscall_64+0x33/0x40 [ 2461.481343] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2461.482555] do_iter_readv_writev+0x476/0x750 [ 2461.483599] ? new_sync_write+0x660/0x660 [ 2461.484731] ? avc_policy_seqno+0x9/0x70 [ 2461.485833] ? selinux_file_permission+0x92/0x520 [ 2461.486914] ? security_file_permission+0xb1/0xe0 [ 2461.488004] do_iter_write+0x191/0x700 [ 2461.488895] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 2461.490042] vfs_iter_write+0x70/0xa0 [ 2461.490885] iter_file_splice_write+0x726/0xc90 [ 2461.491948] ? generic_splice_sendpage+0x140/0x140 [ 2461.493071] ? security_file_permission+0xb1/0xe0 [ 2461.494159] ? generic_splice_sendpage+0x140/0x140 [ 2461.495262] direct_splice_actor+0x10f/0x170 [ 2461.496248] splice_direct_to_actor+0x387/0x980 [ 2461.497343] ? pipe_to_sendpage+0x380/0x380 [ 2461.498544] ? do_splice_to+0x160/0x160 [ 2461.499437] ? security_file_permission+0xb1/0xe0 [ 2461.500529] do_splice_direct+0x1c4/0x290 [ 2461.501466] ? splice_direct_to_actor+0x980/0x980 [ 2461.502576] ? avc_policy_seqno+0x9/0x70 [ 2461.503661] ? security_file_permission+0xb1/0xe0 [ 2461.504764] do_sendfile+0x553/0x11e0 [ 2461.505636] ? do_pwritev+0x270/0x270 [ 2461.506492] ? wait_for_completion_io+0x270/0x270 [ 2461.507579] ? rcu_read_lock_any_held+0x75/0xa0 [ 2461.508629] ? vfs_write+0x354/0xb10 [ 2461.509466] __x64_sys_sendfile64+0x1d1/0x210 [ 2461.510487] ? __ia32_sys_sendfile+0x220/0x220 [ 2461.511515] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2461.512711] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2461.513873] do_syscall_64+0x33/0x40 [ 2461.514707] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2461.515863] RIP: 0033:0x7f32880cdb19 03:04:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f39, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2461.516704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2461.520988] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2461.522701] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 03:04:05 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2461.524304] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2461.526020] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2461.527618] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2461.529214] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2461.538040] FAULT_INJECTION: forcing a failure. [ 2461.538040] name failslab, interval 1, probability 0, space 0, times 0 [ 2461.541008] CPU: 1 PID: 11323 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2461.542585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2461.544454] Call Trace: [ 2461.545055] dump_stack+0x107/0x167 [ 2461.545896] should_fail.cold+0x5/0xa [ 2461.546776] ? create_object.isra.0+0x3a/0xa20 [ 2461.547806] should_failslab+0x5/0x20 [ 2461.548669] kmem_cache_alloc+0x5b/0x310 [ 2461.549586] create_object.isra.0+0x3a/0xa20 [ 2461.550579] kmemleak_alloc_percpu+0xa0/0x100 [ 2461.551589] pcpu_alloc+0x4e2/0x1240 [ 2461.552480] __kmem_cache_create+0x35a/0x520 [ 2461.553491] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2461.554616] p9_client_create+0xc6a/0x1230 [ 2461.555572] ? p9_client_flush+0x430/0x430 [ 2461.556560] ? trace_hardirqs_on+0x5b/0x180 [ 2461.557562] ? lockdep_init_map_type+0x2c7/0x780 [ 2461.558659] ? __raw_spin_lock_init+0x36/0x110 [ 2461.559719] v9fs_session_init+0x1dd/0x1680 [ 2461.560723] ? lock_release+0x680/0x680 [ 2461.561652] ? kmem_cache_alloc_trace+0x151/0x320 [ 2461.562767] ? v9fs_show_options+0x690/0x690 [ 2461.563793] ? trace_hardirqs_on+0x5b/0x180 [ 2461.564796] ? kasan_unpoison_shadow+0x33/0x50 [ 2461.565850] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2461.567014] v9fs_mount+0x79/0x8f0 [ 2461.567813] ? v9fs_write_inode+0x60/0x60 [ 2461.568751] legacy_get_tree+0x105/0x220 [ 2461.569671] vfs_get_tree+0x8e/0x300 [ 2461.570512] path_mount+0x1429/0x2120 [ 2461.571370] ? strncpy_from_user+0x9e/0x470 [ 2461.572360] ? finish_automount+0xa90/0xa90 [ 2461.573349] ? getname_flags.part.0+0x1dd/0x4f0 [ 2461.574425] ? _copy_from_user+0xfb/0x1b0 [ 2461.575391] __x64_sys_mount+0x282/0x300 [ 2461.576334] ? copy_mnt_ns+0xa00/0xa00 [ 2461.577232] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2461.578414] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2461.579611] do_syscall_64+0x33/0x40 [ 2461.580481] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2461.581664] RIP: 0033:0x7f96c0f0ab19 [ 2461.582526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2461.586796] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2461.588579] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2461.590197] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2461.591810] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2461.593407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2461.595053] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:04:05 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x1912f, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:05 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:05 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f3a, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:05 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19001, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:05 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff02a) 03:04:05 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19002, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2475.366498] kworker/dying (997) used greatest stack depth: 22752 bytes left 03:04:20 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 56) 03:04:20 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e"]}]}) 03:04:20 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19130, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 56) 03:04:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f3b, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:20 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff02b) 03:04:20 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:20 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19003, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2476.105001] FAULT_INJECTION: forcing a failure. [ 2476.105001] name failslab, interval 1, probability 0, space 0, times 0 [ 2476.107689] CPU: 0 PID: 11369 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2476.107773] udc-core: couldn't find an available UDC or it's busy [ 2476.109189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2476.109196] Call Trace: [ 2476.109223] dump_stack+0x107/0x167 [ 2476.109245] should_fail.cold+0x5/0xa [ 2476.109266] ? jbd2__journal_start+0x190/0x7e0 [ 2476.109288] should_failslab+0x5/0x20 [ 2476.109307] kmem_cache_alloc+0x5b/0x310 [ 2476.109331] jbd2__journal_start+0x190/0x7e0 [ 2476.109358] __ext4_journal_start_sb+0x214/0x390 [ 2476.111134] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2476.112729] ext4_da_write_begin+0x51f/0xd40 [ 2476.121856] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2476.122621] udc-core: couldn't find an available UDC or it's busy [ 2476.123103] ? ext4_write_begin+0x10f0/0x10f0 [ 2476.123129] ? copyout_mc+0x140/0x140 [ 2476.124832] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2476.125624] generic_perform_write+0x20a/0x4f0 [ 2476.129181] ? page_cache_prev_miss+0x310/0x310 [ 2476.130361] ? down_write_killable+0x180/0x180 [ 2476.131530] ext4_buffered_write_iter+0x232/0x4a0 [ 2476.132778] ext4_file_write_iter+0x3ab/0x1530 [ 2476.132833] FAULT_INJECTION: forcing a failure. [ 2476.132833] name failslab, interval 1, probability 0, space 0, times 0 [ 2476.133931] ? stack_trace_save+0x8c/0xc0 [ 2476.133957] ? stack_trace_consume_entry+0x160/0x160 [ 2476.133991] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2476.134009] ? kasan_save_stack+0x32/0x40 [ 2476.134025] ? kasan_save_stack+0x1b/0x40 [ 2476.134044] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2476.134065] ? iter_file_splice_write+0x165/0xc90 [ 2476.134083] ? direct_splice_actor+0x10f/0x170 [ 2476.134102] ? splice_direct_to_actor+0x387/0x980 [ 2476.134121] ? do_splice_direct+0x1c4/0x290 [ 2476.134142] ? do_sendfile+0x553/0x11e0 [ 2476.134159] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2476.134188] ? do_syscall_64+0x33/0x40 [ 2476.151213] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2476.152572] do_iter_readv_writev+0x476/0x750 [ 2476.153710] ? new_sync_write+0x660/0x660 [ 2476.154753] ? avc_policy_seqno+0x9/0x70 [ 2476.155776] ? selinux_file_permission+0x92/0x520 [ 2476.157000] ? security_file_permission+0xb1/0xe0 [ 2476.158225] do_iter_write+0x191/0x700 [ 2476.159209] ? trace_hardirqs_on+0x5b/0x180 [ 2476.160306] vfs_iter_write+0x70/0xa0 [ 2476.161278] iter_file_splice_write+0x726/0xc90 [ 2476.162470] ? generic_splice_sendpage+0x140/0x140 [ 2476.163555] ? security_file_permission+0xb1/0xe0 [ 2476.164590] ? generic_splice_sendpage+0x140/0x140 [ 2476.165638] direct_splice_actor+0x10f/0x170 [ 2476.166550] splice_direct_to_actor+0x387/0x980 [ 2476.167508] ? pipe_to_sendpage+0x380/0x380 [ 2476.168401] ? do_splice_to+0x160/0x160 [ 2476.169223] ? security_file_permission+0xb1/0xe0 [ 2476.170215] do_splice_direct+0x1c4/0x290 [ 2476.171071] ? splice_direct_to_actor+0x980/0x980 [ 2476.172059] ? avc_policy_seqno+0x9/0x70 [ 2476.172962] ? security_file_permission+0xb1/0xe0 [ 2476.174161] do_sendfile+0x553/0x11e0 [ 2476.175111] ? do_pwritev+0x270/0x270 [ 2476.176040] ? wait_for_completion_io+0x270/0x270 [ 2476.177242] ? rcu_read_lock_any_held+0x75/0xa0 [ 2476.178377] ? vfs_write+0x354/0xb10 [ 2476.179290] __x64_sys_sendfile64+0x1d1/0x210 [ 2476.180384] ? __ia32_sys_sendfile+0x220/0x220 [ 2476.181522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2476.182813] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2476.184080] do_syscall_64+0x33/0x40 [ 2476.184997] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2476.186245] RIP: 0033:0x7f32880cdb19 [ 2476.187163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2476.191679] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2476.193561] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2476.195311] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2476.197069] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2476.198808] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2476.200568] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2476.202419] CPU: 1 PID: 11377 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2476.204046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2476.205981] Call Trace: [ 2476.206602] dump_stack+0x107/0x167 [ 2476.207448] should_fail.cold+0x5/0xa [ 2476.208356] ? create_object.isra.0+0x3a/0xa20 [ 2476.209438] should_failslab+0x5/0x20 [ 2476.210320] kmem_cache_alloc+0x5b/0x310 [ 2476.211271] ? mark_held_locks+0x9e/0xe0 [ 2476.212215] create_object.isra.0+0x3a/0xa20 [ 2476.213252] kmemleak_alloc_percpu+0xa0/0x100 [ 2476.214294] pcpu_alloc+0x4e2/0x1240 [ 2476.215171] __kmem_cache_create+0x35a/0x520 [ 2476.216202] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2476.217391] p9_client_create+0xc6a/0x1230 [ 2476.218382] ? p9_client_flush+0x430/0x430 [ 2476.219357] ? trace_hardirqs_on+0x5b/0x180 [ 2476.220349] ? lockdep_init_map_type+0x2c7/0x780 [ 2476.221450] ? __raw_spin_lock_init+0x36/0x110 [ 2476.222509] v9fs_session_init+0x1dd/0x1680 [ 2476.223499] ? lock_release+0x680/0x680 [ 2476.224432] ? kmem_cache_alloc_trace+0x151/0x320 [ 2476.225536] ? v9fs_show_options+0x690/0x690 [ 2476.226551] ? trace_hardirqs_on+0x5b/0x180 [ 2476.227537] ? kasan_unpoison_shadow+0x33/0x50 [ 2476.228599] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2476.229764] v9fs_mount+0x79/0x8f0 [ 2476.230581] ? v9fs_write_inode+0x60/0x60 [ 2476.231537] legacy_get_tree+0x105/0x220 [ 2476.232485] vfs_get_tree+0x8e/0x300 [ 2476.233339] path_mount+0x1429/0x2120 [ 2476.234224] ? strncpy_from_user+0x9e/0x470 [ 2476.235211] ? finish_automount+0xa90/0xa90 [ 2476.236221] ? getname_flags.part.0+0x1dd/0x4f0 [ 2476.237328] ? _copy_from_user+0xfb/0x1b0 [ 2476.238324] __x64_sys_mount+0x282/0x300 [ 2476.239287] ? copy_mnt_ns+0xa00/0xa00 [ 2476.240221] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2476.241468] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2476.242692] do_syscall_64+0x33/0x40 03:04:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f3c, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) [ 2476.243575] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2476.245057] RIP: 0033:0x7f96c0f0ab19 [ 2476.245941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2476.250292] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2476.252100] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2476.253801] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2476.255490] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2476.257187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2476.258863] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:04:20 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19131, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:20 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19004, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:20 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff02c) 03:04:20 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:20 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f3d, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 57) 03:04:20 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 57) 03:04:20 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19132, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2476.592967] FAULT_INJECTION: forcing a failure. [ 2476.592967] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2476.593967] FAULT_INJECTION: forcing a failure. [ 2476.593967] name failslab, interval 1, probability 0, space 0, times 0 [ 2476.595677] CPU: 0 PID: 11407 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2476.599496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2476.601241] Call Trace: [ 2476.601799] dump_stack+0x107/0x167 [ 2476.602558] should_fail.cold+0x5/0xa [ 2476.603348] __alloc_pages_nodemask+0x182/0x600 [ 2476.604304] ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200 [ 2476.605579] ? find_get_entry+0x2c8/0x740 [ 2476.606451] ? slab_free_freelist_hook+0xa9/0x180 [ 2476.607472] alloc_pages_current+0x187/0x280 [ 2476.608403] __page_cache_alloc+0x2d2/0x360 [ 2476.609313] ? jbd2_journal_stop+0x188/0xdc0 [ 2476.610232] pagecache_get_page+0x2c7/0xc80 [ 2476.611098] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2476.612101] grab_cache_page_write_begin+0x64/0xa0 [ 2476.613108] ext4_da_write_begin+0x2f3/0xd40 [ 2476.614005] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2476.615180] ? ext4_write_begin+0x10f0/0x10f0 [ 2476.616087] ? copyout_mc+0x140/0x140 [ 2476.616878] generic_perform_write+0x20a/0x4f0 [ 2476.617813] ? page_cache_prev_miss+0x310/0x310 [ 2476.618758] ? down_write_killable+0x180/0x180 [ 2476.619677] ext4_buffered_write_iter+0x232/0x4a0 [ 2476.620665] ext4_file_write_iter+0x3ab/0x1530 [ 2476.621586] ? stack_trace_save+0x8c/0xc0 [ 2476.622455] ? stack_trace_consume_entry+0x160/0x160 [ 2476.623490] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2476.624445] ? kasan_save_stack+0x32/0x40 [ 2476.625299] ? kasan_save_stack+0x1b/0x40 [ 2476.626151] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2476.627199] ? iter_file_splice_write+0x165/0xc90 [ 2476.628192] ? direct_splice_actor+0x10f/0x170 [ 2476.629143] ? splice_direct_to_actor+0x387/0x980 [ 2476.630136] ? do_splice_direct+0x1c4/0x290 [ 2476.631029] ? do_sendfile+0x553/0x11e0 [ 2476.631844] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2476.632810] ? do_syscall_64+0x33/0x40 [ 2476.633613] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2476.634719] do_iter_readv_writev+0x476/0x750 [ 2476.635646] ? new_sync_write+0x660/0x660 [ 2476.636506] ? avc_policy_seqno+0x9/0x70 [ 2476.637344] ? selinux_file_permission+0x92/0x520 [ 2476.638341] ? security_file_permission+0xb1/0xe0 [ 2476.639337] do_iter_write+0x191/0x700 [ 2476.640141] ? trace_hardirqs_on+0x5b/0x180 [ 2476.641038] vfs_iter_write+0x70/0xa0 [ 2476.641818] iter_file_splice_write+0x726/0xc90 [ 2476.642787] ? generic_splice_sendpage+0x140/0x140 [ 2476.643808] ? security_file_permission+0xb1/0xe0 [ 2476.644883] ? generic_splice_sendpage+0x140/0x140 [ 2476.645904] direct_splice_actor+0x10f/0x170 [ 2476.646822] splice_direct_to_actor+0x387/0x980 [ 2476.647790] ? pipe_to_sendpage+0x380/0x380 [ 2476.648707] ? do_splice_to+0x160/0x160 [ 2476.649492] ? security_file_permission+0xb1/0xe0 [ 2476.650656] do_splice_direct+0x1c4/0x290 [ 2476.651588] ? splice_direct_to_actor+0x980/0x980 [ 2476.652591] ? avc_policy_seqno+0x9/0x70 [ 2476.653430] ? security_file_permission+0xb1/0xe0 [ 2476.654418] do_sendfile+0x553/0x11e0 [ 2476.655198] ? do_pwritev+0x270/0x270 [ 2476.655982] ? wait_for_completion_io+0x270/0x270 [ 2476.656980] ? rcu_read_lock_any_held+0x75/0xa0 [ 2476.657927] ? vfs_write+0x354/0xb10 [ 2476.658698] __x64_sys_sendfile64+0x1d1/0x210 [ 2476.659614] ? __ia32_sys_sendfile+0x220/0x220 [ 2476.660562] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2476.661629] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2476.662692] do_syscall_64+0x33/0x40 [ 2476.663460] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2476.664521] RIP: 0033:0x7f32880cdb19 [ 2476.665290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2476.669023] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2476.670565] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2476.671999] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2476.673449] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2476.674885] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2476.676323] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2476.677812] CPU: 1 PID: 11405 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2476.679359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2476.681146] Call Trace: [ 2476.681723] dump_stack+0x107/0x167 [ 2476.682510] should_fail.cold+0x5/0xa [ 2476.683331] ? create_object.isra.0+0x3a/0xa20 [ 2476.684316] should_failslab+0x5/0x20 [ 2476.685147] kmem_cache_alloc+0x5b/0x310 [ 2476.686037] create_object.isra.0+0x3a/0xa20 [ 2476.686999] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2476.688117] kmem_cache_alloc_node+0x169/0x330 [ 2476.689122] __kmem_cache_create+0x10e/0x520 [ 2476.690075] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2476.691244] p9_client_create+0xc6a/0x1230 [ 2476.692303] ? p9_client_flush+0x430/0x430 [ 2476.693352] ? trace_hardirqs_on+0x5b/0x180 [ 2476.694419] ? lockdep_init_map_type+0x2c7/0x780 [ 2476.695586] ? __raw_spin_lock_init+0x36/0x110 [ 2476.696729] v9fs_session_init+0x1dd/0x1680 [ 2476.697947] ? lock_release+0x680/0x680 [ 2476.699084] ? kmem_cache_alloc_trace+0x151/0x320 [ 2476.700266] ? v9fs_show_options+0x690/0x690 [ 2476.701369] ? trace_hardirqs_on+0x5b/0x180 [ 2476.702426] ? kasan_unpoison_shadow+0x33/0x50 [ 2476.703536] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2476.704782] v9fs_mount+0x79/0x8f0 [ 2476.705646] ? v9fs_write_inode+0x60/0x60 [ 2476.706655] legacy_get_tree+0x105/0x220 [ 2476.707645] vfs_get_tree+0x8e/0x300 [ 2476.708559] path_mount+0x1429/0x2120 [ 2476.709494] ? strncpy_from_user+0x9e/0x470 [ 2476.710540] ? finish_automount+0xa90/0xa90 [ 2476.711568] ? getname_flags.part.0+0x1dd/0x4f0 [ 2476.712659] ? _copy_from_user+0xfb/0x1b0 [ 2476.713649] __x64_sys_mount+0x282/0x300 [ 2476.714583] ? copy_mnt_ns+0xa00/0xa00 [ 2476.715497] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2476.716715] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2476.717960] do_syscall_64+0x33/0x40 [ 2476.718856] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2476.720090] RIP: 0033:0x7f96c0f0ab19 [ 2476.721000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2476.725402] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2476.727198] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2476.728894] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2476.730572] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2476.732246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2476.733934] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2488.491161] udc-core: couldn't find an available UDC or it's busy [ 2488.492170] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:04:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 58) 03:04:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff02d) 03:04:32 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 58) 03:04:32 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19005, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19133, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f3e, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:32 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x7, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:32 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e"]}]}) [ 2488.521946] FAULT_INJECTION: forcing a failure. [ 2488.521946] name failslab, interval 1, probability 0, space 0, times 0 [ 2488.523463] CPU: 1 PID: 11431 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2488.524280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2488.525280] Call Trace: [ 2488.525598] dump_stack+0x107/0x167 [ 2488.526038] should_fail.cold+0x5/0xa [ 2488.526496] ? jbd2__journal_start+0x190/0x7e0 [ 2488.527040] should_failslab+0x5/0x20 [ 2488.527495] kmem_cache_alloc+0x5b/0x310 [ 2488.527980] jbd2__journal_start+0x190/0x7e0 [ 2488.528504] __ext4_journal_start_sb+0x214/0x390 [ 2488.529076] FAULT_INJECTION: forcing a failure. [ 2488.529076] name failslab, interval 1, probability 0, space 0, times 0 [ 2488.530407] ext4_da_write_begin+0x51f/0xd40 [ 2488.530930] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2488.531631] ? ext4_write_begin+0x10f0/0x10f0 [ 2488.532180] ? copyout_mc+0x140/0x140 [ 2488.532658] generic_perform_write+0x20a/0x4f0 [ 2488.533202] ? page_cache_prev_miss+0x310/0x310 [ 2488.533771] ? down_write_killable+0x180/0x180 [ 2488.534324] ext4_buffered_write_iter+0x232/0x4a0 [ 2488.534910] ext4_file_write_iter+0x3ab/0x1530 [ 2488.535461] ? stack_trace_save+0x8c/0xc0 [ 2488.535967] ? stack_trace_consume_entry+0x160/0x160 [ 2488.536601] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2488.537151] ? kasan_save_stack+0x32/0x40 [ 2488.537653] ? kasan_save_stack+0x1b/0x40 [ 2488.538145] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2488.538758] ? iter_file_splice_write+0x165/0xc90 [ 2488.539333] ? direct_splice_actor+0x10f/0x170 [ 2488.539879] ? splice_direct_to_actor+0x387/0x980 [ 2488.540457] ? do_splice_direct+0x1c4/0x290 [ 2488.540980] ? do_sendfile+0x553/0x11e0 [ 2488.541462] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2488.542020] ? do_syscall_64+0x33/0x40 [ 2488.542491] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2488.543136] do_iter_readv_writev+0x476/0x750 [ 2488.543679] ? new_sync_write+0x660/0x660 [ 2488.544177] ? avc_policy_seqno+0x9/0x70 [ 2488.544678] ? selinux_file_permission+0x92/0x520 [ 2488.545258] ? security_file_permission+0xb1/0xe0 [ 2488.545846] do_iter_write+0x191/0x700 [ 2488.546321] ? trace_hardirqs_on+0x5b/0x180 [ 2488.546843] vfs_iter_write+0x70/0xa0 [ 2488.547309] iter_file_splice_write+0x726/0xc90 [ 2488.547879] ? generic_splice_sendpage+0x140/0x140 [ 2488.548484] ? security_file_permission+0xb1/0xe0 [ 2488.549058] ? generic_splice_sendpage+0x140/0x140 [ 2488.549633] direct_splice_actor+0x10f/0x170 [ 2488.550144] splice_direct_to_actor+0x387/0x980 [ 2488.550695] ? pipe_to_sendpage+0x380/0x380 [ 2488.551201] ? do_splice_to+0x160/0x160 [ 2488.551666] ? security_file_permission+0xb1/0xe0 [ 2488.552236] do_splice_direct+0x1c4/0x290 [ 2488.552731] ? splice_direct_to_actor+0x980/0x980 [ 2488.553295] ? avc_policy_seqno+0x9/0x70 [ 2488.553770] ? security_file_permission+0xb1/0xe0 [ 2488.554342] do_sendfile+0x553/0x11e0 [ 2488.554796] ? do_pwritev+0x270/0x270 [ 2488.555244] ? wait_for_completion_io+0x270/0x270 [ 2488.555810] ? rcu_read_lock_any_held+0x75/0xa0 [ 2488.556360] ? vfs_write+0x354/0xb10 [ 2488.556803] __x64_sys_sendfile64+0x1d1/0x210 [ 2488.557327] ? __ia32_sys_sendfile+0x220/0x220 [ 2488.557864] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2488.558476] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2488.559071] do_syscall_64+0x33/0x40 [ 2488.559507] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2488.560100] RIP: 0033:0x7f32880cdb19 [ 2488.560541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2488.562707] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2488.563641] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2488.564501] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2488.565365] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2488.566190] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2488.567049] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2488.567936] CPU: 0 PID: 11428 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2488.569572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2488.571465] Call Trace: [ 2488.572069] dump_stack+0x107/0x167 [ 2488.572907] should_fail.cold+0x5/0xa [ 2488.573778] ? create_object.isra.0+0x3a/0xa20 [ 2488.574821] should_failslab+0x5/0x20 [ 2488.575659] kmem_cache_alloc+0x5b/0x310 [ 2488.576584] ? lock_release+0x680/0x680 [ 2488.577486] create_object.isra.0+0x3a/0xa20 [ 2488.578470] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2488.579617] __kmalloc_track_caller+0x177/0x370 [ 2488.580667] ? kstrdup_const+0x53/0x80 [ 2488.581548] kstrdup+0x36/0x70 [ 2488.582267] kstrdup_const+0x53/0x80 [ 2488.583103] kvasprintf_const+0x10c/0x1a0 [ 2488.584034] kobject_set_name_vargs+0x56/0x150 [ 2488.585074] kobject_init_and_add+0xc9/0x160 [ 2488.586059] ? kobject_create_and_add+0xb0/0xb0 [ 2488.587108] ? wait_for_completion_io+0x270/0x270 [ 2488.588196] ? kernfs_name_hash+0xe7/0x110 [ 2488.589160] ? kernfs_find_ns+0x256/0x380 [ 2488.590106] sysfs_slab_add+0x172/0x200 [ 2488.591000] __kmem_cache_create+0x3db/0x520 [ 2488.592004] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2488.593139] p9_client_create+0xc6a/0x1230 [ 2488.594111] ? p9_client_flush+0x430/0x430 [ 2488.595081] ? trace_hardirqs_on+0x5b/0x180 [ 2488.596071] ? lockdep_init_map_type+0x2c7/0x780 [ 2488.597169] ? __raw_spin_lock_init+0x36/0x110 [ 2488.598222] v9fs_session_init+0x1dd/0x1680 [ 2488.599210] ? lock_release+0x680/0x680 [ 2488.600132] ? kmem_cache_alloc_trace+0x151/0x320 [ 2488.601244] ? v9fs_show_options+0x690/0x690 [ 2488.602261] ? trace_hardirqs_on+0x5b/0x180 [ 2488.603251] ? kasan_unpoison_shadow+0x33/0x50 [ 2488.604295] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2488.605462] v9fs_mount+0x79/0x8f0 [ 2488.606275] ? v9fs_write_inode+0x60/0x60 [ 2488.607226] legacy_get_tree+0x105/0x220 [ 2488.608158] vfs_get_tree+0x8e/0x300 [ 2488.609016] path_mount+0x1429/0x2120 [ 2488.609867] ? strncpy_from_user+0x9e/0x470 [ 2488.610823] ? finish_automount+0xa90/0xa90 [ 2488.611789] ? getname_flags.part.0+0x1dd/0x4f0 [ 2488.612838] ? _copy_from_user+0xfb/0x1b0 [ 2488.613785] __x64_sys_mount+0x282/0x300 [ 2488.614697] ? copy_mnt_ns+0xa00/0xa00 [ 2488.615573] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2488.616753] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2488.617914] do_syscall_64+0x33/0x40 [ 2488.618762] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2488.619924] RIP: 0033:0x7f96c0f0ab19 [ 2488.620769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2488.624895] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2488.626595] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2488.628206] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2488.629820] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2488.631417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2488.633027] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:04:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f3f, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f40, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:32 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19006, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f41, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:32 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0xf, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19134, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:32 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f42, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff02e) 03:04:45 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r0}, &(0x7f0000000300)) read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e"]}]}) 03:04:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff02f) 03:04:45 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x45, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r3, &(0x7f00000000c0)="04", 0x1, 0x3ff03) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) (fail_nth: 59) 03:04:45 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f43, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:45 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000080)=0xc0) dup2(0xffffffffffffffff, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 59) 03:04:45 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19007, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:45 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19135, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2501.863788] udc-core: couldn't find an available UDC or it's busy [ 2501.864817] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:04:45 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19008, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 2501.907058] FAULT_INJECTION: forcing a failure. [ 2501.907058] name failslab, interval 1, probability 0, space 0, times 0 [ 2501.908877] CPU: 0 PID: 11489 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2501.909865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2501.910154] FAULT_INJECTION: forcing a failure. [ 2501.910154] name failslab, interval 1, probability 0, space 0, times 0 [ 2501.911032] Call Trace: [ 2501.911056] dump_stack+0x107/0x167 [ 2501.911072] should_fail.cold+0x5/0xa [ 2501.911092] should_failslab+0x5/0x20 [ 2501.911107] __kmalloc_track_caller+0x79/0x370 [ 2501.911117] ? kstrdup_const+0x53/0x80 [ 2501.911132] kstrdup+0x36/0x70 [ 2501.911143] kstrdup_const+0x53/0x80 [ 2501.911168] __kernfs_new_node+0x9d/0x860 [ 2501.918297] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 2501.918990] ? lock_acquire+0x197/0x470 [ 2501.919567] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2501.920325] ? lock_release+0x680/0x680 [ 2501.920907] ? find_held_lock+0x2c/0x110 [ 2501.921505] kernfs_new_node+0x18d/0x250 [ 2501.922101] kernfs_create_dir_ns+0x49/0x160 [ 2501.922744] sysfs_create_dir_ns+0x127/0x290 [ 2501.923383] ? sysfs_create_mount_point+0xb0/0xb0 [ 2501.924079] ? rwlock_bug.part.0+0x90/0x90 [ 2501.924728] ? do_raw_spin_unlock+0x4f/0x220 [ 2501.925375] kobject_add_internal+0x25e/0xa30 [ 2501.926031] kobject_init_and_add+0x101/0x160 [ 2501.926686] ? kobject_create_and_add+0xb0/0xb0 [ 2501.927367] ? wait_for_completion_io+0x270/0x270 [ 2501.928062] ? kernfs_name_hash+0xe7/0x110 [ 2501.928681] ? kernfs_find_ns+0x256/0x380 [ 2501.929296] sysfs_slab_add+0x172/0x200 [ 2501.929875] __kmem_cache_create+0x3db/0x520 [ 2501.930519] kmem_cache_create_usercopy+0x1db/0x2f0 [ 2501.931250] p9_client_create+0xc6a/0x1230 [ 2501.931874] ? p9_client_flush+0x430/0x430 [ 2501.932492] ? trace_hardirqs_on+0x5b/0x180 [ 2501.933124] ? lockdep_init_map_type+0x2c7/0x780 [ 2501.933815] ? __raw_spin_lock_init+0x36/0x110 [ 2501.934485] v9fs_session_init+0x1dd/0x1680 [ 2501.935108] ? lock_release+0x680/0x680 [ 2501.935693] ? kmem_cache_alloc_trace+0x151/0x320 [ 2501.936394] ? v9fs_show_options+0x690/0x690 [ 2501.937043] ? trace_hardirqs_on+0x5b/0x180 [ 2501.937676] ? kasan_unpoison_shadow+0x33/0x50 [ 2501.938341] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2501.939078] v9fs_mount+0x79/0x8f0 [ 2501.939598] ? v9fs_write_inode+0x60/0x60 [ 2501.940199] legacy_get_tree+0x105/0x220 [ 2501.940802] vfs_get_tree+0x8e/0x300 [ 2501.941344] path_mount+0x1429/0x2120 [ 2501.941900] ? strncpy_from_user+0x9e/0x470 [ 2501.942529] ? finish_automount+0xa90/0xa90 [ 2501.943156] ? getname_flags.part.0+0x1dd/0x4f0 [ 2501.943834] ? _copy_from_user+0xfb/0x1b0 [ 2501.944446] __x64_sys_mount+0x282/0x300 [ 2501.945026] ? copy_mnt_ns+0xa00/0xa00 [ 2501.945571] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2501.946297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2501.947014] do_syscall_64+0x33/0x40 [ 2501.947536] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2501.948246] RIP: 0033:0x7f96c0f0ab19 [ 2501.948776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2501.951317] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2501.952373] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2501.953376] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2501.954367] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2501.955359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2501.956351] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 [ 2501.957398] CPU: 1 PID: 11487 Comm: syz-executor.4 Not tainted 5.10.238 #1 [ 2501.958944] kobject_add_internal failed for 9p-fcall-cache-751 (error: -12 parent: slab) [ 2501.958972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2501.960515] kmem_cache_create(9p-fcall-cache-751) failed with error -12 [ 2501.961935] Call Trace: [ 2501.961967] dump_stack+0x107/0x167 [ 2501.961993] should_fail.cold+0x5/0xa [ 2501.965123] ? create_object.isra.0+0x3a/0xa20 [ 2501.966157] should_failslab+0x5/0x20 [ 2501.967018] kmem_cache_alloc+0x5b/0x310 [ 2501.967934] ? lru_cache_add+0x45c/0x800 [ 2501.968861] create_object.isra.0+0x3a/0xa20 [ 2501.969857] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2501.971016] kmem_cache_alloc+0x159/0x310 [ 2501.971958] jbd2__journal_start+0x190/0x7e0 [ 2501.972954] __ext4_journal_start_sb+0x214/0x390 [ 2501.974015] ext4_da_write_begin+0x51f/0xd40 [ 2501.975010] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 2501.976312] ? ext4_write_begin+0x10f0/0x10f0 [ 2501.977344] ? copyout_mc+0x140/0x140 [ 2501.978215] generic_perform_write+0x20a/0x4f0 [ 2501.979252] ? page_cache_prev_miss+0x310/0x310 [ 2501.980301] ? down_write_killable+0x180/0x180 [ 2501.981357] ext4_buffered_write_iter+0x232/0x4a0 [ 2501.982445] ext4_file_write_iter+0x3ab/0x1530 [ 2501.983465] ? stack_trace_save+0x8c/0xc0 [ 2501.984391] ? stack_trace_consume_entry+0x160/0x160 [ 2501.985553] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2501.986574] ? kasan_save_stack+0x32/0x40 [ 2501.987493] ? kasan_save_stack+0x1b/0x40 [ 2501.988417] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2501.989556] ? iter_file_splice_write+0x165/0xc90 [ 2501.990632] ? direct_splice_actor+0x10f/0x170 [ 2501.991651] ? splice_direct_to_actor+0x387/0x980 [ 2501.992737] ? do_splice_direct+0x1c4/0x290 [ 2501.993707] ? do_sendfile+0x553/0x11e0 [ 2501.994594] ? __x64_sys_sendfile64+0x1d1/0x210 [ 2501.995624] ? do_syscall_64+0x33/0x40 [ 2501.996494] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2501.997703] do_iter_readv_writev+0x476/0x750 [ 2501.998702] ? new_sync_write+0x660/0x660 [ 2501.999625] ? avc_policy_seqno+0x9/0x70 [ 2502.000521] ? selinux_file_permission+0x92/0x520 [ 2502.001600] ? security_file_permission+0xb1/0xe0 [ 2502.002684] do_iter_write+0x191/0x700 [ 2502.003561] ? trace_hardirqs_on+0x5b/0x180 [ 2502.004535] vfs_iter_write+0x70/0xa0 [ 2502.005396] iter_file_splice_write+0x726/0xc90 [ 2502.006458] ? generic_splice_sendpage+0x140/0x140 [ 2502.007585] ? security_file_permission+0xb1/0xe0 [ 2502.008676] ? generic_splice_sendpage+0x140/0x140 [ 2502.009794] direct_splice_actor+0x10f/0x170 [ 2502.010789] splice_direct_to_actor+0x387/0x980 [ 2502.011839] ? pipe_to_sendpage+0x380/0x380 [ 2502.012822] ? do_splice_to+0x160/0x160 [ 2502.013711] ? security_file_permission+0xb1/0xe0 [ 2502.014803] do_splice_direct+0x1c4/0x290 [ 2502.015745] ? splice_direct_to_actor+0x980/0x980 [ 2502.016825] ? avc_policy_seqno+0x9/0x70 [ 2502.017746] ? security_file_permission+0xb1/0xe0 [ 2502.018844] do_sendfile+0x553/0x11e0 [ 2502.019720] ? do_pwritev+0x270/0x270 [ 2502.020574] ? wait_for_completion_io+0x270/0x270 [ 2502.021669] ? rcu_read_lock_any_held+0x75/0xa0 [ 2502.022731] ? vfs_write+0x354/0xb10 [ 2502.023594] __x64_sys_sendfile64+0x1d1/0x210 [ 2502.024614] ? __ia32_sys_sendfile+0x220/0x220 [ 2502.025661] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2502.026837] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2502.027993] do_syscall_64+0x33/0x40 [ 2502.028831] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2502.029983] RIP: 0033:0x7f32880cdb19 [ 2502.030825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.034979] RSP: 002b:00007f3285643188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2502.036689] RAX: ffffffffffffffda RBX: 00007f32881e0f60 RCX: 00007f32880cdb19 [ 2502.038307] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 2502.039920] RBP: 00007f32856431d0 R08: 0000000000000000 R09: 0000000000000000 [ 2502.041531] R10: 00000ffffffff000 R11: 0000000000000246 R12: 0000000000000002 [ 2502.043137] R13: 00007ffca1cc64ef R14: 00007f3285643300 R15: 0000000000022000 [ 2502.044772] CPU: 0 PID: 11489 Comm: syz-executor.1 Not tainted 5.10.238 #1 [ 2502.045569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2502.046507] Call Trace: [ 2502.046809] dump_stack+0x107/0x167 [ 2502.047226] kmem_cache_create_usercopy.cold+0x17/0x65 [ 2502.047822] p9_client_create+0xc6a/0x1230 [ 2502.048305] ? p9_client_flush+0x430/0x430 [ 2502.048789] ? trace_hardirqs_on+0x5b/0x180 [ 2502.049279] ? lockdep_init_map_type+0x2c7/0x780 [ 2502.049826] ? __raw_spin_lock_init+0x36/0x110 [ 2502.050362] v9fs_session_init+0x1dd/0x1680 [ 2502.050883] ? lock_release+0x680/0x680 [ 2502.051344] ? kmem_cache_alloc_trace+0x151/0x320 [ 2502.051891] ? v9fs_show_options+0x690/0x690 [ 2502.052404] ? trace_hardirqs_on+0x5b/0x180 [ 2502.052909] ? kasan_unpoison_shadow+0x33/0x50 [ 2502.053424] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2502.054000] v9fs_mount+0x79/0x8f0 [ 2502.054404] ? v9fs_write_inode+0x60/0x60 [ 2502.054878] legacy_get_tree+0x105/0x220 [ 2502.055341] vfs_get_tree+0x8e/0x300 [ 2502.055768] path_mount+0x1429/0x2120 [ 2502.056203] ? strncpy_from_user+0x9e/0x470 [ 2502.056704] ? finish_automount+0xa90/0xa90 [ 2502.057198] ? getname_flags.part.0+0x1dd/0x4f0 [ 2502.057725] ? _copy_from_user+0xfb/0x1b0 [ 2502.058198] __x64_sys_mount+0x282/0x300 [ 2502.058657] ? copy_mnt_ns+0xa00/0xa00 [ 2502.059104] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2502.059701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2502.060288] do_syscall_64+0x33/0x40 [ 2502.060718] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2502.061306] RIP: 0033:0x7f96c0f0ab19 [ 2502.061728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.063799] RSP: 002b:00007f96be480188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2502.064659] RAX: ffffffffffffffda RBX: 00007f96c101df60 RCX: 00007f96c0f0ab19 [ 2502.065468] RDX: 00000000200000c0 RSI: 0000000020000380 RDI: 0000000000000000 [ 2502.066268] RBP: 00007f96be4801d0 R08: 0000000020000280 R09: 0000000000000000 [ 2502.067074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2502.067882] R13: 00007ffd1e2c8abf R14: 00007f96be480300 R15: 0000000000022000 03:04:46 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19136, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:46 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x0, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x19f44, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 03:04:46 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x28, 0x16, 0x8, 0x70bd2d, 0x0, {0xa}, [@typed={0x14, 0x91, 0x0, 0x0, @ipv6=@empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000500)) syz_usb_connect$hid(0x4b, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12015080000000ff6d044a4040000102030109022400010101000309040011020301024b09210101f90122f20d09058103ff03020901"], &(0x7f0000000700)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x4, 0x7, 0x0, 0x0, 0x9}, 0xd4, &(0x7f0000000740)=ANY=[@ANYBLOB="050fd40001cf1001b344bc324800ca420887f58960a7555297ed33f7f2c2d2cf2f2ea9e85a4474af00541bcc2874d331e74c3f01368ea8c872b1b5953b717287570a9cc3d52602c810d3299d91d6da2dcbc3496633110981b27e5a8b49d7b57097f1f60198288cf72ad8d7cf3418d2c3a4940f67793e76560c5c3183baa10f791d89b9a7df92cdc571ae0bc0b802e05019076402f1630305586e1e7a695449c12e040000000b43bf1e2a6603000000dc394f8305d3a85d6194c2bdc139a234d2ba8d5bdf54896b10f547b1c8a1d4c9b069058c74598018ef80d5ae3317e4e2bd06fb0d2c2b2eb2353b60f80902b372856e139949b57c"], 0x3, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x104f}}, {0x81, &(0x7f0000000640)=@string={0x81, 0x3, "5da54aeb96d9d5532b9055ce39b9493b31c41acff9964ab0911da3561f737f87f82793f643046b6bd044175d7fd1324143624186053a1aeb878b36daef4bbeb203cc0b6360ad254be3794f84271ef5156a6428b695955c5783a2b80b986d022824a9c95b30397f0ae4b1fadd4a3d435298dc13ae1df775c3881f5802d464d0"}}, {0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="30030e5754f82570f049ad9eb16a6aa4a6da931754e32b2e4059f4f0000000000000003316711f03b60b45026ab71ea4"]}]}) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:04:46 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x80000, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:46 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x19137, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:46 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$HIDIOCINITREPORT(r1, 0x550c, 0x20000000) r2 = mq_open(&(0x7f0000000100)='wfdno', 0x801, 0x83, &(0x7f0000000200)={0x6, 0x4, 0xb0, 0x7}) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x0, 0x1, 0xc001000000000000, 0x3, 0x3, 0x18c, 0x109, 0x40, 0x3a7, 0x8000, 0x4, 0x38, 0x2, 0x9, 0x901, 0x5}, [], "4f96338ba86e5cdfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405b71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b", ['\x00']}, 0x229) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c) mount$9p_fd(0x900100, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) 03:04:46 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0) r2 = getpgrp(0x0) prlimit64(r2, 0x6, &(0x7f0000000100)={0x1}, &(0x7f0000000200)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0x0, 0x0, 0x8}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, 0x0, 0x3) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd7000fbdbdf250900000008003700020000000800090001ac0f0009000700b58f1c4e6f000000080037000000000008006e80040002000400280011000700c23d5450b8f55a74e69645eef1000000f3f6f92d4d6cb1e8a5feb385a738566d0099ef01459918869a637ab63f7af127cc9988292e7ab223dc9546596ee36a2e4834aab94373bdb3944615115083477cd40647844f7419ad2927125144a8bba0461a9ce2f7f0f78db2fe4b1dda5c1bb738ec167f14552ce38271a1e01d7e9b287c4943789f15b1082e4145f5cb1ea6abc85f17688e1349a07e8d835a9b43bf32f8dde036c558310c45c6"], 0x58}, 0x1, 0x0, 0x0, 0x20000011}, 0x8000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(r2, 0xb, &(0x7f0000000000)={0x8001, 0x6}, &(0x7f0000000400)) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendfile(r1, r0, 0x0, 0xffffffff030) [ 2514.909580] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888009d0c1c0 (size 32): comm "syz-executor.1", pid 11489, jiffies 4297168812 (age 20.703s) hex dump (first 32 bytes): 39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 37 9p-fcall-cache-7 35 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51.............. backtrace: [<00000000b79d795c>] kstrdup+0x36/0x70 [<0000000085d26e6a>] kstrdup_const+0x53/0x80 [<00000000e0d47dc0>] kvasprintf_const+0x10c/0x1a0 [<0000000016a6034e>] kobject_set_name_vargs+0x56/0x150 [<000000003128a8a4>] kobject_init_and_add+0xc9/0x160 [<000000003801ab53>] sysfs_slab_add+0x172/0x200 [<000000007d1a0e69>] __kmem_cache_create+0x3db/0x520 [<000000005cf649fa>] kmem_cache_create_usercopy+0x1db/0x2f0 [<00000000a841f070>] p9_client_create+0xc6a/0x1230 [<000000004ecfb046>] v9fs_session_init+0x1dd/0x1680 [<00000000fc53da5d>] v9fs_mount+0x79/0x8f0 [<00000000dc704b86>] legacy_get_tree+0x105/0x220 [<00000000cb713d09>] vfs_get_tree+0x8e/0x300 [<0000000087cec03b>] path_mount+0x1429/0x2120 [<000000007c740864>] __x64_sys_mount+0x282/0x300 [<000000006f39f7d5>] do_syscall_64+0x33/0x40 BUG: leak checking failed VM DIAGNOSIS: 03:05:07 Registers: info registers vcpu 0 RAX=ffffffff83e93390 RBX=0000000000000000 RCX=ffffffff83e7af2c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e93998 RBP=0000000000000000 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85678908 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e9339e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffe44888ba8 CR3=0000000004e26000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000000000000000ff00 XMM01=25252525252525252525252525252525 XMM02=20646970202c22312e726f7475636578 XMM03=00000000000000000000000000000000 XMM04=0000000000000000000000000000ff00 XMM05=39303038383866666666783020746365 XMM06=29323320657a69732820306331633064 XMM07=78652d7a797322206d6d6f6320200a3a XMM08=0a303478302f333378302b34365f6c6c XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff83e93390 RBX=0000000000000001 RCX=ffffffff83e7af2c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e93998 RBP=0000000000000001 RSP=ffff888008987e70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85678908 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e9339e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6921c07558 CR3=000000001b304000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e XMM02=3a29323320657a697328203063316330 XMM03=313120646970202c22312e726f747563 XMM04=6c6c6163662d70392020373320643220 XMM05=32206336206336203136203336203636 XMM06=73657479622032332074737269662820 XMM07=2e303220656761282032313838363137 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000