ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bde"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:09:36 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:09:36 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97", 0x8e, 0x4)

00:09:36 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
umount2(&(0x7f0000000080)='./file1\x00', 0x2)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:09:36 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000710000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2449.553468] audit: type=1326 audit(1716336576.771:3851): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2449.572556] audit: type=1326 audit(1716336576.771:3852): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:09:36 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2449.589693] FAULT_INJECTION: forcing a failure.
[ 2449.589693] name failslab, interval 1, probability 0, space 0, times 0
[ 2449.591817] CPU: 0 PID: 49177 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2449.593030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2449.594442] Call Trace:
[ 2449.594909]  dump_stack+0x107/0x167
[ 2449.595550]  should_fail.cold+0x5/0xa
[ 2449.596226]  ? create_object.isra.0+0x3a/0xa20
[ 2449.597039]  should_failslab+0x5/0x20
[ 2449.597699]  kmem_cache_alloc+0x5b/0x310
[ 2449.598413]  create_object.isra.0+0x3a/0xa20
[ 2449.599170]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2449.600058]  kmem_cache_alloc+0x159/0x310
[ 2449.600803]  anon_vma_clone+0xdc/0x590
[ 2449.601490]  anon_vma_fork+0x82/0x640
[ 2449.602148]  ? __vm_enough_memory+0x184/0x360
[ 2449.602926]  copy_process+0x7218/0x7800
[ 2449.603655]  ? __cleanup_sighand+0xb0/0xb0
00:09:36 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8425000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2449.604408]  ? lock_acquire+0x197/0x470
[ 2449.605223]  ? find_held_lock+0x2c/0x110
[ 2449.605923]  kernel_clone+0xe7/0x980
[ 2449.606563]  ? lock_downgrade+0x6d0/0x6d0
[ 2449.607264]  ? find_held_lock+0x2c/0x110
[ 2449.607953]  ? create_io_thread+0xf0/0xf0
[ 2449.608689]  ? ksys_write+0x12d/0x260
[ 2449.609359]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2449.610190]  __do_sys_fork+0x8a/0xc0
[ 2449.610828]  ? kernel_thread+0xf0/0xf0
[ 2449.611512]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2449.612445]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2449.613362]  ? trace_hardirqs_on+0x5b/0x180
[ 2449.614101]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2449.614971]  do_syscall_64+0x33/0x40
[ 2449.615603]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2449.616479] RIP: 0033:0x7f4f720b0b19
[ 2449.617116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2449.620181] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2449.621469] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2449.622666] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2449.623863] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2449.625073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2449.626282] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
[ 2449.640387] audit: type=1326 audit(1716336576.771:3853): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2449.642362] audit: type=1326 audit(1716336576.772:3854): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2449.662415] audit: type=1326 audit(1716336576.784:3855): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2449.676194] audit: type=1326 audit(1716336576.786:3856): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2449.684661] audit: type=1326 audit(1716336576.786:3857): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:09:36 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x409, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x24}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r3 = fork()
ptrace$setopts(0x4206, r3, 0x10001, 0x0)
ptrace(0x10, r3)
ptrace$cont(0x9, r3, 0x68c, 0x0)
syz_open_procfs(r3, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r3, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2449.693198] audit: type=1326 audit(1716336576.786:3858): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49130 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:09:36 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97", 0x8e, 0x4)

00:09:37 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="845b000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:09:37 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000910000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:09:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401030010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:09:37 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:09:37 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8460000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:09:37 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff974330"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:09:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401040010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:09:50 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
r1 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
pidfd_getfd(r1, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000180)={'\x00', 0x9, 0x40, 0x2, 0x7, 0xfffffffffffffff9, r0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:09:50 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:09:50 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:09:50 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 90)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:09:50 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8464000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:09:50 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42", 0x98, 0x4)

00:09:50 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff974330"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2463.711462] kauditd_printk_skb: 38 callbacks suppressed
[ 2463.711485] audit: type=1326 audit(1716336590.968:3897): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.720846] audit: type=1326 audit(1716336590.968:3898): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:09:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401050010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2463.741462] FAULT_INJECTION: forcing a failure.
[ 2463.741462] name failslab, interval 1, probability 0, space 0, times 0
[ 2463.743421] CPU: 1 PID: 49601 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2463.744609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2463.746015] Call Trace:
[ 2463.746459]  dump_stack+0x107/0x167
[ 2463.747058]  should_fail.cold+0x5/0xa
[ 2463.747677]  ? down_write+0xe0/0x160
[ 2463.748282]  ? anon_vma_clone+0xdc/0x590
[ 2463.748959]  should_failslab+0x5/0x20
[ 2463.749582]  kmem_cache_alloc+0x5b/0x310
[ 2463.750255]  anon_vma_clone+0xdc/0x590
[ 2463.750903]  anon_vma_fork+0x82/0x640
[ 2463.751536]  ? __vm_enough_memory+0x184/0x360
[ 2463.752268]  copy_process+0x7218/0x7800
[ 2463.752975]  ? __cleanup_sighand+0xb0/0xb0
[ 2463.753672]  ? lock_acquire+0x197/0x470
[ 2463.754338]  ? find_held_lock+0x2c/0x110
[ 2463.755005]  kernel_clone+0xe7/0x980
[ 2463.755619]  ? lock_downgrade+0x6d0/0x6d0
[ 2463.756293]  ? find_held_lock+0x2c/0x110
[ 2463.756973]  ? create_io_thread+0xf0/0xf0
[ 2463.757663]  ? ksys_write+0x12d/0x260
[ 2463.758301]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2463.759103]  __do_sys_fork+0x8a/0xc0
[ 2463.759702]  ? kernel_thread+0xf0/0xf0
[ 2463.760347]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2463.761198]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2463.762008]  ? trace_hardirqs_on+0x5b/0x180
[ 2463.762702]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2463.763515]  do_syscall_64+0x33/0x40
[ 2463.764173]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2463.765039] RIP: 0033:0x7f4f720b0b19
[ 2463.765639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2463.768495] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2463.769695] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2463.770811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2463.771925] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2463.773061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2463.774202] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
[ 2463.774307] audit: type=1326 audit(1716336590.996:3899): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.791975] audit: type=1326 audit(1716336590.997:3900): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.801879] audit: type=1326 audit(1716336590.997:3901): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:09:51 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000b10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:09:51 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8400030010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2463.814129] audit: type=1326 audit(1716336590.998:3902): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.825230] audit: type=1326 audit(1716336590.998:3903): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.836793] audit: type=1326 audit(1716336590.998:3904): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.847624] audit: type=1326 audit(1716336591.040:3905): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2463.863192] audit: type=1326 audit(1716336591.119:3906): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49585 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:10:04 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 91)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:10:04 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff974330"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:10:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401060010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:04 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42", 0x98, 0x4)

00:10:04 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:10:04 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401120200000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
mount$9p_unix(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x200050, &(0x7f0000000300)=ANY=[@ANYBLOB="7472616e733d756e6978c081d60c3d461330302e4ccec437676c373515481b5ac619eb23ba2c736d61636b66736861743d6e65742f736f636b73"])
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
mkdir(&(0x7f0000000380)='./file0\x00', 0x2)
r1 = getpgid(r0)
ptrace(0x10, r1)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2476.989326] kauditd_printk_skb: 1 callbacks suppressed
[ 2476.989351] audit: type=1326 audit(1716336604.245:3908): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49927 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2476.994812] FAULT_INJECTION: forcing a failure.
[ 2476.994812] name failslab, interval 1, probability 0, space 0, times 0
[ 2476.995244] audit: type=1326 audit(1716336604.246:3909): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49927 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2476.996921] CPU: 1 PID: 49942 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2477.000158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2477.001448] Call Trace:
[ 2477.001879]  dump_stack+0x107/0x167
[ 2477.002450]  should_fail.cold+0x5/0xa
[ 2477.003036]  ? create_object.isra.0+0x3a/0xa20
[ 2477.003748]  should_failslab+0x5/0x20
[ 2477.004330]  kmem_cache_alloc+0x5b/0x310
[ 2477.004984]  create_object.isra.0+0x3a/0xa20
[ 2477.005665]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2477.006449]  kmem_cache_alloc+0x159/0x310
[ 2477.007100]  anon_vma_clone+0xdc/0x590
[ 2477.007710]  anon_vma_fork+0x82/0x640
[ 2477.008307]  ? __vm_enough_memory+0x184/0x360
[ 2477.009201]  copy_process+0x7218/0x7800
[ 2477.009247] audit: type=1326 audit(1716336604.246:3910): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49927 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2477.009881]  ? __cleanup_sighand+0xb0/0xb0
[ 2477.012940]  ? lock_acquire+0x197/0x470
[ 2477.013643]  ? find_held_lock+0x2c/0x110
[ 2477.014297]  kernel_clone+0xe7/0x980
[ 2477.014880]  ? lock_downgrade+0x6d0/0x6d0
[ 2477.015523]  ? find_held_lock+0x2c/0x110
[ 2477.016140]  ? create_io_thread+0xf0/0xf0
[ 2477.016793]  ? ksys_write+0x12d/0x260
[ 2477.017408]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2477.018176]  __do_sys_fork+0x8a/0xc0
[ 2477.018761]  ? kernel_thread+0xf0/0xf0
[ 2477.019377]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2477.020175]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2477.021215]  ? trace_hardirqs_on+0x5b/0x180
[ 2477.021908]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2477.022931]  do_syscall_64+0x33/0x40
[ 2477.023591]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2477.024626] RIP: 0033:0x7f4f720b0b19
[ 2477.025266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2477.028921] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2477.030144] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2477.031244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2477.032331] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2477.033411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2477.034490] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
[ 2477.049565] audit: type=1326 audit(1716336604.305:3911): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49927 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2477.054911] audit: type=1326 audit(1716336604.306:3912): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49927 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2477.058506] audit: type=1326 audit(1716336604.311:3913): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=49927 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:10:04 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42", 0x98, 0x4)

00:10:04 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401001010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401020010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401070010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:04 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:10:04 executing program 0:
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000300)=""/136, 0x88)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@mpol={'mpol', 0x3d, {'prefer', '', @val={0x3a, [0x39, 0x30, 0x32, 0x37, 0x33, 0x38, 0x35, 0x35, 0x34, 0x38]}}}}]})
r0 = fork()
ptrace$cont(0x18, 0x0, 0x2, 0x84)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{0x2, 0x7, 0x7f, 0x4}, {0x5, 0xa2, 0x6, 0xfe0}, {0x20, 0x7, 0x2, 0x6}, {0x5, 0x1, 0xff, 0x3}, {0x80, 0x5, 0x3, 0x2}, {0x3, 0x1, 0x3f}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:10:04 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a18", 0x9d, 0x4)

00:10:04 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401001110000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2477.295806] audit: type=1326 audit(1716336604.552:3914): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2477.297853] audit: type=1326 audit(1716336604.552:3915): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2477.298141] tmpfs: Bad value for 'mpol'
[ 2477.299806] audit: type=1326 audit(1716336604.552:3916): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2477.307056] audit: type=1326 audit(1716336604.552:3917): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaa9c27 code=0x7ffc0000
00:10:04 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 92)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:10:04 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:10:04 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a18", 0x9d, 0x4)

00:10:04 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401030010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401080010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:04 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:10:04 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a18", 0x9d, 0x4)

[ 2477.450087] FAULT_INJECTION: forcing a failure.
[ 2477.450087] name failslab, interval 1, probability 0, space 0, times 0
[ 2477.451853] CPU: 1 PID: 50346 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2477.452904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2477.454154] Call Trace:
[ 2477.454572]  dump_stack+0x107/0x167
[ 2477.455137]  should_fail.cold+0x5/0xa
[ 2477.455725]  ? anon_vma_fork+0xf1/0x640
[ 2477.456328]  should_failslab+0x5/0x20
[ 2477.456920]  kmem_cache_alloc+0x5b/0x310
[ 2477.457550]  anon_vma_fork+0xf1/0x640
[ 2477.458123]  ? __vm_enough_memory+0x184/0x360
[ 2477.458802]  copy_process+0x7218/0x7800
[ 2477.459442]  ? __cleanup_sighand+0xb0/0xb0
[ 2477.460122]  ? lock_acquire+0x197/0x470
[ 2477.460789]  ? find_held_lock+0x2c/0x110
[ 2477.461464]  kernel_clone+0xe7/0x980
[ 2477.462070]  ? lock_downgrade+0x6d0/0x6d0
[ 2477.462739]  ? find_held_lock+0x2c/0x110
[ 2477.463390]  ? create_io_thread+0xf0/0xf0
[ 2477.464066]  ? ksys_write+0x12d/0x260
[ 2477.464704]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2477.465495]  __do_sys_fork+0x8a/0xc0
[ 2477.466102]  ? kernel_thread+0xf0/0xf0
[ 2477.466743]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2477.467575]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2477.468397]  ? trace_hardirqs_on+0x5b/0x180
[ 2477.469113]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2477.469932]  do_syscall_64+0x33/0x40
[ 2477.470531]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2477.471353] RIP: 0033:0x7f4f720b0b19
[ 2477.471945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2477.474787] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2477.475936] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2477.477002] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2477.478061] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2477.479121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2477.480180] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:10:04 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:10:04 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401040010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401090010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:04 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:10:18 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 93)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:10:18 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x1a8)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:10:18 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:10:18 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a18056926", 0xa0, 0x4)

00:10:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010a0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:18 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, 0x0, 0x0)

00:10:18 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401050010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:18 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2490.834340] FAULT_INJECTION: forcing a failure.
[ 2490.834340] name failslab, interval 1, probability 0, space 0, times 0
[ 2490.835827] CPU: 0 PID: 50601 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2490.836730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2490.837791] Call Trace:
[ 2490.838139]  dump_stack+0x107/0x167
[ 2490.838615]  should_fail.cold+0x5/0xa
[ 2490.839109]  ? create_object.isra.0+0x3a/0xa20
[ 2490.839704]  should_failslab+0x5/0x20
[ 2490.840193]  kmem_cache_alloc+0x5b/0x310
[ 2490.840731]  create_object.isra.0+0x3a/0xa20
[ 2490.841299]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2490.841957]  kmem_cache_alloc+0x159/0x310
[ 2490.842495]  anon_vma_fork+0xf1/0x640
[ 2490.842984]  ? __vm_enough_memory+0x184/0x360
[ 2490.843563]  copy_process+0x7218/0x7800
[ 2490.844101]  ? __cleanup_sighand+0xb0/0xb0
[ 2490.844638]  ? lock_acquire+0x197/0x470
[ 2490.845165]  ? find_held_lock+0x2c/0x110
[ 2490.845691]  kernel_clone+0xe7/0x980
[ 2490.846171]  ? lock_downgrade+0x6d0/0x6d0
[ 2490.846699]  ? find_held_lock+0x2c/0x110
[ 2490.847221]  ? create_io_thread+0xf0/0xf0
[ 2490.847757]  ? ksys_write+0x12d/0x260
[ 2490.848256]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2490.848891]  __do_sys_fork+0x8a/0xc0
[ 2490.849380]  ? kernel_thread+0xf0/0xf0
[ 2490.849895]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2490.850563]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2490.851227]  ? trace_hardirqs_on+0x5b/0x180
[ 2490.851783]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2490.852448]  do_syscall_64+0x33/0x40
[ 2490.852937]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2490.853592] RIP: 0033:0x7f4f720b0b19
[ 2490.854072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2490.856404] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2490.857385] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2490.858296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2490.859203] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2490.860113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2490.861029] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:10:18 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, 0x0, 0x0)

[ 2490.930516] kauditd_printk_skb: 5 callbacks suppressed
[ 2490.930531] audit: type=1326 audit(1716336618.185:3923): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50596 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2490.935021] audit: type=1326 audit(1716336618.191:3924): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50596 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:10:18 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:18 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a18056926", 0xa0, 0x4)

00:10:18 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401060010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010b0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:18 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file1'}}, 0x10)
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x2, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2491.104034] audit: type=1326 audit(1716336618.360:3925): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.107387] audit: type=1326 audit(1716336618.364:3926): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.113124] audit: type=1326 audit(1716336618.369:3927): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.118686] audit: type=1326 audit(1716336618.374:3928): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.135105] audit: type=1326 audit(1716336618.383:3929): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.144026] audit: type=1326 audit(1716336618.383:3930): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.153246] audit: type=1326 audit(1716336618.383:3931): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2491.168138] audit: type=1326 audit(1716336618.384:3932): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=50890 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:10:33 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401007410000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:33 executing program 0:
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x80, r0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xcb8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xf6b}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7f}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffe01}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0x101, 0xc1, 0x1, 0x5}, {0x75e, 0xff, 0x5, 0x9}, {0x8000, 0x6, 0x3f, 0x7}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:10:33 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 94)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:10:33 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb62"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:10:33 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010f0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:33 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401070010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:33 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a18056926", 0xa0, 0x4)

00:10:33 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, 0x0, 0x0)

[ 2506.670753] FAULT_INJECTION: forcing a failure.
[ 2506.670753] name failslab, interval 1, probability 0, space 0, times 0
[ 2506.672698] CPU: 0 PID: 51055 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2506.673816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2506.675126] Call Trace:
[ 2506.675554]  dump_stack+0x107/0x167
[ 2506.676147]  should_fail.cold+0x5/0xa
[ 2506.676770]  ? create_object.isra.0+0x3a/0xa20
[ 2506.677527]  should_failslab+0x5/0x20
[ 2506.678131]  kmem_cache_alloc+0x5b/0x310
[ 2506.678787]  create_object.isra.0+0x3a/0xa20
[ 2506.679489]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2506.680314]  kmem_cache_alloc+0x159/0x310
[ 2506.681012]  anon_vma_clone+0xdc/0x590
[ 2506.681656]  anon_vma_fork+0x82/0x640
[ 2506.682275]  ? __vm_enough_memory+0x184/0x360
[ 2506.682996]  copy_process+0x7218/0x7800
[ 2506.683667]  ? __cleanup_sighand+0xb0/0xb0
[ 2506.684350]  ? group_sched_out.part.0+0x1a3/0x2e0
[ 2506.685167]  ? finish_task_switch+0x126/0x5d0
[ 2506.685897]  kernel_clone+0xe7/0x980
[ 2506.686501]  ? create_io_thread+0xf0/0xf0
[ 2506.687161]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 2506.687868]  ? trace_hardirqs_on+0x5b/0x180
[ 2506.688557]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 2506.689296]  ? finish_task_switch+0x126/0x5d0
[ 2506.690029]  ? finish_task_switch+0xef/0x5d0
[ 2506.690727]  ? __switch_to+0x572/0xf70
[ 2506.691342]  ? __switch_to_asm+0x3a/0x60
[ 2506.691993]  ? __switch_to_asm+0x34/0x60
[ 2506.692661]  ? __schedule+0x82c/0x1ea0
[ 2506.693307]  __do_sys_fork+0x8a/0xc0
[ 2506.693902]  ? kernel_thread+0xf0/0xf0
[ 2506.694529]  ? io_schedule_timeout+0x140/0x140
[ 2506.695257]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 2506.696001]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2506.696836]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2506.697705]  ? trace_hardirqs_on+0x5b/0x180
[ 2506.698403]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2506.699222]  do_syscall_64+0x33/0x40
[ 2506.699814]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2506.700618] RIP: 0033:0x7f4f720b0b19
[ 2506.701231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2506.704135] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2506.705372] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2506.706505] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2506.707634] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2506.708765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2506.709915] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:10:34 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401007a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:34 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401080010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:34 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677", 0xa1, 0x4)

00:10:34 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500), 0x0)

[ 2521.313854] kauditd_printk_skb: 20 callbacks suppressed
[ 2521.313873] audit: type=1326 audit(1716336648.570:3953): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51277 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:10:48 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 95)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:10:48 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x29, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
ptrace$cont(0x20, r0, 0x2, 0x401)
chroot(&(0x7f0000000100)='./file1\x00')

00:10:48 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500), 0x0)

00:10:48 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb62"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:10:48 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401100010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:48 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401090010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:10:48 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677", 0xa1, 0x4)

00:10:48 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000011000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2521.330227] audit: type=1326 audit(1716336648.586:3954): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51277 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2521.353219] audit: type=1326 audit(1716336648.603:3955): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51277 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2521.353802] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2521.369361] audit: type=1326 audit(1716336648.609:3956): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51277 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2521.370464] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2521.377535] FAULT_INJECTION: forcing a failure.
[ 2521.377535] name failslab, interval 1, probability 0, space 0, times 0
[ 2521.379441] CPU: 0 PID: 51358 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2521.380602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2521.381972] Call Trace:
[ 2521.382404]  dump_stack+0x107/0x167
[ 2521.383000]  should_fail.cold+0x5/0xa
[ 2521.383619]  ? create_object.isra.0+0x3a/0xa20
[ 2521.384376]  should_failslab+0x5/0x20
[ 2521.384998]  kmem_cache_alloc+0x5b/0x310
[ 2521.385663]  create_object.isra.0+0x3a/0xa20
[ 2521.386385]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2521.387218]  kmem_cache_alloc+0x159/0x310
[ 2521.387892]  anon_vma_fork+0x1ff/0x640
[ 2521.388533]  copy_process+0x7218/0x7800
[ 2521.389225]  ? __cleanup_sighand+0xb0/0xb0
[ 2521.389930]  ? lock_acquire+0x197/0x470
[ 2521.390594]  ? find_held_lock+0x2c/0x110
[ 2521.391253]  kernel_clone+0xe7/0x980
[ 2521.391843]  ? lock_downgrade+0x6d0/0x6d0
[ 2521.392481]  ? find_held_lock+0x2c/0x110
[ 2521.393129]  ? create_io_thread+0xf0/0xf0
[ 2521.393806]  ? ksys_write+0x12d/0x260
[ 2521.394440]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2521.395225]  __do_sys_fork+0x8a/0xc0
[ 2521.395818]  ? kernel_thread+0xf0/0xf0
[ 2521.396477]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2521.397337]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2521.398171]  ? trace_hardirqs_on+0x5b/0x180
[ 2521.398869]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2521.399703]  do_syscall_64+0x33/0x40
[ 2521.400307]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2521.401157] RIP: 0033:0x7f4f720b0b19
[ 2521.401757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2521.404704] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2521.405936] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2521.407081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2521.408217] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2521.409369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2521.410507] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:10:48 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401110010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:10:48 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010a0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2521.444721] audit: type=1326 audit(1716336648.609:3957): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51277 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2521.466902] audit: type=1326 audit(1716336648.615:3958): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51277 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401480010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:03 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
r2 = fork()
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
ptrace(0x10, r2)
ptrace$cont(0x9, r2, 0x68c, 0x0)
syz_open_procfs(r2, &(0x7f0000000080)='attr/sockcreate\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:11:03 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677", 0xa1, 0x4)

[ 2536.235635] audit: type=1326 audit(1716336663.492:3959): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.238871] audit: type=1326 audit(1716336663.492:3960): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.247126] audit: type=1326 audit(1716336663.493:3961): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:03 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb62"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:11:03 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000012000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:03 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010b0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:03 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500), 0x0)

00:11:03 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 96)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

[ 2536.270716] audit: type=1326 audit(1716336663.494:3962): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.292247] audit: type=1326 audit(1716336663.494:3963): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.295089] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2536.312376] audit: type=1326 audit(1716336663.494:3964): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.314098] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2536.320914] FAULT_INJECTION: forcing a failure.
[ 2536.320914] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2536.322968] CPU: 0 PID: 51655 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2536.324122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2536.325510] Call Trace:
[ 2536.325958]  dump_stack+0x107/0x167
[ 2536.326568]  should_fail.cold+0x5/0xa
[ 2536.327215]  __alloc_pages_nodemask+0x182/0x600
[ 2536.327990]  ? lock_chain_count+0x20/0x20
[ 2536.328684]  ? SOFTIRQ_verbose+0x10/0x10
[ 2536.329379]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2536.330400]  alloc_pages_current+0x187/0x280
[ 2536.331148]  pte_alloc_one+0x16/0x1a0
[ 2536.331790]  __pte_alloc+0x1d/0x330
[ 2536.332411]  copy_page_range+0x1b62/0x3810
[ 2536.333164]  ? up_write+0x191/0x550
[ 2536.333776]  ? vm_iomap_memory+0x190/0x190
[ 2536.334474]  ? downgrade_write+0x3a0/0x3a0
[ 2536.335201]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2536.336117]  ? __vma_link_rb+0x540/0x700
[ 2536.336809]  copy_process+0x759b/0x7800
[ 2536.337524]  ? __cleanup_sighand+0xb0/0xb0
[ 2536.338236]  ? lock_acquire+0x197/0x470
[ 2536.338905]  ? find_held_lock+0x2c/0x110
[ 2536.339599]  kernel_clone+0xe7/0x980
[ 2536.340226]  ? lock_downgrade+0x6d0/0x6d0
[ 2536.340895]  ? find_held_lock+0x2c/0x110
[ 2536.341586]  ? create_io_thread+0xf0/0xf0
[ 2536.342294]  ? ksys_write+0x12d/0x260
[ 2536.342943]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2536.343760]  __do_sys_fork+0x8a/0xc0
[ 2536.344384]  ? kernel_thread+0xf0/0xf0
[ 2536.345051]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2536.345919]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2536.346769]  ? trace_hardirqs_on+0x5b/0x180
[ 2536.347486]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2536.348325]  do_syscall_64+0x33/0x40
[ 2536.348937]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2536.349793] RIP: 0033:0x7f4f720b0b19
[ 2536.350422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2536.353372] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2536.354642] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2536.355820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2536.357002] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2536.358196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2536.359387] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:11:03 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010f0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:03 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x0)

00:11:03 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{0x0}], 0x1)

00:11:03 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000018000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84014c0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:03 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401100010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2536.512069] audit: type=1326 audit(1716336663.768:3965): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.515543] audit: type=1326 audit(1716336663.768:3966): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51610 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.559563] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'.
00:11:03 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 97)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

[ 2536.578239] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'.
00:11:03 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:11:03 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0xa4901, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000180)={0x0, 0x2, r1, 0x8, 0x80000})
r2 = fork()
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
ptrace(0x10, r2)
ptrace$cont(0x9, r2, 0x68c, 0x0)
syz_open_procfs(r2, &(0x7f0000000280)='net/sockstat6\x00')
sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x10, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044040}, 0x5)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r1, &(0x7f0000000f80)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000480)={0xa94, 0x0, 0x20, 0x70bd2a, 0x8, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_FUNC={0x610, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x1f}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x250, 0xd, 0x0, 0x1, [{0xae, 0x0, "8891ec145693d21bc13788b815ba32834fd8b507f272dc20963b97e8d790ad74026c39bde9e2a91f11a8e6a5a48d392ca3b84068ac73c4ccdbf9569cc17c0544b7395430fecb79517a4222e16846e5e83d40dfd76e0e946a23daadd9863c22c9843d16c0919179bc8f1cd7074632fa0083a95294a612541eace874b7125c46934c21c94298a886dafce6e1b14ecf24f64af0ce7563a75b1b2dc162541890a71fefedf0beebc8090946a6"}, {0x31, 0x0, "201310f508fee90a27a96636b1859c1e0af01975130e813cab6d3d5359d55e0c17b5fdb961f50d3b5f622fe818"}, {0x4}, {0x8, 0x0, "55e371cd"}, {0x8d, 0x0, "4d4652cadc3f9812b1302bf56fad01c9a670aa4faa1323f0813dd244373ed32ff0836a4ae43dd8047d5d21777047c7071f2e82e40a6566024b405f218dd1df351919a830a50263837b6140410c21c56f87ef85047777ec839dc3b0486b936cba969ca2b4854cf816aca544a4260b0814e7275e8b17c728ba8086381acb8d74d05692c3225f24886749"}, {0xc9, 0x0, "59ce6d1c01002ad56f6594665f8f2580936fe0169070096e06f935434c622e92c83780c0dbe5fd9ef059151ec2690627360e9611481832c8a43ce79da5d85465346b977afa79eca179a19a64d5ae882df6012a32e7a02c2a71addb7b857e1579b4d8cc5fc8d88f1a15b7a7c5cac33f0437ae07cded890fc595841532593634a22bca91d9c4c55878a4254b976990fdc5d094071846eb694e26ffe3de7e11582dac8aace60a8859a72a554150b4681673afe13776c99f6a8fa93fdc843f4dc5876dd9b79e06"}]}, @NL80211_NAN_FUNC_SERVICE_INFO={0x6c, 0xb, "8121a185ee7373ad19f6d9232f6470f6f44916422788b70b181e14d7e32efdbae13d8b63c0dd657d89a34950bb1d20f15b3ae9d2c3cb810c41cea778f1f3bd4336ff8672255d6aac9d9a3c418dbcfc51a185d8261a6ac06fd4e7587377662dca7577b174c0a0b353"}, @NL80211_NAN_FUNC_TX_MATCH_FILTER={0x340, 0xe, 0x0, 0x1, [{0x9f, 0x0, "f0424a0093d32808a9c34161cb0475ad1f865f35ef41cd8e1ffff6974e83d88cc1e474894d4bfb2938d5b04caac25d36cde49eaa23bd2e3d3b367630e569271edcd0ab579df4beac74d8cf9fcabb3913e6bacf4bdda2ceccc34182cbceb1ce1b159ae4db85208e59f9eb8bd26c2031d7e7b639c440aaa06c7e66e28ab87039ccfc276262e2195ebaa46fe58cb0aa4d838acb11bb200a69e2fd04ad"}, {0xa1, 0x0, "d2694ac711303d1e86d10a7716f6749baec9243999ac726cf5e31d9c71f95b9e4581e85db9e6a5e7cae38cef89b0dcabf2d19154027af3718470c54909b933ffde09a68676f829d4e1992037fff1d62790bd5c1c75c9cff00d68ea94fdb81b8d39d38a5fd9d34bb77a7bc6b3e1b40a98296412a19257f6872d322b8b6ee4a31e727854cc51f041f7638f658afdae13fd0c5554559fdebb04973fcee58f"}, {0x9a, 0x0, "1c1e6bfea22bdc2c8f8b4fa8d32d4612df4168e50cf0741914b63d70948d781b2567c5d81cbb6e3ce31d2fa46056490c9c0e0d6cc1ba846b98674ef19f46509b8e062309832f86941e8a4f823479d034d56a30cfa36e803af4fabf09e08126b596a294e4cfc15aa129f9df03b4d663a3fe52e0571ba76dadd0ed559407ccc95b54d120a435cb141f395eec25627112f46320d3838510"}, {0x77, 0x0, "c9fda23260ab49f308385f0c1ad9be2c37de9c8100aa2b74e96bd7eed77244666361cc1cd9d39e44fd81da092b7cc2782bb5d56e765eed20b638c8411dc4176effd5fcf4634de5645ed803c8fbd9a47c61a1e75471ffc7f2af5bee94fecba618baaa649f922e7b6f0a9f2bd87f98415cf624ef"}, {0xe3, 0x0, "0bb1f6370f870c7b1c43c3709013721590eeb6b4b67be0bab21db313d85015a892663bba64d431a00830213bbd95ea590896f98f34b7422aab286c2bef45b2c35246be66fcc404f376a111497c8b735fee7b184650d9beb5f81dc63cf501744563b19303dd6df8abad1fca70477f83736eb11592f97f3c0e866bef82021f957cc010b432f6aaf1cf25f25f987556453a323e2a805c00d212c04c886d431bcb535cea3564ba6273e205d5b105cbc7bc5bb208f2a9f94f883adbff109641126d4bb66a76be26c7edbbd3cafa5757d318d4c69d03accd0c4ec74baac8ce85b750"}]}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x4}]}, @NL80211_ATTR_NAN_FUNC={0xb0, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TX_MATCH_FILTER={0xa4, 0xe, 0x0, 0x1, [{0x39, 0x0, "cb97eee13b22fbaea3453efaac93c31495fa78835dc28ba021642bc32c71fec368c186b46d288331a6ca0c181be9df41e9c45ed190"}, {0xa, 0x0, "ea89caca20ee"}, {0x41, 0x0, "76901235c8150c2d395e1a47394f37f103480db0b0667e22eaf58814acc6a4e72329bef3586cdff0325b07172e498595e1615dc64c611e1fd0e7fa9c9d"}, {0x11, 0x0, "558cf0342935802b60cd2eadcd"}]}, @NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x5}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x3}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x16c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x5}, @NL80211_NAN_FUNC_SRF={0x160, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "14765a759f7ae6a41d42a7c86bea12331281827e96f784b4131e45dcefba77a79b59d61477ce358017c5eddc2879cfab5897b7dc774d4c711a3c4ce1809b266c5f2bf47214faf99c2ff9bafe14f69af3a0c61903d80f858cc1af4ef1d32179c1d89df30449361531679783a8d076689504a210e116c383be4a664626022b30975161d81ec896c6078c8a18a6cfa50b82406740e5add1a0773d5d3e38324bdaedbc625cb53272020430f08a1578379cd484472294a6ad3bc2ca4cfc996e32770559b39dd983a4199ba5cd2d3f266cf7af95862eb86a376e8b79561af9abcfc3cc95e5be56940c5474701515e83f1ee13f7590f6e80f3e320bb8f9ba7e683e78"}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x6}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x40}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x3}, @NL80211_NAN_SRF_MAC_ADDRS={0x40, 0x4, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa}]}]}]}, @NL80211_ATTR_NAN_FUNC={0xdc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TTL={0x8, 0xa, 0xa5ac559}, @NL80211_NAN_FUNC_TYPE={0x5}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x7}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x7f}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0xa8, 0xd, 0x0, 0x1, [{0xa4, 0x0, "a0d15684dc7c1160522d88c6c7edd5ff836f5ba6e16eaae63721faa1f0b4d59d60d4fe615ef56ec53ba27d4850c13a14d3a8c1679af0c0ba01c3d36d3e187f8eceb4f5dac38ae45db298a9dd66e19c620c73e89600209bdc280214d47df0e37e68f97276f94fab0ba4cf38a2bfc4a2b46717857fa7dab0481d42b98074331308a94c1d21013a15fc3812fd113aab55802943165561553e8f9ce0c505c58d3280"}]}]}, @NL80211_ATTR_NAN_FUNC={0x12c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "fc0c18cfede5"}, @NL80211_NAN_FUNC_SRF={0x11c, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_MAC_ADDRS={0x10, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_BF={0x103, 0x2, "99e8cac6377d3c84d68a5f06f4f5462689a4aa4b1b38c752294356ccef6df879ddbd175208a0761ff7753b525a76672c89d3ceaf54115fa5689a60c04fd5a75d8a176e07d79ca26aee88ccfd331f5fa4b276d1bbcdc11dba8c66d24866011ca848b25ace9a9058b06cda313c71e917da3eede32d4d28493eb28e223d9445db0c83d804c927425b0e8d2d28003fe208f17e79cff7a6e06666c2de5332ac25dec80247fec07903846752da49dbbbe22705886139b7fcbc0518e97a691ca63cd78fc93a1b4e2151f1c42a7470aed19681cee927d67fd820ae51d7fece58cb5e782b0b042b22b986f2973225a55084f7fef3f76744865a663cbdf2f28b00a06403"}]}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x20}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x24, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x8}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x8}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x40}, @NL80211_NAN_FUNC_TYPE={0x5, 0x1, 0x1}]}]}, 0xa94}, 0x1, 0x0, 0x0, 0x40000}, 0xc081)
ptrace$pokeuser(0x6, r2, 0x40, 0x7)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
write$binfmt_elf64(r3, &(0x7f00000001c0)=ANY=[], 0xfdef)
write$P9_RRENAME(r3, &(0x7f00000003c0)={0x7, 0x15, 0x1}, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:11:03 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000020000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:03 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401110010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2536.717875] FAULT_INJECTION: forcing a failure.
[ 2536.717875] name failslab, interval 1, probability 0, space 0, times 0
[ 2536.719855] CPU: 0 PID: 51915 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2536.720979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2536.722315] Call Trace:
[ 2536.722751]  dump_stack+0x107/0x167
[ 2536.723348]  should_fail.cold+0x5/0xa
[ 2536.723978]  ? ptlock_alloc+0x1d/0x70
[ 2536.724608]  should_failslab+0x5/0x20
[ 2536.725237]  kmem_cache_alloc+0x5b/0x310
[ 2536.725911]  ptlock_alloc+0x1d/0x70
[ 2536.726506]  pte_alloc_one+0x68/0x1a0
[ 2536.727128]  __pte_alloc+0x1d/0x330
[ 2536.727729]  copy_page_range+0x1b62/0x3810
[ 2536.728478]  ? up_write+0x191/0x550
[ 2536.729074]  ? vm_iomap_memory+0x190/0x190
[ 2536.729769]  ? downgrade_write+0x3a0/0x3a0
[ 2536.730461]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2536.731344]  ? __vma_link_rb+0x540/0x700
[ 2536.732014]  copy_process+0x759b/0x7800
[ 2536.732712]  ? __cleanup_sighand+0xb0/0xb0
[ 2536.733421]  ? lock_acquire+0x197/0x470
[ 2536.734081]  ? find_held_lock+0x2c/0x110
[ 2536.734750]  kernel_clone+0xe7/0x980
[ 2536.735368]  ? lock_downgrade+0x6d0/0x6d0
[ 2536.736038]  ? find_held_lock+0x2c/0x110
[ 2536.736704]  ? create_io_thread+0xf0/0xf0
[ 2536.737395]  ? ksys_write+0x12d/0x260
[ 2536.738025]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2536.738824]  __do_sys_fork+0x8a/0xc0
[ 2536.739445]  ? kernel_thread+0xf0/0xf0
[ 2536.740108]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2536.740960]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2536.741801]  ? trace_hardirqs_on+0x5b/0x180
[ 2536.742505]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2536.743347]  do_syscall_64+0x33/0x40
[ 2536.743961]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2536.744803] RIP: 0033:0x7f4f720b0b19
[ 2536.745431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2536.748398] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2536.749644] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2536.750800] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2536.751962] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2536.753121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
00:11:04 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x0)

[ 2536.754273] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
[ 2536.758194] audit: type=1326 audit(1716336664.014:3967): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51931 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2536.762582] audit: type=1326 audit(1716336664.019:3968): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=51931 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:04 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{0x0}], 0x1)

[ 2536.800957] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2536.811287] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.1'.
00:11:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401680010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:19 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000028000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:19 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 98)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:11:19 executing program 3:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{0x0}], 0x1)

00:11:19 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x0)

00:11:19 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:11:19 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401480010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:19 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
stat(&(0x7f00000013c0)='./file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0xee00, r1, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext2\x00', &(0x7f0000000300)='./file1\x00', 0x7, 0x1, &(0x7f0000001340)=[{&(0x7f0000000340)="a6a454bb60bbb6eec72cb70875edd475d8158b4c9ee3d8f52360fb7c29d645601e6f714aa2f458912b7c1d3cd93022a051ec7dc01aad4dd65abebb665e7d30f612ac364f77c21e4d14b333e4da5c0f6c7ff9bb8a7ada12a2d5bc41f6930576a21c0832fd3b025e4810499ab35b0fecc32e341784da35ab0b74d3780bf6876dab5ba4bf6ea6740440671b9825b0a7bf7c5f272d0792e404ce9dbf39d78352cac95614fcce62f87e7a56234530917e1bcab4ea2d70638696cfda70345519e5f44e145ca8deeecfeaad7503a549137fc2c68d8c9dd67a2514c1076661ecd06b956bcab296da4f63069e99c3fe46f85d061e7d7831b6d73dfe5b0c89477d288018e2f2ce531c8e45bb8631317945931a5b0625480e43442db8ea0e27d1697e46a9a136f6d018b3712b3ff63f08432e83a4e0f0771fde24d430c97a42575c29bd5e70c99b2b304e3ceae21c36cb3e3e624758396dbac37c9fc25e2f1da4b15da954b64de6607d69ce0dbec8b384443e91c6f0a5a07084d884dd192b384f221494c6e980334d01ff445152484c63414611d68efd4c69eae31622d6d7e9e9814c8626989c0d790505613cd02d16ea45dbae75835049ab2ff30849037255163c97d6047631f0a72062ee863734ddbd6fa5a33f5df886c90ae61dfd5bf01a8a09f33a7c94b50582a01544fd47c85d63aa99b99c3f7599db3583684164a4cd486493d52c4d52a7207b79d8f8dfaba626287c3c381c1108acd6d66ea62eb0e15c2e40222aab1f2538d351113fd825715392b3cfd894e5e801dc52629cf6c45f794ef64461a6f2afd9218a256953e46e9709c5b79ecd1e7e8f102b859875fed7b277936decedfc8d291b7f338e8a8be625199e321e2ccbd832fe6142c3301ec32fae1a83f1e56017ea13783016089648742853373517d6fdf367ae4c1aac1104b2c1bf7707e83a339be0ac026337890acdc3de5bf3a6925897f3df1803118c6f0d7e4a5251918c8246e7315150594d0c08714b849a33aa497582550efafb0aace9b3f7124f9a02b8f56f7fea5d647688403bb1b3b7dcbce20c158519139b060235e7fd6482f35472683e2d02e29887e9fedae2aea0e0387f18830110a8d250dffb400e708a4d78b9e79aa6c11c1c31562b6fad02e8b837bcfbb3f966d3463f875d23fd483aa3477bc3513f590136b9c3a671acfd63de1f2466b05e888176dd2cecbf8ade99909c719a1e55e70bcaa6771c4592ee7412360bd06d49371d9cb15c50a45f48d455229bf1e66f8d81ba6f27065d31be64e25c80f50ee7a9fa904beda59ee5b1a7ffb3012e42a4992f36e2dc43f02406cf4056f5f718806f6093552ebc2a6c3212418cf2d601c2ecd6cbc511b34b0f1143f632fc071f6c0f6a7c919c2f1d06126d1a67f84b74c6a66042476eee2fc5cda14ce76ba2d986a2c1354d600a8cc2d84b54e936e71276c1ea40b2f147109672e7d33c00a15b46760655ee9d2696b0e724d1d1df9f7a718847dcb00d4ea1e34ece83d442c4ceb7a31c0c36bc601eaa2a979ebdba5d10f7f6ad9ba4a232f7dc9a87b03d23b146b981bda50301273a46d84bb5863f9fdf8957682c1c035469fbc3fbaa994948718dfb15bcac02a55d67bc9a93376edf227f880f430d04ef037338ddba3e247843480c83461ae875fda29265569135a17f3451fddeffe2f76a55837ec67d431259c73d0e2d0e9553d65e10f4ccce8011764c0ef9eb7a7a475a5c8b5fdd19bff13843851cf58ff4bfcecf01f6a30e1c0f804f821700c406c582543c2a44185a60f9c1e1537246f92faea7ccb6dc80834c4fdcead94b3f1a23e8e8b57edeac812ac72a7ad377b0c0709263e704745683e7d3ac97d05361f70f721a4a1acf1b4661f4886b83518999c146b333e9d03bcab244b91508939577f711d161065481cacfe32a0a92b49ed9892f5b5f8ddc22a561de499c19448f02db0ae8e7b983359ec3a1ef3229b80b184463da8511746481e3ef32a9174712d87252605075d2503321d88852ce4ecb6b28ed4caedc24360176b89c4a423d09c05a21fa0571857bf8e60008b5c7da0beca28149ef131b3818616740d308b4a42adae5c5d2232ad79fed5aad6aaaab48ca1fa7a331e182790ba660c5c43f8c1c9552f18d33e35223032bf72a491363ee69a4aa33fc3cdd46469d0593f018354e89ea54b4760d0dd2779cccbe3c7e2f79fb45901bfaf60bd08382ecb301459888630b7fa3a6de36705da253e2171362f090141684886481c866ba279be9adcac077c98614547fd03cdea438e67a4b55f39f03bae91db5ef8b68dd46a4154b45a6e5ea20a14332cadcc401a8554ff108e2b6988cf10db88a62d4193429370edac55ab928b1a909e5b6294f9b934fb54e0473f71d7cf8ee328cae4319cf35ee72f1fd620587d45e1947e7482f395af0463f31faa1fa45bbf8c51ad8705770e1e4de60569d44449aac64808aee63568fb4b74a8842a25f665a98b7c16de3bdadb8b038ce93e080eb1fa6f14eee6d490a5a749293f584f28a7587c583604927281346e5d4fa2eb2c2ba21589f6542a11d26cba2604965a843dc8de3eee8dbb828f8aac056a21c7ad810cbc1bbc672d0f6d58c4831db81994aec5380def2d5fa18d869b5126953afcc7ddc29607b08ee5bf4c4ef257053ca30ff54892d8023c0c58a701687ec6f68fb6271b53008c0778cfb0516774e07a5b7884dc397ad3f26a353fff128b2d70cddd4d1c4c9a1a0ac88987487a06c5b9a7a44b0686d08b19be24bc5fc84c97e834c6ffd5c916e2362e98c4c7b2cbd6515b080bfa9c591cc529e7f481b3be388b3c9f09788bcc8a28128edfc22c3302355b8fe2d4870bc977b9da28d2a9de8931732b68dba9049bfb10c7823d9251a41bca421201da9eb39af86141bcfb48dfaf678056e6ec58c15100234ffe8661de942cdfad382bfe0384a56c250a588251b88d31b7b7b3e9c52866370c3c968f9d3fdfc521b7122818ab25c136adf39bf0e64eb6ef07f77083ce95e06420d5f46658f8c12c3792ef46c2024aa7daf44dae761d80277f055ecbda1ef3e86b5a7a2e76674cce5f4a1e3090610145f11951bf5e5dc28e6ef177ac5538893e31408ad3b3b8ea63b8ceb648b4e77490f3d0db4c1da6ab62354a15482fcf1d6eac9b66ee63473d7d8daa236836fa78f72369bce0098e08c45c0511be1bd5b8036e0a72cf1413e2bc4b0bce5ffb15bee47b54a74d92c3b6f287de4030c4dc9a11584471ae0814abe64d1d35f7fae24fe7685deadee9fd5ec08694ce34629f5c6451670aed3b5ee3d2046de1cfcf7f4e0945586ab6283ef327b5d712336c8ff0e0cd9e82b8582e26bd23de8215a003e13a8925c487abe1da3436a608fca950cd1a6fdd4beb199da733374dfc02f65fca4ec16088ef8274aad6a63de71958947ef4dddf8a9832b3d65e665d931a4e59999ffdd58c31dbf773f8ea0ba14b300db9c5d91ec17b43fd12fa8c4e2ed75dd2bf148f67d5b5c07b96acf9c07f453e6423c3835ae607ff2dabf3f51d5c414488761ec72b526d7e296e48d08e262ae0f6aaca5ea84a374b8212d4fdc6e914185105a725e937e39ce150fef8e525d928849cf75e822a60e5371ecd79685959fef998f9e9a4dc69d2df1481bf640f6c1693b7079a24344c39f209595cefa1936e4a93de180f9f8629ca685c5dc0e809d25e4f0035885a9011b821d7aeb1a099ed46b8c38a9c17b43b73870266286a8d3667961edcead9e041ee03ec0ed56993f51a927a05a8bceb42a9e48e1f900f4d13299fb8d5234f1d0c6211d302a4317bbec4b9895d50314315646b9e125012cb708565d6267d72bc11a1193b1b02245c61014467c9650fb7ba0adc1ae20cd1ed6d3e46dffa83ce3ebe91a7ce4fd9073157891c0eb7c1096c157f551b0953e926503870e1794159d8d4bae7cd92fecec69be24cabe3b05798850e0071d665733e4ca18f46f7b0ccebac775519bdbf3ddab09d1590d839de480790a944179ea089290c58359540834fa1005ca22be2cc36669f8ada7157143dca32b6555e7e9dcd69165df1e88adeb39a0c86b3682c20e31f9132ca64ecc5fd53d8aaa9a5eef26566876801080c4a2fd8e769d42f9c20657f765efe7cb7b9b3eda0be8a70dd19cc23417ef3d10095f84a367bf8fbf15fcecc6122e5113fe9774bff99d7aa14d7adfbbfa58717d01889613c219f6ca475b2cf51cfeefbfb051eadfbd55fe1140ecdad3e1ba43505502945614e1368de1fd83d278d0840836350a359784dfc36e25fd5c67de9ee32693c1ffbddbb789c6e277ff9d86eb6f58325c048b3d1d9343a0ed445a815caa52b9b95a8088ccff53cc100fbb61ebecd769d6733144eda3d047c4ed450a8ebbe41dd65b394ae6163efe501af1b2f50f7ae01691f593d20521dad3d0169e972cb8e5fcfdd07a42c3782a61e7ebd83eb107e6ba4fafb8f988df54967bc88915c9f4dbb2462962411ff48e15eff7141b5e4761d0eed6919482f0846f9268df922a103e3a5f6fa1b6a22607816b72f86f37096bfb2b282d9b9d40b321d0b71686d7bd00b2f7dc748894aaeb4f4a47330233f94440cf84e87c7c731ac2a65709cc9c5eb470cb1e7e4355aa7f3e84fa8115cf1f092c339ff5da3682b32f1cce0523b9f906fc2c52c7af23da2a1249f4fdb4a1f757ea07b89e00b9b67eebce5d00eec39b1a4c6e983ced3fd80ab0018ad618aca6ce5a671c2ea99a1d2a9ff47dbb0927d0c252f0ef16427d17e5bf55ae31879e51a574cbace9df24a9a402d72809460aac072bc50dcec2bff28a98f89bd4da9ca64136dc05eee19af65df479dc5a534a80c1ae2fa04b93ec658a5d67d4d60cb2ad7554bcdb6adb2b27871eda73506924924272d6b8f84fc04656ed683f0ff4036eece166c5c4899f7ffd98e64b90811d22420bc4965fb05dac71ad35fd5d645236923d3da176d378bb0153c6cb58b3c6d5f6d2b76cc6e13e83ca1228953fd548389c8e7cb3c58c14f16db4567338911e2ea4ac94f22eb5f0326e79424a1f1921506ec6f5c9cd69fc9ebae50ca1657bb52a8e6bac20ae684815e37307cc4cbf9e1586f90ac3974d2e2cb2dd91bcce276daf3a256e4952bc8a97a1fc17c401c3405ddaf8ea75cfd9b0a3144127344c14ad3212a532a66473a60721a39f5e14799f3d080cb6022a62065fdfcef379f77f2c565f9cb665d2ed3566076cb0dbc7472ab45635df738dee63342978a3716391f0cf83d08d06c1811a2a77a1108d695fe304a9d368698bfe709b1a270306d73bade96aeab2e0078801cae0e584be89428803dc92bb7c90e78fb242ed76bf1226592de9d9679fe296c706d0f14bdbe6b6fa28a6e5a8480149d2c2f25c7a072869e58673fcfd1d6a68b31c73d9274fe26f9b892acfd5c28dccf5a4543f3059d1f7d6210365a269526114e8ed052d3fa39874f96b5def959c2bdb63d789cb1199e91e538551188907ecf8ae6a37d712d19e4677dc6dc46423883f3dc7becb1de8bbbd4759074bb224f3b3dbb55d3624e8ee0c041c1a5dd0a71d2925f2ef009f4dd815b98a76a4f2f0693a100fe159ca92a325fbb1c7b8e50e6c0b5f06fce96ce4ef17ed074625f6b50a0649f37f26d4f802e396444e7d77e6e62abe2c4fca1ad3740beb2f6fe1362b4af0fb3312c2d8e173e1ef1f47f0a0c2a17f5ebf5ac1df12d4c24ab20c32070f7d4d1a0fa9c14ccbc4d3ce82a5b5d27b0ebd4e25ab659c440a493d9a7c9ea198c18f28b05a9c8afc2bd8d268d9c1c2a60ae7b1b45924b8d0ff92dd95ee653572", 0x1000, 0x5}], 0x100020, &(0x7f0000001880)=ANY=[@ANYBLOB="70726a71756f74612c6e6f75696433322c6e6f6d626c6b5f696f5f7375626d69742c6e6f646973636172642c6e6f6c6f61642c6e6f6e6f6d6263616368652c62682c6d61785f62617463685f74696d653d30783030a6a9f6d5883030303030303030303030303138d5b52d8edb33cb1712a7ef378a6858066a1086e07996a08f09dd6b6aaf602d0ea43453afbcaea884d5816c937ad06f2e30c680d87d29fab14084fb226a88a7181a6faa047af9c0d89223d3e6d52b805eaf7f4bce072e70e7f6c156bca2702372a5b87e36b405648b113f85e7602fc6b03201b90226f8d8e15dba1cda7e55fdcd77b9ed240279b2f053bb9a17c32324f27741bb02187bc41a78152982aa71ecddcecd2595f7f1d312730fa8f3d276ee98eb88eb13eee63914b4938384a5bb42d7eedbb861664d5201763d706f5b63d49377df56f790b56c9fc958021e2134a9642e40857ae4b68524aa7ef6517d5afc2c0addaf2a0000000000009881935c39b2f90e31a2467def503f8fe4fae3a02dd5a9c276cd24", @ANYRESDEC=r1, @ANYBLOB="2c000626addcbc58578ca061f57bf9b0b8b14000000000000000cb64fe8f8ecd728121f0fabfe4361265998174a0f8e1fae9217628d7cffa9d7b4857d43322899ef376a471f272427ef12a6269a68c93c8be5d094e757c3952"])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000180)={0x4, &(0x7f0000001500)=[{0xff38, 0x3f, 0x4, 0x1}, {0xcd, 0x6, 0x7f, 0x1}, {0x6, 0x44, 0x0, 0x4}, {0xbf5e, 0x4, 0x5, 0x9}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000008, 0x110, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r2, 0x0, &(0x7f0000001380)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x460}, 0x1}, 0x3f)
r3 = fork()
ptrace$setopts(0x4206, r3, 0x10001, 0x0)
ptrace(0x10, r3)
ptrace$cont(0x9, r3, 0x68c, 0x0)
ptrace(0x10, 0x0)
mount$bind(&(0x7f0000000080)='./file1\x00', &(0x7f0000001540)='./file1\x00', &(0x7f0000001580), 0x200000, 0x0)
wait4(0x0, &(0x7f0000001400), 0x4000000a, &(0x7f0000001440))
syz_open_procfs(r3, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r3, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x1, 0x31, 0x1, 0xfffffe00}, {0x1, 0x20, 0x80, 0xa32e}, {0x7ffd, 0x81, 0x9, 0x24}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2552.140243] kauditd_printk_skb: 15 callbacks suppressed
[ 2552.140266] audit: type=1326 audit(1716336679.396:3984): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2552.146211] FAULT_INJECTION: forcing a failure.
[ 2552.146211] name failslab, interval 1, probability 0, space 0, times 0
[ 2552.147220] CPU: 0 PID: 52081 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2552.147818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2552.148537] Call Trace:
[ 2552.148775]  dump_stack+0x107/0x167
[ 2552.149101] audit: type=1326 audit(1716336679.397:3985): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2552.149212] audit: type=1326 audit(1716336679.397:3986): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2552.150927]  should_fail.cold+0x5/0xa
[ 2552.150941]  ? create_object.isra.0+0x3a/0xa20
[ 2552.150962]  should_failslab+0x5/0x20
[ 2552.155704]  kmem_cache_alloc+0x5b/0x310
[ 2552.156060]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2552.156584]  create_object.isra.0+0x3a/0xa20
[ 2552.156968]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2552.157415]  kmem_cache_alloc+0x159/0x310
[ 2552.157786]  ptlock_alloc+0x1d/0x70
[ 2552.158108]  pte_alloc_one+0x68/0x1a0
[ 2552.158442]  __pte_alloc+0x1d/0x330
[ 2552.158762]  copy_page_range+0x1b62/0x3810
[ 2552.159155]  ? up_write+0x191/0x550
[ 2552.159474]  ? vm_iomap_memory+0x190/0x190
[ 2552.159845]  ? downgrade_write+0x3a0/0x3a0
[ 2552.160218]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2552.160691]  ? __vma_link_rb+0x540/0x700
[ 2552.161052]  copy_process+0x759b/0x7800
[ 2552.161433]  ? __cleanup_sighand+0xb0/0xb0
[ 2552.161807]  ? lock_acquire+0x197/0x470
[ 2552.162165]  ? find_held_lock+0x2c/0x110
[ 2552.162214] netlink: 368 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2552.162528]  kernel_clone+0xe7/0x980
[ 2552.164341]  ? lock_downgrade+0x6d0/0x6d0
[ 2552.164705]  ? find_held_lock+0x2c/0x110
[ 2552.165061]  ? create_io_thread+0xf0/0xf0
[ 2552.165435]  ? ksys_write+0x12d/0x260
[ 2552.165778]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2552.166208]  __do_sys_fork+0x8a/0xc0
[ 2552.166533]  ? kernel_thread+0xf0/0xf0
[ 2552.166879]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2552.167337]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2552.167781]  ? trace_hardirqs_on+0x5b/0x180
[ 2552.168164]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2552.168611]  do_syscall_64+0x33/0x40
[ 2552.168940]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2552.169396] RIP: 0033:0x7f4f720b0b19
[ 2552.169722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2552.171306] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2552.171961] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2552.172571] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2552.173190] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2552.173810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2552.174430] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
[ 2552.175527] netlink: 368 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2552.185270] audit: type=1326 audit(1716336679.397:3987): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2552.206277] audit: type=1326 audit(1716336679.397:3988): auid=0 uid=60928 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2552.225314] cgroup: fork rejected by pids controller in /syz2
[ 2552.228454] audit: type=1326 audit(1716336679.397:3989): auid=0 uid=60928 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2552.248302] audit: type=1326 audit(1716336679.400:3990): auid=0 uid=60928 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f5faeaaaad7 code=0x7ffc0000
[ 2552.262396] audit: type=1326 audit(1716336679.400:3991): auid=0 uid=60928 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f5faea5dab7 code=0x7ffc0000
[ 2552.283487] audit: type=1326 audit(1716336679.400:3992): auid=0 uid=60928 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5faea5da04 code=0x7ffc0000
[ 2552.313341] audit: type=1326 audit(1716336679.400:3993): auid=0 uid=60928 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5faea5d72b code=0x7ffc0000
[ 2552.332705] FAULT_INJECTION: forcing a failure.
[ 2552.332705] name failslab, interval 1, probability 0, space 0, times 0
[ 2552.333802] CPU: 0 PID: 52294 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2552.334407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2552.335125] Call Trace:
[ 2552.335363]  dump_stack+0x107/0x167
[ 2552.335685]  should_fail.cold+0x5/0xa
[ 2552.336022]  ? ptlock_alloc+0x1d/0x70
[ 2552.336358]  should_failslab+0x5/0x20
[ 2552.336693]  kmem_cache_alloc+0x5b/0x310
[ 2552.337052]  ptlock_alloc+0x1d/0x70
[ 2552.337388]  pte_alloc_one+0x68/0x1a0
[ 2552.337729]  __pte_alloc+0x1d/0x330
[ 2552.338054]  copy_page_range+0x1b62/0x3810
[ 2552.338452]  ? up_write+0x191/0x550
[ 2552.338773]  ? vm_iomap_memory+0x190/0x190
[ 2552.339145]  ? downgrade_write+0x3a0/0x3a0
[ 2552.339516]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2552.339989]  ? __vma_link_rb+0x540/0x700
[ 2552.340349]  copy_process+0x759b/0x7800
[ 2552.340720]  ? __cleanup_sighand+0xb0/0xb0
[ 2552.341094]  ? lock_acquire+0x197/0x470
[ 2552.341457]  ? find_held_lock+0x2c/0x110
[ 2552.341813]  kernel_clone+0xe7/0x980
[ 2552.342139]  ? lock_downgrade+0x6d0/0x6d0
[ 2552.342497]  ? find_held_lock+0x2c/0x110
[ 2552.342853]  ? create_io_thread+0xf0/0xf0
[ 2552.343218]  ? ksys_write+0x12d/0x260
[ 2552.343559]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2552.343987]  __do_sys_fork+0x8a/0xc0
[ 2552.344311]  ? kernel_thread+0xf0/0xf0
[ 2552.344662]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2552.345125]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2552.345581]  ? trace_hardirqs_on+0x5b/0x180
[ 2552.345967]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2552.346422]  do_syscall_64+0x33/0x40
[ 2552.346748]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2552.347198] RIP: 0033:0x7f4f720b0b19
[ 2552.347528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2552.349123] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2552.349802] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2552.350600] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2552.351203] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2552.351812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2552.352418] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:11:19 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:11:19 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 99)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:11:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84016c0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:19 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100002f000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2552.377582] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=47 sclass=netlink_xfrm_socket pid=52296 comm=syz-executor.1
[ 2552.385469] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=47 sclass=netlink_xfrm_socket pid=52297 comm=syz-executor.1
00:11:41 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401740010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:41 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
mount$tmpfs(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f0000000180), 0x408, &(0x7f0000000300)=ANY=[@ANYBLOB="6e725f626c6f636b733d306d32322c6e725f696e6d35352c6d6f64653d3030303004303030303030303030322c646f6eff07000061737572652c6d61730ad04d4181e6f0428959913800"/88])
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x8, &(0x7f0000000200)=[{0x94db, 0xf6, 0x9, 0x3}, {0x20, 0x2e, 0x1, 0x1}, {0x1, 0x21, 0x80, 0xa32e}, {0x8002, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x0, 0x5}, {0x9, 0x2, 0x3f, 0x4}, {0x8000, 0x6, 0xa0, 0x5}, {0x3, 0xff, 0xf7, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:11:41 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2573.994715] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.3'.
00:11:41 executing program 4:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x0)

00:11:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84014c0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:41 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000040000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:41 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork() (fail_nth: 100)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:11:41 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000018000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2574.006202] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64 sclass=netlink_xfrm_socket pid=52414 comm=syz-executor.1
[ 2574.014603] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64 sclass=netlink_xfrm_socket pid=52429 comm=syz-executor.1
[ 2574.021052] kauditd_printk_skb: 37 callbacks suppressed
[ 2574.021064] audit: type=1326 audit(1716336701.277:4031): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.025145] audit: type=1326 audit(1716336701.282:4032): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.030503] audit: type=1326 audit(1716336701.285:4033): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.035173] FAULT_INJECTION: forcing a failure.
[ 2574.035173] name failslab, interval 1, probability 0, space 0, times 0
[ 2574.036211] CPU: 1 PID: 52437 Comm: syz-executor.2 Not tainted 5.10.217 #1
[ 2574.036850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2574.037589] Call Trace:
[ 2574.037840]  dump_stack+0x107/0x167
[ 2574.038172]  should_fail.cold+0x5/0xa
[ 2574.038517]  ? create_object.isra.0+0x3a/0xa20
[ 2574.038933]  should_failslab+0x5/0x20
[ 2574.039290]  kmem_cache_alloc+0x5b/0x310
[ 2574.039664]  create_object.isra.0+0x3a/0xa20
[ 2574.040058]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2574.040520]  kmem_cache_alloc+0x159/0x310
[ 2574.040902]  vm_area_dup+0x78/0x290
[ 2574.041245]  ? _cond_resched+0x12/0x80
[ 2574.041598]  ? copy_page_range+0x24e9/0x3810
[ 2574.042029]  ? vm_area_alloc+0x110/0x110
[ 2574.042404]  ? up_write+0x191/0x550
[ 2574.042745]  ? vm_iomap_memory+0x190/0x190
[ 2574.043139]  ? downgrade_write+0x3a0/0x3a0
[ 2574.043529]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2574.044022]  ? __vma_link_rb+0x540/0x700
[ 2574.044395]  copy_process+0x291b/0x7800
[ 2574.044776]  ? __cleanup_sighand+0xb0/0xb0
[ 2574.045162]  ? lock_acquire+0x197/0x470
[ 2574.045523]  ? find_held_lock+0x2c/0x110
[ 2574.045905]  kernel_clone+0xe7/0x980
[ 2574.046249]  ? lock_downgrade+0x6d0/0x6d0
[ 2574.046619]  ? find_held_lock+0x2c/0x110
[ 2574.046981]  ? create_io_thread+0xf0/0xf0
[ 2574.047356]  ? ksys_write+0x12d/0x260
[ 2574.047700]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2574.048155]  __do_sys_fork+0x8a/0xc0
[ 2574.048487]  ? kernel_thread+0xf0/0xf0
[ 2574.048847]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2574.049315]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2574.049779]  ? trace_hardirqs_on+0x5b/0x180
[ 2574.050172]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2574.050629]  do_syscall_64+0x33/0x40
[ 2574.050964]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2574.051438] RIP: 0033:0x7f4f720b0b19
[ 2574.051765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2574.053397] RSP: 002b:00007f4f6f626188 EFLAGS: 00000246 ORIG_RAX: 0000000000000039
[ 2574.054088] RAX: ffffffffffffffda RBX: 00007f4f721c3f60 RCX: 00007f4f720b0b19
[ 2574.054719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2574.055349] RBP: 00007f4f6f6261d0 R08: 0000000000000000 R09: 0000000000000000
[ 2574.055980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 2574.056624] R13: 00007ffcf29bc1df R14: 00007f4f6f626300 R15: 0000000000022000
00:11:41 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000018000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401680010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2574.071903] audit: type=1326 audit(1716336701.287:4034): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.099792] audit: type=1326 audit(1716336701.287:4035): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.105895] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.3'.
00:11:41 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500), 0x0)

[ 2574.120246] audit: type=1326 audit(1716336701.290:4036): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:41 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000060000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2574.143633] audit: type=1326 audit(1716336701.290:4037): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84016c0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:41 executing program 3:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b01"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2574.162393] audit: type=1326 audit(1716336701.290:4038): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.178044] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=96 sclass=netlink_xfrm_socket pid=52583 comm=syz-executor.1
[ 2574.184361] audit: type=1326 audit(1716336701.317:4039): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2574.184534] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=96 sclass=netlink_xfrm_socket pid=52591 comm=syz-executor.1
[ 2574.203349] audit: type=1326 audit(1716336701.402:4040): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52420 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401740010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:41 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84017a0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:55 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000063000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401f00010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:55 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:11:55 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84017a0010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 1)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:11:55 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
fallocate(r1, 0x8, 0x0, 0x8e)
chroot(&(0x7f0000000100)='./file1\x00')

00:11:55 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:11:55 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 1)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

[ 2587.951732] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=99 sclass=netlink_xfrm_socket pid=52914 comm=syz-executor.1
[ 2587.962319] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=99 sclass=netlink_xfrm_socket pid=52937 comm=syz-executor.1
[ 2587.968504] kauditd_printk_skb: 1 callbacks suppressed
[ 2587.968516] audit: type=1326 audit(1716336715.225:4042): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2587.976615] audit: type=1326 audit(1716336715.232:4043): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2587.978410] FAULT_INJECTION: forcing a failure.
[ 2587.978410] name failslab, interval 1, probability 0, space 0, times 0
[ 2587.980590] CPU: 1 PID: 52871 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2587.981605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2587.982821] Call Trace:
[ 2587.983223]  dump_stack+0x107/0x167
[ 2587.983764]  should_fail.cold+0x5/0xa
[ 2587.984327]  ? getname_flags.part.0+0x50/0x4f0
[ 2587.984991]  should_failslab+0x5/0x20
[ 2587.985555]  kmem_cache_alloc+0x5b/0x310
[ 2587.986174]  getname_flags.part.0+0x50/0x4f0
[ 2587.986542] FAULT_INJECTION: forcing a failure.
[ 2587.986542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2587.986816]  getname_flags+0x9a/0xe0
[ 2587.988454]  do_mkdirat+0x8f/0x2b0
[ 2587.988977]  ? user_path_create+0xf0/0xf0
[ 2587.989598]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2587.990383]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2587.991147]  do_syscall_64+0x33/0x40
[ 2587.991693]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2587.992444] RIP: 0033:0x7f72960ceb19
[ 2587.992990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2587.995646] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2587.996756] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2587.997806] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2587.998843] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2587.999880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2588.000921] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2588.002021] CPU: 0 PID: 52931 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2588.002708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2588.003525] Call Trace:
[ 2588.003791]  dump_stack+0x107/0x167
[ 2588.004147]  should_fail.cold+0x5/0xa
[ 2588.004532]  _copy_from_user+0x2e/0x1b0
[ 2588.004918]  __copy_msghdr_from_user+0x91/0x4b0
[ 2588.005384]  ? __ia32_sys_shutdown+0x80/0x80
[ 2588.005851]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.006365]  ? __lock_acquire+0xbb1/0x5b00
[ 2588.006785]  sendmsg_copy_msghdr+0xa1/0x160
[ 2588.007211]  ? do_recvmmsg+0x6d0/0x6d0
[ 2588.007593]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.008097]  ? SOFTIRQ_verbose+0x10/0x10
[ 2588.008497]  ? lock_downgrade+0x6d0/0x6d0
[ 2588.008904]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.009410]  ? SOFTIRQ_verbose+0x10/0x10
[ 2588.009812]  ___sys_sendmsg+0xc6/0x170
[ 2588.010208]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2588.010645]  ? __fget_files+0x26d/0x4c0
[ 2588.011036]  ? lock_downgrade+0x6d0/0x6d0
[ 2588.011446]  ? find_held_lock+0x2c/0x110
[ 2588.011845]  ? __fget_files+0x296/0x4c0
[ 2588.012245]  ? __fget_light+0xea/0x290
[ 2588.012632]  __sys_sendmsg+0xe5/0x1b0
[ 2588.013001]  ? __sys_sendmsg_sock+0x40/0x40
[ 2588.013440]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2588.013907]  ? fput_many+0x2f/0x1a0
[ 2588.014279]  ? ksys_write+0x1a9/0x260
[ 2588.014650]  ? __ia32_sys_read+0xb0/0xb0
[ 2588.015047]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2588.015548]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2588.016042]  ? trace_hardirqs_on+0x5b/0x180
[ 2588.016463]  do_syscall_64+0x33/0x40
[ 2588.016833]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2588.017337] RIP: 0033:0x7f87f21a2b19
[ 2588.017693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2588.019474] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2588.020207] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2588.020893] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2588.021600] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2588.022312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2588.022999] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2588.026080] audit: type=1326 audit(1716336715.259:4044): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2588.028246] audit: type=1326 audit(1716336715.259:4045): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2588.039014] audit: type=1326 audit(1716336715.259:4046): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2588.042314] audit: type=1326 audit(1716336715.259:4047): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:55 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401f00010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2588.059800] audit: type=1326 audit(1716336715.305:4048): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000310000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:11:55 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000002000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2588.075366] audit: type=1326 audit(1716336715.332:4049): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2588.079435] audit: type=1326 audit(1716336715.336:4050): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2588.081640] audit: type=1326 audit(1716336715.336:4051): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=52898 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:11:55 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 2)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:11:55 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="b6dff0d14fffd84cdfeb375dba2eaadbde3529088633dbc27466be3ece09b4dd73c74fdd765f6cf4291881394612b1af1a5820c886bfc6ac557a65644a72073802d02ca55ac28708000000000000b107e20752a5652c51ebb03fd656d80fd30aa3c85447c6caacbca60000000000000000000084f5a25f112de78cee8ff58168523cc7bbce"], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
r1 = fork()
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
write$binfmt_elf64(r2, &(0x7f00000001c0)=ANY=[], 0xfdef)
pread64(r2, &(0x7f0000000340)=""/192, 0xc0, 0x14)
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
ptrace$setopts(0x4206, r1, 0x10001, 0x20)
ptrace(0x10, r0)

[ 2588.159870] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2 sclass=netlink_xfrm_socket pid=52981 comm=syz-executor.1
00:11:55 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2588.190542] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2 sclass=netlink_xfrm_socket pid=52994 comm=syz-executor.1
00:11:55 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401d40210000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000003000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = syz_io_uring_setup(0x7f02, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000180)=@ax25={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x3}, [@default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @null, @default, @default]}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
lsetxattr$security_ima(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x7e66, 0x0, 0x0, &(0x7f0000000340)={[0xec16]}, 0x8)
r5 = fork()
ptrace$setopts(0x4206, r5, 0x10001, 0x0)
ptrace(0x10, r5)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x3, &(0x7f0000000080)=[{0xfff, 0x4, 0x5a, 0x17abc34}, {0x0, 0x4, 0x80, 0x7fffffff}, {0x52, 0x1, 0x29, 0xfffffeff}]})
ptrace$cont(0x9, r5, 0xfffffffffffffffa, 0x1)
syz_open_procfs(r5, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r5, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x61, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})

00:11:55 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 2)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

[ 2588.278784] FAULT_INJECTION: forcing a failure.
[ 2588.278784] name failslab, interval 1, probability 0, space 0, times 0
[ 2588.280735] CPU: 1 PID: 53047 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2588.281754] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2588.282973] Call Trace:
[ 2588.283369]  dump_stack+0x107/0x167
[ 2588.283814] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3 sclass=netlink_xfrm_socket pid=53183 comm=syz-executor.1
[ 2588.283912]  should_fail.cold+0x5/0xa
[ 2588.285510]  ? create_object.isra.0+0x3a/0xa20
[ 2588.286192]  should_failslab+0x5/0x20
[ 2588.286760]  kmem_cache_alloc+0x5b/0x310
[ 2588.287366]  ? ksys_write+0x21a/0x260
[ 2588.287931]  create_object.isra.0+0x3a/0xa20
[ 2588.288143] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3 sclass=netlink_xfrm_socket pid=53193 comm=syz-executor.1
[ 2588.288580]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2588.288607]  kmem_cache_alloc+0x159/0x310
[ 2588.290972]  getname_flags.part.0+0x50/0x4f0
[ 2588.291628]  getname_flags+0x9a/0xe0
[ 2588.292190]  do_mkdirat+0x8f/0x2b0
[ 2588.292719]  ? user_path_create+0xf0/0xf0
[ 2588.293343]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2588.294125]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2588.294879]  do_syscall_64+0x33/0x40
[ 2588.295434]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2588.296185] RIP: 0033:0x7f72960ceb19
[ 2588.296739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2588.299424] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2588.300544] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2588.301584] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2588.302633] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2588.303672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2588.304709] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2588.325649] FAULT_INJECTION: forcing a failure.
[ 2588.325649] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2588.326963] CPU: 0 PID: 53236 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2588.327688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2588.328519] Call Trace:
[ 2588.328772]  dump_stack+0x107/0x167
[ 2588.329084]  should_fail.cold+0x5/0xa
[ 2588.329411]  _copy_from_user+0x2e/0x1b0
[ 2588.329748]  iovec_from_user+0x141/0x400
[ 2588.330110]  __import_iovec+0x67/0x590
[ 2588.330440]  ? __ia32_sys_shutdown+0x80/0x80
[ 2588.330819]  import_iovec+0x83/0xb0
[ 2588.331131]  sendmsg_copy_msghdr+0x131/0x160
[ 2588.331500]  ? do_recvmmsg+0x6d0/0x6d0
[ 2588.331832]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.332272]  ? lock_downgrade+0x6d0/0x6d0
[ 2588.332624]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.333078]  ? SOFTIRQ_verbose+0x10/0x10
[ 2588.333460]  ___sys_sendmsg+0xc6/0x170
[ 2588.333867]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2588.334303]  ? __fget_files+0x26d/0x4c0
[ 2588.334693]  ? lock_downgrade+0x6d0/0x6d0
[ 2588.335093]  ? find_held_lock+0x2c/0x110
[ 2588.335474]  ? __fget_files+0x296/0x4c0
[ 2588.335835]  ? __fget_light+0xea/0x290
[ 2588.336190]  __sys_sendmsg+0xe5/0x1b0
[ 2588.336525]  ? __sys_sendmsg_sock+0x40/0x40
[ 2588.336917]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2588.337326]  ? fput_many+0x2f/0x1a0
[ 2588.337636]  ? ksys_write+0x1a9/0x260
[ 2588.337977]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2588.338458]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2588.338945]  ? trace_hardirqs_on+0x5b/0x180
[ 2588.339350]  do_syscall_64+0x33/0x40
[ 2588.339718]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2588.340203] RIP: 0033:0x7f87f21a2b19
[ 2588.340533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2588.342122] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2588.342786] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2588.343424] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2588.344067] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2588.344712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2588.345350] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:11:55 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000004000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000510000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2588.399236] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4 sclass=netlink_xfrm_socket pid=53302 comm=syz-executor.1
[ 2588.404367] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4 sclass=netlink_xfrm_socket pid=53303 comm=syz-executor.1
00:11:55 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000310000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000005000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:11:55 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 3)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:11:55 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000510000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2588.525392] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=53405 comm=syz-executor.1
[ 2588.538294] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=53448 comm=syz-executor.1
[ 2588.583718] FAULT_INJECTION: forcing a failure.
[ 2588.583718] name failslab, interval 1, probability 0, space 0, times 0
[ 2588.585643] CPU: 1 PID: 53495 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2588.586663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2588.587879] Call Trace:
[ 2588.588294]  dump_stack+0x107/0x167
[ 2588.588833]  should_fail.cold+0x5/0xa
[ 2588.589402]  ? __alloc_skb+0x6d/0x5b0
[ 2588.589973]  should_failslab+0x5/0x20
[ 2588.590537]  kmem_cache_alloc_node+0x55/0x330
[ 2588.591198]  __alloc_skb+0x6d/0x5b0
[ 2588.591757]  netlink_sendmsg+0x998/0xdf0
[ 2588.592368]  ? netlink_unicast+0x7f0/0x7f0
[ 2588.593004]  ? netlink_unicast+0x7f0/0x7f0
[ 2588.593636]  __sock_sendmsg+0x154/0x190
[ 2588.594229]  ____sys_sendmsg+0x70d/0x870
[ 2588.594836]  ? sock_write_iter+0x3d0/0x3d0
[ 2588.595453]  ? do_recvmmsg+0x6d0/0x6d0
[ 2588.596032]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.596805]  ? lock_downgrade+0x6d0/0x6d0
[ 2588.597422]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2588.598196]  ? SOFTIRQ_verbose+0x10/0x10
[ 2588.598798]  ___sys_sendmsg+0xf3/0x170
[ 2588.599381]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2588.600062]  ? lock_downgrade+0x6d0/0x6d0
[ 2588.600672]  ? find_held_lock+0x2c/0x110
[ 2588.601280]  ? __fget_files+0x296/0x4c0
[ 2588.601886]  ? __fget_light+0xea/0x290
[ 2588.602469]  __sys_sendmsg+0xe5/0x1b0
[ 2588.603028]  ? __sys_sendmsg_sock+0x40/0x40
[ 2588.603650]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2588.604346]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2588.605107]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2588.605868]  ? trace_hardirqs_on+0x5b/0x180
[ 2588.606506]  do_syscall_64+0x33/0x40
[ 2588.607052]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2588.607797] RIP: 0033:0x7f87f21a2b19
[ 2588.608352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2588.611006] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2588.612109] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2588.613143] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2588.614190] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2588.615227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2588.616262] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:12:10 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 3)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:12:10 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:12:10 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
getpgid(r0)
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:12:10 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000610000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:10 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000610000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:12:10 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000006000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2603.148807] kauditd_printk_skb: 47 callbacks suppressed
[ 2603.148826] audit: type=1326 audit(1716336730.405:4099): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.152105] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=6 sclass=netlink_xfrm_socket pid=53537 comm=syz-executor.1
[ 2603.156121] audit: type=1326 audit(1716336730.405:4100): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.171860] audit: type=1326 audit(1716336730.417:4101): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.175409] FAULT_INJECTION: forcing a failure.
[ 2603.175409] name failslab, interval 1, probability 0, space 0, times 0
[ 2603.177324] CPU: 1 PID: 53542 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2603.178350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2603.179556] Call Trace:
[ 2603.179950]  dump_stack+0x107/0x167
[ 2603.180497]  should_fail.cold+0x5/0xa
[ 2603.181063]  ? create_object.isra.0+0x3a/0xa20
[ 2603.181738]  should_failslab+0x5/0x20
[ 2603.182299]  kmem_cache_alloc+0x5b/0x310
[ 2603.182901]  create_object.isra.0+0x3a/0xa20
[ 2603.183545]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2603.184294]  kmem_cache_alloc_node+0x169/0x330
[ 2603.184971]  __alloc_skb+0x6d/0x5b0
00:12:10 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 4)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:12:10 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x6171, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

[ 2603.185668]  netlink_sendmsg+0x998/0xdf0
[ 2603.186462]  ? netlink_unicast+0x7f0/0x7f0
[ 2603.187088]  ? netlink_unicast+0x7f0/0x7f0
[ 2603.187693]  __sock_sendmsg+0x154/0x190
[ 2603.188270]  ____sys_sendmsg+0x70d/0x870
[ 2603.188862]  ? sock_write_iter+0x3d0/0x3d0
[ 2603.189043] audit: type=1326 audit(1716336730.424:4102): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.189470]  ? do_recvmmsg+0x6d0/0x6d0
[ 2603.189498]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2603.194356]  ? lock_downgrade+0x6d0/0x6d0
[ 2603.194958]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2603.195714]  ? SOFTIRQ_verbose+0x10/0x10
[ 2603.196310]  ___sys_sendmsg+0xf3/0x170
[ 2603.196875]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2603.197538]  ? lock_downgrade+0x6d0/0x6d0
[ 2603.198149]  ? find_held_lock+0x2c/0x110
[ 2603.198747]  ? __fget_files+0x296/0x4c0
[ 2603.199333]  ? __fget_light+0xea/0x290
[ 2603.199895]  __sys_sendmsg+0xe5/0x1b0
[ 2603.200449]  ? __sys_sendmsg_sock+0x40/0x40
[ 2603.201070]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2603.201767]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2603.202531]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2603.203274]  ? trace_hardirqs_on+0x5b/0x180
[ 2603.203895]  do_syscall_64+0x33/0x40
[ 2603.204445]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2603.205183] RIP: 0033:0x7f87f21a2b19
[ 2603.205728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2603.205750] audit: type=1326 audit(1716336730.424:4103): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.205874] audit: type=1326 audit(1716336730.425:4104): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.208353] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2603.208376] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2603.208388] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2603.208400] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2603.208411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.208432] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2603.225907] FAULT_INJECTION: forcing a failure.
[ 2603.225907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2603.227954] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=6 sclass=netlink_xfrm_socket pid=53553 comm=syz-executor.1
[ 2603.230325] CPU: 0 PID: 53549 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2603.231498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2603.232885] Call Trace:
[ 2603.233348]  dump_stack+0x107/0x167
[ 2603.233990]  should_fail.cold+0x5/0xa
[ 2603.234656]  strncpy_from_user+0x34/0x470
[ 2603.235384]  getname_flags.part.0+0x95/0x4f0
[ 2603.236148]  getname_flags+0x9a/0xe0
[ 2603.236782]  do_mkdirat+0x8f/0x2b0
[ 2603.237396]  ? user_path_create+0xf0/0xf0
[ 2603.238128]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2603.239014]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2603.239899]  do_syscall_64+0x33/0x40
[ 2603.240540]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2603.241416] RIP: 0033:0x7f72960ceb19
[ 2603.242075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2603.245199] RSP: 002b:00007f7293623188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2603.246504] RAX: ffffffffffffffda RBX: 00007f72961e2020 RCX: 00007f72960ceb19
[ 2603.247725] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000004
[ 2603.248931] RBP: 00007f72936231d0 R08: 0000000000000000 R09: 0000000000000000
[ 2603.250159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.251378] R13: 00007ffd82cbc6ef R14: 00007f7293623300 R15: 0000000000022000
[ 2603.364273] audit: type=1326 audit(1716336730.620:4105): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2603.368347] audit: type=1326 audit(1716336730.621:4106): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53528 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.652615] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=7 sclass=netlink_xfrm_socket pid=53859 comm=syz-executor.1
[ 2618.656103] audit: type=1326 audit(1716336745.912:4107): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.658601] audit: type=1326 audit(1716336745.913:4108): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.667399] FAULT_INJECTION: forcing a failure.
[ 2618.667399] name failslab, interval 1, probability 0, space 0, times 0
[ 2618.668344] CPU: 1 PID: 53870 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2618.668894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2618.669598] Call Trace:
[ 2618.669816]  dump_stack+0x107/0x167
[ 2618.670125]  should_fail.cold+0x5/0xa
[ 2618.670446]  should_failslab+0x5/0x20
[ 2618.670781]  __kmalloc_node_track_caller+0x74/0x3b0
[ 2618.671190]  ? netlink_sendmsg+0x998/0xdf0
[ 2618.671538]  __alloc_skb+0xb1/0x5b0
[ 2618.671835]  netlink_sendmsg+0x998/0xdf0
[ 2618.672200]  ? netlink_unicast+0x7f0/0x7f0
[ 2618.672549]  ? netlink_unicast+0x7f0/0x7f0
[ 2618.672896]  __sock_sendmsg+0x154/0x190
[ 2618.673252]  ____sys_sendmsg+0x70d/0x870
[ 2618.673585]  ? sock_write_iter+0x3d0/0x3d0
[ 2618.673614] audit: type=1326 audit(1716336745.919:4109): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.673922]  ? do_recvmmsg+0x6d0/0x6d0
[ 2618.673942]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2618.678828]  ? lock_downgrade+0x6d0/0x6d0
[ 2618.679172]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2618.679610]  ? SOFTIRQ_verbose+0x10/0x10
[ 2618.679942]  ___sys_sendmsg+0xf3/0x170
[ 2618.680261]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2618.680633]  ? lock_downgrade+0x6d0/0x6d0
[ 2618.680979]  ? find_held_lock+0x2c/0x110
[ 2618.681308]  ? __fget_files+0x296/0x4c0
[ 2618.681609]  ? __fget_light+0xea/0x290
[ 2618.681906]  __sys_sendmsg+0xe5/0x1b0
[ 2618.682253]  ? __sys_sendmsg_sock+0x40/0x40
[ 2618.682698]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2618.683186]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2618.683710]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2618.683767] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=7 sclass=netlink_xfrm_socket pid=53874 comm=syz-executor.1
[ 2618.684162]  ? trace_hardirqs_on+0x5b/0x180
[ 2618.684175]  do_syscall_64+0x33/0x40
[ 2618.684188]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2618.684206] RIP: 0033:0x7f87f21a2b19
[ 2618.688045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2618.689955] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2618.690606] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2618.691187] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2618.691834] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2618.692422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2618.693009] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2618.696133] audit: type=1326 audit(1716336745.919:4110): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:12:25 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000710000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:25 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 5)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:12:25 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x8, 0x0, 0x1, 0xf7, 0x0, 0x3f, 0x18a00, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0x8100, 0x7f, 0x1, 0x0, 0x4, 0x8, 0x3df, 0x0, 0x5, 0x0, 0x9}, 0x0, 0xc, r0, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r2 = fork()
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x802)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
write$binfmt_elf64(r4, &(0x7f00000001c0)=ANY=[], 0xfdef)
r5 = openat$incfs(r1, &(0x7f00000000c0)='.log\x00', 0x54102, 0x40)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
pread64(r3, &(0x7f0000000280)=""/151, 0x97, 0x7702)
ptrace$setopts(0x4200, r2, 0x5, 0x60)
ptrace(0x10, r2)

00:12:25 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000007000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000710000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:12:25 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 4)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:12:25 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000180), 0x6e, &(0x7f0000001300)=[{&(0x7f0000000080)=""/12, 0xc}, {&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x3, &(0x7f0000001500)=ANY=[@ANYBLOB="38000000000000ce35c3c93187aad71c0b58697e7756381344b8191d85ca89ab550975aed920890deb8906e7fd6e716a299a2fa6ccb5406e37bf18c0049130a948160e98f5bce4e5ba743cc4bbddd4c055e5e946815ff7b293fbc0269d1fb81b9ee3e644ace5f792ff07758b73e274a36f999c2aee30b28856228a007643a6d85b8d7d406f60520f0351b9591cd1bdfdb763b35597d4fe470c75035dffdcf69d2481ef02c08d1a32f81a6392a531606b6b611eff961dee204ff51be0f8469d2915b15aae0d76a69e5606d8a091fa6ac19e7a3c5cfc0e4b668ed70b44c58620", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=<r1=>0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32], 0xd8}, 0x60)
wait4(r1, &(0x7f0000001480), 0x8, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
write$tcp_congestion(0xffffffffffffffff, &(0x7f00000014c0)='nv\x00', 0x3)
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})

00:12:25 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2618.719793] FAULT_INJECTION: forcing a failure.
[ 2618.719793] name failslab, interval 1, probability 0, space 0, times 0
[ 2618.721355] CPU: 1 PID: 53875 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2618.721910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2618.722607] Call Trace:
[ 2618.722825]  dump_stack+0x107/0x167
[ 2618.723126]  should_fail.cold+0x5/0xa
[ 2618.723437]  ? __d_alloc+0x2a/0x990
[ 2618.723740]  should_failslab+0x5/0x20
[ 2618.724055]  kmem_cache_alloc+0x5b/0x310
[ 2618.724403]  __d_alloc+0x2a/0x990
[ 2618.724677]  ? dput+0x1ae/0xcd0
[ 2618.724737] audit: type=1326 audit(1716336745.919:4111): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.724947]  d_alloc+0x46/0x1c0
[ 2618.724978]  __lookup_hash+0xcc/0x190
[ 2618.729082]  filename_create+0x186/0x4a0
[ 2618.729425]  ? filename_parentat+0x570/0x570
[ 2618.729798]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2618.730179]  do_mkdirat+0xa2/0x2b0
[ 2618.730465]  ? user_path_create+0xf0/0xf0
[ 2618.730807]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2618.731220]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2618.731658]  do_syscall_64+0x33/0x40
[ 2618.731959]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2618.732379] RIP: 0033:0x7f72960ceb19
[ 2618.732679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2618.734151] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2618.734750] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2618.735323] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2618.735891] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2618.736483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2618.737082] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2618.740300] audit: type=1326 audit(1716336745.955:4112): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.774804] audit: type=1326 audit(1716336746.029:4113): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:12:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000910000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2618.789173] audit: type=1326 audit(1716336746.030:4114): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=53864 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:12:26 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000910000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:26 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000008000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:26 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
fork()
chroot(&(0x7f0000000100)='./file1\x00')

[ 2618.871897] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8 sclass=netlink_xfrm_socket pid=54201 comm=syz-executor.1
00:12:26 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 6)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

[ 2618.893298] audit: type=1326 audit(1716336746.149:4115): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54221 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.897147] audit: type=1326 audit(1716336746.150:4116): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54221 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2618.909753] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8 sclass=netlink_xfrm_socket pid=54253 comm=syz-executor.1
00:12:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:12:26 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 5)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2618.987823] FAULT_INJECTION: forcing a failure.
[ 2618.987823] name failslab, interval 1, probability 0, space 0, times 0
[ 2618.988925] CPU: 1 PID: 54312 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2618.989531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2618.990217] Call Trace:
[ 2618.990441]  dump_stack+0x107/0x167
[ 2618.990738]  should_fail.cold+0x5/0xa
[ 2618.991094]  ? create_object.isra.0+0x3a/0xa20
[ 2618.991474]  should_failslab+0x5/0x20
[ 2618.991788]  kmem_cache_alloc+0x5b/0x310
[ 2618.992125]  create_object.isra.0+0x3a/0xa20
[ 2618.992491]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2618.992945]  __kmalloc_node_track_caller+0x1a6/0x3b0
[ 2618.993361]  ? netlink_sendmsg+0x998/0xdf0
[ 2618.993714]  __alloc_skb+0xb1/0x5b0
[ 2618.994028]  netlink_sendmsg+0x998/0xdf0
[ 2618.994416]  ? netlink_unicast+0x7f0/0x7f0
[ 2618.994772]  ? netlink_unicast+0x7f0/0x7f0
[ 2618.995122]  __sock_sendmsg+0x154/0x190
[ 2618.995475]  ____sys_sendmsg+0x70d/0x870
[ 2618.995805]  ? sock_write_iter+0x3d0/0x3d0
[ 2618.996149]  ? do_recvmmsg+0x6d0/0x6d0
[ 2618.996477]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2618.996933]  ? lock_downgrade+0x6d0/0x6d0
[ 2618.997272]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2618.997701]  ? SOFTIRQ_verbose+0x10/0x10
[ 2618.998039]  ___sys_sendmsg+0xf3/0x170
[ 2618.998384]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2618.998767]  ? lock_downgrade+0x6d0/0x6d0
[ 2618.999108]  ? find_held_lock+0x2c/0x110
[ 2618.999448]  ? __fget_files+0x296/0x4c0
[ 2618.999781]  ? __fget_light+0xea/0x290
[ 2619.000106]  __sys_sendmsg+0xe5/0x1b0
[ 2619.000431]  ? __sys_sendmsg_sock+0x40/0x40
[ 2619.000785]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2619.001180]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2619.001612]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2619.002048]  ? trace_hardirqs_on+0x5b/0x180
[ 2619.002413]  do_syscall_64+0x33/0x40
[ 2619.002714]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2619.003154] RIP: 0033:0x7f87f21a2b19
[ 2619.003468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2619.004979] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2619.005624] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2619.006204] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2619.006779] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2619.007378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2619.007981] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:12:26 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000009000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:26 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2619.034809] FAULT_INJECTION: forcing a failure.
[ 2619.034809] name failslab, interval 1, probability 0, space 0, times 0
[ 2619.036830] CPU: 0 PID: 54333 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2619.037955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2619.039312] Call Trace:
[ 2619.039748]  dump_stack+0x107/0x167
[ 2619.040347]  should_fail.cold+0x5/0xa
[ 2619.040973]  ? create_object.isra.0+0x3a/0xa20
[ 2619.041716]  should_failslab+0x5/0x20
[ 2619.042353]  kmem_cache_alloc+0x5b/0x310
[ 2619.043022]  create_object.isra.0+0x3a/0xa20
[ 2619.043738]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2619.044566]  kmem_cache_alloc+0x159/0x310
[ 2619.045242]  ? __d_lookup+0x3bf/0x760
[ 2619.045872]  __d_alloc+0x2a/0x990
[ 2619.046456]  d_alloc+0x46/0x1c0
[ 2619.046999]  __lookup_hash+0xcc/0x190
[ 2619.047625]  filename_create+0x186/0x4a0
[ 2619.048289]  ? filename_parentat+0x570/0x570
[ 2619.049008]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2619.049770]  do_mkdirat+0xa2/0x2b0
[ 2619.050367]  ? user_path_create+0xf0/0xf0
[ 2619.051056]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2619.051906]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2619.052740]  do_syscall_64+0x33/0x40
[ 2619.053344]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2619.054183] RIP: 0033:0x7f72960ceb19
[ 2619.054791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2619.057734] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2619.058968] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2619.060122] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2619.061269] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2619.062441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2619.063590] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:12:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000b10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2619.082316] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9 sclass=netlink_xfrm_socket pid=54458 comm=syz-executor.1
[ 2619.094492] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9 sclass=netlink_xfrm_socket pid=54482 comm=syz-executor.1
00:12:26 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:12:26 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5}}, './file0\x00'})
openat(r0, &(0x7f0000000100)='./file0\x00', 0x20200, 0x7)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x6, 0x1, 0x7, 0x97, 0x0, 0x1f, 0x540, 0x7, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9c, 0x2, @perf_config_ext={0x8, 0x8}, 0x0, 0x0, 0x80000001, 0x9, 0x100, 0x8, 0x8000, 0x0, 0x7, 0x0, 0xd13}, r1, 0xffffffffffffffff, r0, 0xb)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r2 = fork()
r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0x0, 0xa0401)
ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x3)
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
ptrace(0x10, r2)

00:12:26 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000a000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2619.161287] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10 sclass=netlink_xfrm_socket pid=54512 comm=syz-executor.1
[ 2619.174736] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10 sclass=netlink_xfrm_socket pid=54518 comm=syz-executor.1
00:12:26 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000b10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:41 executing program 2:
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)=ANY=[@ANYRESHEX, @ANYRESHEX=0x0, @ANYRESDEC, @ANYRESOCT, @ANYRESHEX=0x0, @ANYRESHEX], 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x181400, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(r1, 0x40089416, &(0x7f0000000100))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r2 = fork()
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000040)={0x1, 0x0, 0x17})
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
ptrace(0x10, r2)
pread64(r0, &(0x7f0000000240)=""/116, 0x74, 0x1)

00:12:41 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x7f, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x8}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2634.518833] kauditd_printk_skb: 20 callbacks suppressed
[ 2634.518853] audit: type=1326 audit(1716336761.775:4137): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.533735] audit: type=1326 audit(1716336761.789:4138): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.557104] audit: type=1326 audit(1716336761.790:4139): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.558628] FAULT_INJECTION: forcing a failure.
[ 2634.558628] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2634.562620] CPU: 0 PID: 54739 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2634.563849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2634.565292] Call Trace:
[ 2634.565762]  dump_stack+0x107/0x167
[ 2634.566419]  should_fail.cold+0x5/0xa
[ 2634.566504] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=11 sclass=netlink_xfrm_socket pid=54744 comm=syz-executor.1
[ 2634.567094]  _copy_from_iter_full+0x201/0xa60
[ 2634.567127]  ? __virt_addr_valid+0x170/0x5c0
[ 2634.570526]  ? __check_object_size+0x319/0x440
[ 2634.571344]  netlink_sendmsg+0x879/0xdf0
[ 2634.572062]  ? netlink_unicast+0x7f0/0x7f0
[ 2634.572831]  ? netlink_unicast+0x7f0/0x7f0
[ 2634.573595]  __sock_sendmsg+0x154/0x190
[ 2634.573859] audit: type=1326 audit(1716336761.790:4140): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.574292]  ____sys_sendmsg+0x70d/0x870
[ 2634.574339]  ? sock_write_iter+0x3d0/0x3d0
[ 2634.578804]  ? do_recvmmsg+0x6d0/0x6d0
[ 2634.579525]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2634.580445]  ? lock_downgrade+0x6d0/0x6d0
[ 2634.581172]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2634.582104]  ? SOFTIRQ_verbose+0x10/0x10
[ 2634.582863]  ___sys_sendmsg+0xf3/0x170
[ 2634.583584]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2634.584413]  ? lock_downgrade+0x6d0/0x6d0
[ 2634.585153]  ? find_held_lock+0x2c/0x110
[ 2634.585600] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=11 sclass=netlink_xfrm_socket pid=54745 comm=syz-executor.1
[ 2634.585872]  ? __fget_files+0x296/0x4c0
[ 2634.587764] audit: type=1326 audit(1716336761.790:4141): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.588268]  ? __fget_light+0xea/0x290
[ 2634.588299]  __sys_sendmsg+0xe5/0x1b0
[ 2634.592660]  ? __sys_sendmsg_sock+0x40/0x40
[ 2634.593419]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2634.594257]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2634.595196]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2634.596095]  ? trace_hardirqs_on+0x5b/0x180
[ 2634.596844]  do_syscall_64+0x33/0x40
[ 2634.597512]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2634.598426] RIP: 0033:0x7f87f21a2b19
[ 2634.599078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2634.599711] audit: type=1326 audit(1716336761.805:4142): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.602242] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2634.602265] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2634.602277] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2634.602288] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2634.602317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2634.611611] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:12:41 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:12:41 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000b000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:41 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 7)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:12:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:41 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 6)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:12:41 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:12:41 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000c000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2634.684304] FAULT_INJECTION: forcing a failure.
[ 2634.684304] name failslab, interval 1, probability 0, space 0, times 0
[ 2634.686822] CPU: 1 PID: 54758 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2634.687841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2634.689139] Call Trace:
[ 2634.689581]  dump_stack+0x107/0x167
[ 2634.690187]  should_fail.cold+0x5/0xa
[ 2634.690836]  ? cgroup_mkdir+0x254/0xf50
[ 2634.691496]  should_failslab+0x5/0x20
[ 2634.692123]  __kmalloc+0x72/0x390
[ 2634.692714]  cgroup_mkdir+0x254/0xf50
[ 2634.693354]  ? cgroup_destroy_locked+0x710/0x710
[ 2634.694142]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2634.694836]  vfs_mkdir+0x493/0x700
[ 2634.695436]  do_mkdirat+0x150/0x2b0
[ 2634.696038]  ? user_path_create+0xf0/0xf0
[ 2634.696730]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2634.697592]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2634.698451]  do_syscall_64+0x33/0x40
[ 2634.699067]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2634.699908] RIP: 0033:0x7f72960ceb19
[ 2634.700522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2634.703519] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2634.704767] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2634.705939] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2634.707110] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2634.708272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2634.709437] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2634.759537] audit: type=1326 audit(1716336762.013:4143): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.763547] audit: type=1326 audit(1716336762.016:4144): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=54730 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2634.783293] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12 sclass=netlink_xfrm_socket pid=55052 comm=syz-executor.1
[ 2634.797089] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12 sclass=netlink_xfrm_socket pid=55053 comm=syz-executor.1
[ 2650.834247] FAULT_INJECTION: forcing a failure.
[ 2650.834247] name failslab, interval 1, probability 0, space 0, times 0
[ 2650.835398] CPU: 0 PID: 55060 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2650.836020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2650.836739] Call Trace:
[ 2650.836987]  dump_stack+0x107/0x167
[ 2650.837314]  should_fail.cold+0x5/0xa
[ 2650.837655]  ? create_object.isra.0+0x3a/0xa20
[ 2650.838062]  should_failslab+0x5/0x20
[ 2650.838401]  kmem_cache_alloc+0x5b/0x310
[ 2650.838773]  create_object.isra.0+0x3a/0xa20
[ 2650.839162]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2650.839615]  __kmalloc+0x16e/0x390
[ 2650.839934]  cgroup_mkdir+0x254/0xf50
[ 2650.840275]  ? cgroup_destroy_locked+0x710/0x710
[ 2650.840696]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2650.841067]  vfs_mkdir+0x493/0x700
[ 2650.841384]  do_mkdirat+0x150/0x2b0
[ 2650.841706]  ? user_path_create+0xf0/0xf0
[ 2650.842079]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2650.842551]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2650.843008]  do_syscall_64+0x33/0x40
[ 2650.843341]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2650.843789] RIP: 0033:0x7f72960ceb19
[ 2650.844122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2650.845728] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2650.846402] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2650.847032] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2650.847661] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2650.848283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2650.848912] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2650.861184] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=13 sclass=netlink_xfrm_socket pid=55067 comm=syz-executor.1
00:12:58 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401001110000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:58 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 7)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:12:58 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="5ae54b46a9b57c8adfcd59f2c96763d68981e69287a8315be322e0b7f4fccf5d59369d4435904691da42b047621a86316666f0cceefc8101703c86bd353b4d5b37ad47bb0ac395a7e5765611df8d7f0b97f0cce87ac51574e958f33403ce5e10140633c66f4761dc8965d609da08564f325aa894e057d241d85722c31e6575f489867aa2b32aa29faf5b52d678134fcd7f0e46e4aa72a5b36f192648ff213a7e6c30212f8f9ec25e91cd53c874b712940ec59749ca0ae1c7266459c1"], 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x2, 0x8, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030, 0x0, 0x0, 0x3, 0x0, 0x20, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r1 = fork()
r2 = fork()
r3 = fork()
ptrace$setopts(0x4206, r3, 0x10001, 0x0)
ptrace(0x10, r3)
r4 = fork()
ptrace$cont(0x7, r4, 0xff, 0x2)
ptrace$cont(0x9, r3, 0x68c, 0x0)
ptrace$setopts(0x4206, r3, 0x10001, 0xc)
ptrace(0x10, r2)
ptrace$cont(0x9, r2, 0x68c, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x20, 0x42, 0x1, 0x1, 0x0, 0x6, 0x8000, 0x6, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f00000000c0)}, 0x0, 0xfffffffffffffff7, 0x9, 0x9, 0x1, 0x4a6, 0x1ff, 0x0, 0x2bba, 0x0, 0x3}, r2, 0x10, r0, 0x1)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1000, 0x0)
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)

00:12:58 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:12:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000d000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:58 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
ptrace(0x10, 0x0)
ptrace$cont(0x9, 0x0, 0x68c, 0x0)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000002ec0)=<r3=>0x0)
getresgid(&(0x7f0000002f00), &(0x7f0000002f40)=<r4=>0x0, &(0x7f0000002f80))
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xee00, r5, 0x0)
stat(&(0x7f0000002fc0)='./file1\x00', &(0x7f0000003000)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
[ 2650.869659] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=13 sclass=netlink_xfrm_socket pid=55073 comm=syz-executor.1
[ 2650.872492] FAULT_INJECTION: forcing a failure.
[ 2650.872492] name failslab, interval 1, probability 0, space 0, times 0
[ 2650.873590] CPU: 0 PID: 55072 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2650.874205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2650.875068] Call Trace:
[ 2650.875302]  dump_stack+0x107/0x167
[ 2650.875624]  should_fail.cold+0x5/0xa
[ 2650.875957]  ? xfrm_state_alloc+0x21/0x4e0
[ 2650.876331]  should_failslab+0x5/0x20
[ 2650.876667]  kmem_cache_alloc+0x5b/0x310
[ 2650.877027]  ? __nla_validate_parse+0x2d8/0x2b10
[ 2650.877454]  xfrm_state_alloc+0x21/0x4e0
[ 2650.877808]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 2650.878261]  xfrm_add_sa+0xd3b/0x3510
[ 2650.878607]  ? xfrm_send_acquire+0xad0/0xad0
[ 2650.878998]  ? security_capable+0x95/0xc0
[ 2650.879364]  ? __nla_parse+0x3e/0x50
[ 2650.879694]  ? xfrm_send_acquire+0xad0/0xad0
[ 2650.880084]  xfrm_user_rcv_msg+0x416/0x830
[ 2650.880460]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2650.880921]  ? __mutex_lock+0x4fe/0x10b0
[ 2650.881288]  ? lock_acquire+0x197/0x470
[ 2650.881652]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2650.882068]  netlink_rcv_skb+0x14b/0x430
[ 2650.882423]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2650.882863]  ? netlink_ack+0xab0/0xab0
[ 2650.883225]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2650.883626]  xfrm_netlink_rcv+0x6b/0x90
[ 2650.883978]  netlink_unicast+0x549/0x7f0
[ 2650.884339]  ? netlink_attachskb+0x870/0x870
[ 2650.884729]  netlink_sendmsg+0x90f/0xdf0
[ 2650.885099]  ? netlink_unicast+0x7f0/0x7f0
[ 2650.885478]  ? netlink_unicast+0x7f0/0x7f0
[ 2650.885852]  __sock_sendmsg+0x154/0x190
[ 2650.886203]  ____sys_sendmsg+0x70d/0x870
[ 2650.886569]  ? sock_write_iter+0x3d0/0x3d0
[ 2650.886938]  ? do_recvmmsg+0x6d0/0x6d0
[ 2650.887284]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2650.887745]  ? lock_downgrade+0x6d0/0x6d0
[ 2650.888123]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2650.888594]  ? SOFTIRQ_verbose+0x10/0x10
[ 2650.888959]  ___sys_sendmsg+0xf3/0x170
[ 2650.889304]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2650.889710]  ? lock_downgrade+0x6d0/0x6d0
[ 2650.890076]  ? find_held_lock+0x2c/0x110
[ 2650.890439]  ? __fget_files+0x296/0x4c0
[ 2650.890802]  ? __fget_light+0xea/0x290
[ 2650.891164]  __sys_sendmsg+0xe5/0x1b0
[ 2650.891514]  ? __sys_sendmsg_sock+0x40/0x40
[ 2650.891916]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2650.892359]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2650.892826]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2650.893289]  ? trace_hardirqs_on+0x5b/0x180
[ 2650.893668]  do_syscall_64+0x33/0x40
[ 2650.893996]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2650.894447] RIP: 0033:0x7f87f21a2b19
[ 2650.894780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2650.896360] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2650.897021] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2650.897638] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2650.898271] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2650.898916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2650.899547] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
sendmsg$netlink(r2, &(0x7f0000003140)={&(0x7f0000000300)=@kern={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002780)=[{&(0x7f0000000340)={0x4c, 0x1d, 0x400, 0x70bd2a, 0x25dfdbfe, "", [@typed={0x32, 0x18, 0x0, 0x0, @binary="a443edc7ff4cca13c689324dbc68fa1f7cd0ff1e4c7cf706546637bbd3ef4292a15ee630bbbcff1d285e4c63f8fa"}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x7fff}]}, 0x4c}, {&(0x7f0000000440)={0x232c, 0x17, 0x800, 0x70bd25, 0x25dfdbfd, "", [@generic="60189e20fa34dfbf8807b025b06f26", @nested={0xba, 0x34, 0x0, 0x1, [@generic="07b4cd74e681cf16aa75d1dc6f6aedfd607e1c28e67b61493a7865b53f1b21b87c08633a25d617642ee51a37489eb5ede681508a31de4f0aff5ed962deb41d90c45b1c19c2a2af6bc9fe84bf0b2d305e6d4ab08530e9114546ba775948dc59f4eca8861498d912c1fe536eef0fd07b69e0eaede8eae025852221ef5fad455499e7908c49c0ea2e9f55bea68cc3e067c0af9c564577a202270b424b6b423284cbd2da74cd269c80133fef3da2d15db3fccaf915d68872"]}, @nested={0xc, 0x9, 0x0, 0x1, [@typed={0x6, 0x7c, 0x0, 0x0, @str='@\x00'}]}, @nested={0x108c, 0x7a, 0x0, 0x1, [@generic="88eadcc143093585ab9ce4e6533aa641fe90cb26771cbedf35cbae89813dec66799eec5b0c969858f1111c856e6a67230cba7f162320782fdb4c608b22e16e1fe87496934155dbf75a", @generic, @generic="62d142c437b32400fa2f8e3cdf0298dcff98a785ed60063779f3d91fdf2f3e987816d1ee15f9a0", @typed={0x8, 0x83, 0x0, 0x0, @fd}, @typed={0x8, 0xf, 0x0, 0x0, @pid=r1}, @generic="f12426c217bd3495c2248627228b3309414669a8f9518fa7b652638333f84a7eb496f5d67f4b1d8a093fe99c142cf41838df980e69477841defe03a81aebd1e40442e2eaf9e581b8599979ae52efce7ad45cc71eedf1c8de4f22e1bb15327563fbdfd9ad15ae1547482c71c2391ad0c8b74f45408f3e43f8fedc24c73d3d43cc83f562401bb82a73da14b935a0dc6a1ba2c75336a3c3099856c147b6a7f017280aeaf0b86f22f35fc49bf77689467f6d27bd720317b897543b8d95679d541c963bed887b6f63be6c92e38902dfb4ec4f29a11a98e4b0cacb5fea77d77b8f2793fdb37efae6e7988bcb7d7932738faec765094513da1965273a72de35ff54048e9ebcff15cbfabf2f06ea81946af7b098f47b55051122bd926e24023a44b3508f255b090c57651b8e2b755e91b39266942f39c6dee7c491d7026287c5f609189d9e4c7871212b46cbafcd0ed42483ccbbd2ed2dc20f7e07a2a8b846be02ebd75e071d1cb24d8c478784dbe5c222d6e112ba40567cb03db95892b46ea34604ecaa3d8476e2c1a37e3235a1ad827b3a083ce25a7ed480a71848d8fe1245bcb5343bbb5c4677eab2a29b1263a8d4e81d24f7b6eeecd844841d63688cb5957553df823770465ce0d8fba189c038324c83a7563d7ceb194796dadb2b721954b169362a3b901ab88440bd6064b8dc89f400fd91fb21bf397afc0bb804fb58c593feb2903584f2b9aa6e5bba0331cd4eb18c78e1b5018d41da03aee330011910d149fa4874f313fd8afe82c3cae818db5a24e28e279e71dafa6d5fbc97f4fbf0dffcdb48f3c7b3960a97994e761c40234d7c449b76dd010e016b17f904a582199e3c27bde0f8af44804414c9c62ee0694a36f418a570c61503dc34fedae85e19bb6d5496a8b017d6c7cdc8c3977b5183d03a1d258ad592df2939e45c313949c86e4c1e0c7ec44577b9016072e151ac64358a2f0897837a3369b291f1bef41fbd065e811fd68f9b028659cc658fd94eeeaf451b96d27cb1d59b23d0fa7dae8876708f502b4c9fbd07d17109b5f0e4a7b9301b84d8f18fc6be7c8ed91322ab6e83790b29087cebd92f5b6d5ccf54fc72e20c136cd94ea8880a7242c2964899996aa3ce22b4ce3e7cfca5997040c6b904f9c4be9824ea8f8cf8ad55cae2ae42bf946b81b8e041a69857c293f92b3910266e808dc4405238da8db06fbed3c154513f77520ae25775f3cc08c09a1ee3863aec104fd51c3936fdc0663ed682eec969251c9ac51a73af7c1d7b1f6a5f74387912ab210284d06e8eff9b59a4ca251f41478ce8d8bc710246b30b7005942a3f0d6e4b3b08f0f9ab8755f5c1a3092a2810ae500ce93626b335c7c0b13a16cca4b74194e8703c602d0c4b3f40b15f1afd7c94f39cf0591a485f72791956069b2b3104b078cc3286cb743dafeab9e2b3022a646f655740343807b1711f2aec76ca8057a19d02dff669c41db378d1c45b0991e735eb96a34a950468e26ee34c5780cbe6ee4b255f31ba57c4927f749bb3df0eb562fae8d4b4054811386bb52f9b8bcbb3956813b30101df1254ce4cfe2792d5ba6c321ef9c445f284fb0b2ac1058ea303cbf034c0e4e5b7ced0b6a4cb20fd960c360b97490f4d3388bfe901a16b07a5c449ff28edb8e589778bdbdb02546f29580f8669f54b8304999635a81ae666428fc3d1834e997310481f22690a39ac58abaa73f9e8e9a9f008990a8a6a380b915ae444258fa7ecc938a4f4b014fe2bbe72afe97f18ec7704d319070349db6b814ccf10c17a2fad2888ac5d75883fe5f3a050ce854af7cb422e3e0f5c9b345f665fee9f6eeec3af6b71640210e9e0958887b522bcd86f926b4b7780de609daaf8412d51816820fb6a9f8cb36861fbe0f73b753f7672ffeec129359c3464805b993fd1e6d3d9647bc3c49f117ed8da090e44bfbe71909fda303b80b09ea0fa9974e1ced80c6ca24c4f64c7bea2725b9ef946d1eea503fe61e15c6840f76b8424f65bcacf2f82d99c46e1dd8accb0e32a9b104601df6a93503d4c0a850615127bddaae6d3c7bc2e2611b5085408696f38a5bae1ceb4dbc48d3f1909ba404d90749969fb808f331ee76a5646708d7933a130aef4aa5e993e230a45580f54244c783e6994b16d4f867b769f2cbdd229681cb30e35a7cd337d766133f9b1f19fc74d543fdb59bf7ef67e2038efe11987c3440eb76cd8d595a2f8762c239e18dd8e98d71d70255e1c067bdeab8b28dff95e1a3fecde1eab9cb17f6ee3b9e2ba048c2ce4a7b44171fd3d732c7013ef7ee867aabf09a4282608116b2c34e3cafdf5a25b60afe1c19e67f963f8e4b45174faaa8c81aacc647c5602a7b532d3aa0bfaf32684e891f64ed6bd562574dcdddcab4b93da5855b3a4e38721ad7e4c93ba673baede30785ab5e16c7263921a56832ea7e8354add05cd8b0120ab0dc033160ef8123b71aa158e98c07b5c10d0ae85604a2680d07592ca9f81516f2a3f4811f881d86679ae1d97177fc79a96203311a89376d14ef0fea6b8d28b140cd4d4d8b88fabab77dfb9f667a68ebe805562bb2b4c20f9ffb2d541a828e686b9427a4b5192559ff3fc91677c826c311b21d3b217094c0b8606ef3e4b940a4ff7b28e72ba64df670efd9f99da49d9081a412e6af9ea80cc3576398c68c87fa16a80708ab248ce0aaea81317e9b77ddd9036f4b3de8b2be316d29e9a0efa64ae6f6493b212a4a3cdaefc4ecd9c526c4741e53b0b06daea62fa2708684ec57f7f5a1011425c06e4d2ac3f298d085e4ae54c8fcb6b95714af39defeaea54bb9caee342b8f77dc71cca0323e9726fd8508572cb63a571adf2580c6050188df9a2d8c451c8190a8541814ba0a415a33bc7334db50bf8f4221de8ac7b8d882a68bc14a41b274924247120b821b7bad5dee4401d61dd3e47f135658d459495baf4e6a7c83a96af4b9fe68af47f41086090923dcd29cff37ff3c303949d5a2ba5a08db1892a76f7ff8f48b59f38743ec4c60aaa7cb585b8dad718ed9cb6cad31650ab0d01cc32ce32473ebfa88e35b883e7e9b8904c99f84ef7568577867ea8b9e22daa002e4fd241766248533c30bba08ad80f3998438c102ce38faccda7ea7e1bc05000249f409833bf92163c9905a6c1f1ef92498ff9a907c6ee77d466319f748a7fc9178dc00ef0d2fad45f8e51e4b7b4816235b7b2a10a48c797689f4074178e82581cd65d999832dbea03ae26d6e31e17b4a12d73649d5f99d7ff44879cc4e8457fe16f7334a3014e6107306ef49dcb4f2ffb9f55f00c59bbfdbdef42bcf58af1015077ec375a2ca710a2d42c553650f77776bff6fa7220b6ff8749e189b200bc7d153bc77557593db1b23472aa6d3a23d2bd3b1f8b756096a59edf2c1150db177e518d3d4786838fcd56ad317aa40f2b6363875d1b53403d727dd0dee06a6ea2fa0b98eb8aa4964a8109eefb2a261348ccd3e166dc8d81e94f427a7c4fabd9cfc2c80afef1f093f28c4c6682345824da922f8f992a18fff4084fc902ce25635c7002d44141771274968aec50e81d521bb6beca6b4c3ad3e8cc73f99d4b496623e5f5e7c95745d8f7c3e5353b92e15ed0689427dd3884fa2d02f36cfcec55637927c5e38a7949700bd9008c4de6e7aa35d54b4d04e47e969f3e4bf1842a914baf92e8f21d1c0cd65ddee72f5e1b0c7bfcbd64f6e99929b2390760bb6226f80f15483f8fca7b3bf46c56a39cec1c50e54e72890e2fea924006b83f3a5fda6782df3ff9066043fc9618b75c59b40bf590f8785c8fd52f7deb10d461eb6826604cd766f913d3fd01de35bdb486306e73a73bcccaff17de4ea82ae7dc34939bb7d79c7342cbe0f524432122c3813f42595555854781e5d509de30a8561f7cd2df6625a6c4fdc2e169d8a8833e074ce9b7ddf4a80afb233898fc89fb1533a53216c8524a05900ce1af832724fd2e9a2724599fbb2981f8f63ad484c46bcfb45752325ef508d4c010f81610699cf912bede44f5c3b6bf8c923f37e7e040322cc27166734c620c5cf5b6796bfecc9dd63cde12ade5499b942765d36dc57e27a475a98fd31894c28f82cb049d3db6879146440fc3b676b3f468dbd5cb6b9b2b39b10596652fe1fc43d2ece0a20de8ae2ffca5b6b1dade4ef66c9cb894d6a79f15a996e79148f048c72f5b24fcb3a98e419e7758c34e26f00d461eb7debc07950fe26f2f24510792746f388b59dc1c4ede01d6dba959af61565655bbe9bf01f0938f1e71d4a71385c86b5898ab8656889a21e10ac9892e22181622a64b26531ce7b65859d8ff41f586c7cfe27d92e9105ecb455f94262b6b6d996398d2699f797e4501f41c68c52872e88a2c61d02aed030c7c2dc48d84a2ffd910ec1f60339ec738223ab5f897f80104a4b4ce72cc901b49148d1c3217cd5896c89e45def76ae91fa202f8a3cc13f2d9ff5c9752fbbab985d47af8684071fb147cf90791a9b374e6a9be37899a012d3dd8e7aeccf8e812215b3b6bb07de5e0c2698b1eedff6dd9c148554899cdfb6b0343fa977b0505bb212592a4f63fdae1f0e2942c5d6e0bb43aad8ca003def06c483a8a0e8159f3b260c7bda2ad60377d07af3f4399177b284683b61aa25f0fa452ed6e734618b5fc891f16e93036e8b44657696c0d72beaefa6db971c39d022019f45764ffac838b5a5d9426a3fe58d4d46ffaca5ac67cac16a3e2d2d6f10c6192dd84ba95ebdebcd89b577964e9abfe7bc6bad5b8efa7c0e373a1d4898b478368b2b86f5d677f887e1617e3bff3bb319a012eafe3a672c3311166d722c223af071aefc3430d91910d7842be2224c50a2cae83210322af110cb8326f003c0081f32b8d63a48abc72522b9e81ee4927936d75bfc7eefe25aa8388cf87cdbdd9da963bd48aeb8bd5aab8d4f63a92346122d0d7b0c015a3aa7b65b1f9ab38b9cf5cadf580d1e3e40051f949714317b7d258481d05f6a9ad93a5b8f62dec83a9a3096ae7514d2c484778cefc3491f8f1567b410b82441ae52d5f9270b15fd978fd18106b531c159bb45d2553310797b3ab483fd1d2146b95bb66fa8a82e52d3673c70d5fc9d6e6a8a57d83f24d3b82374763b74dc643bb867e6dda4970fe8ce9b216571372412c4089c9a2ee3c2b03aca35ea50ffddec3794f36e1d8ef1724b47983007c7ec198f4043e0991a58d038e30bd12a0ec5962bc8bd7930294aa844a97ae94590f534bf026bb8d3a7cc0f4a23bd991e04aed964251f5948de09718e64a2b38214432947f196ebe11a5019e9b1570a33581b2825574f54cbacd9907a6273b212d6f03bbcf5d2f4fdfa961eba9b5e3d9a6fd117b9659e6fab780fbdd18e410302fccd2ef92c0b401f362de6a698a6573f6063f4c9a2108c02345ce5ef45c5abe3ba2fd4a20a14f842414a89fb35aeefba597b18b2150ee0bb2f435e68720f382cadf546d5f481c2eb72c304565b37a774ca363ee62d1eb00390cef9b91dc9a5025c00c5c7082078df132a134759ef96dc0807fb4eaef84365b5f00c805ccbd53fc73fd8a4605aa9475ff92157d894df3fb47d98815a11be1eb647c7e0fefc29a965b824440796473ea7bf8942f4913754e2fc743f3b1092f2f0e054b3c26a38b4950a75416cbd00bac709f8bd418e42c66d028d806424b8025e8c7c4c24a1d8a93f8c4c014e7826d8e79efbeccb054e9a54e72266ae169e7824eaa9eec2aa90e660aa19b3708ab1199386e4405ac5186f0f6bbd0143c443cd07b2f9b444421a14780f2cb2244daddb75ed703c0162d316ffcb7a1f49c0600", @typed={0x8, 0x3, 0x0, 0x0, @fd}]}, @generic="a0e835ca05e1f20d1da5d26adbf28acf15773e510c1a328eaf64c1dc961b684815d86863f6b4734e0c8f2611df9246acff35165a2dc9894496adbdd12e812d93240d2f27e6b4c673a61060da1708c3ad54ade3e808e24645a027e7905b08cdbc53f76b5b11b2ef9acbb389281321a44caca9fbc3955405571961ab27691cdd444bdc26b2ec55f47f5cbd77ed5b804beb7a840239fd3a567b44adf9f999634c266fa36442434ddac6bc895854a0e4ed2d9d38f23151558f30e472ca228b3bea83fb55e2d219cbb1b4e85622f902473f179095aa50657d2afb385aa0", @nested={0x108f, 0x59, 0x0, 0x1, [@generic="e9afe18df211ef716d02b878d324d0c91097de5ab01bc3b505f375390f19644fe2136809e669cd3e9cc32d0328f93d4ccb5947d0b4fb93d954398ce7f0c074218954fc7267b76b5653c7cc9d4a7ed467d1d6", @typed={0x8, 0x61, 0x0, 0x0, @u32=0x3}, @typed={0x14, 0x6b, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x20}}, @generic="7d8140b260a7674446f752f3af566b23177facedc82686b25a264ee021", @generic="12de524b14a884b07ebdf8263740a331fc45b719f319f9329cfaaf5f6400face2c8369f093ddc13d8d1456559eb26a8d7f737e5206da00a9b6afbe3849a991bc266d735d4b43f2fb917d3603203ea996dc15cf3f7b4fe6b9162fc2851f0e9a0f322d7ee5dea812992168680c6e35547da821c1604fb982292a1a9a83073a27bdd8d02150018e992bc55807f2d66ea5d5535e85f029945ad408ada81b53220507e9106b7d3b56ff71a8979adad109d9495ed07d0505cb7708f32ab68ed0bdd78a035e3c795997f87d7f43da75365c122089019a65857d20ccf66cf302c9271f00b484ae069536ac60c058a0427997ec9e4f0b30a4733d3e83ac8e0d2a5b134d1f97658b3c13d90519f9072683f77cd5576257740008e6d706dd11e106555e2757f76febc77acd3002f54a4e5d434d08dd14712390d82338c90a49684dc1f9c41c7d193f31db2eed214d025c67340d3ee6c17e87d50873ac0fd8d6c9132ad32aff8b5b728db669ab670502aa4687590bd565ad722cded74276e548d70c71b078a1576ede4ab9a359661757b8d375388c7c4c09b5941a2419d51648535cd4a88870870746dc132396a213203e3dc6a4878231e449c51eae0d8670cd838084b0c5d061b1b92ce693bd89f76497b8464991fc5acc6fd457b44714403549ceeb706b2c85d8e3aece8f63899a3508b730cd50193e0150084e66eaa8f49aacdacf6087ac13719585a1e6a5f6ee03e2d4f6f95dcbf4ff3661ab8e5844f35ce2dee53e1c68d36613585029a66859f7a53f2074219ee85832b798e804b88dc085943dc86a865e552484383f677fc15d3c18a42d1ddb9b2906085761e147479be37e10c2e651c414c99b7e8d232acdd1fd0054cd042644437565a6b09b4762b5610e4682273758ce9e05099f14cf8a3b9d76bedb3ef714d5c0e425b94c1016d590027d07f4b3eabf6600d70d1fab524c4c749a7e3f64855647c22cf9ddadd2d6a55e4b60b3b9b0b0c9276e31472feed8d9f1b5d82e6df2221208e568bde7a392e89ff36e0669cc7c1c7063f1e00c6c48271f3d9046be8a0ac90c4229636c3742515bd935d43929a97e8b5e4ed8933f8e757ee4a9a9e67d90769b5018ee9820a591b292ce836029317890f8a30bd887ced2193af85fa6696ecb99d570f69dd44dfa6f673f75d623965fc8ed4548c5102e02fe2c2967ba928ff998c177c2140dce88982bf14db54127651ae25d7bda4f6e1fdbfbe51949a83914d2815593013cafd7535f7b24fc95300aef33d6b29091b012a55b4f5f3ca97c5f762942691f19f3895f6f82f8bb1154069c1312db9913733dc40fbbedb63171946f74831df8811c5f7647c57ecbc0f7e3fe2bd761e2af7c1c2db75735196723dca8feb1a72c77c6e44aa22e7a85dcd16dcbac3fcfd43f5b655dd780eb5273811037957dc6f655c0a4fcc8c500cdc6d1e7dc30d9cb778d768017ff60b7061e726f9d3a6cd44860c20ff92fa97a0b9736bd5c2f0ea1e5fdb85dd8fb23cade2d9805d04540b84c0dd09dbd89a625e47f4d1d9a2838fa90d2dc042a3db859b3d7739fad2fd8ed3c60bc08d15fb4d67a2b27149a7e666db117efa37f9189bc41b4788811a83aa16e37314c0519184eedafbb9165fb28bdedf9e2eef7c780190c54c8e7a3d7378f40501645506dc6d5be91ce0098b691c12b7d550b2d8c8d5e94e5185c5efef45a2335f6f24d87f50db1cafb0d13fc98aeeac97f1db3444cecc20e355d8aaec61fc398118b63afde8f8ee80528e54813803268153ca326e1258f5b9db59285f84fe6aacf5de265cb33d512d982e745b4281943a1343f7a082a86240d9314d60d869e4d32d4cc78b31a68b6e899ddce819bc3213ab4c4d25d176c2daa3fa2c5ecf64477e5575046018d975a4a0969c1264d249434f0da4dd064afef495a60c38ca532d32337dd5f12f2825d55fffdfb076b2dcad53bec7a099a530ba1c365b36dff8e57a8a2354e14eae5722d0881b4b412293d094a87fd79beb75b7b5566d6f1c5913af35155373d563da3b391d5e920fd9f6e53157179d480674d8a66c20f79a5cffa05ed371ed9429fbb4b323ebb79cfa99155d2ed33a03eb5eadfcd8e689099ea99a1d27c2e684882f3192490616056b074abb6e7b20e1a390b477b5227b1339a25f174ac251e9d37e3623ac8a561926359e8946c9e52816447a748f76b62adaa36a2187b05f9d3ea7d080bbfeb38ef361a6a608b23adcd818b9290988e75ae1389068557f34ce3f43d9a75ebe295c135a0dd432fd0315400196b819ee6881da2e43931b99f4e9d2b81d7258a398f0332a8533b373e171810f5ccf23a6ad050ccf0d9ce6a96f414328ac8fef2735452fc47b4809e5818f3177e78fd4ec26d0020f9dac6d42d225d3e0479157d9fd082986d3e1d8f0d90f02db14261c0add65c5d5c76247425504fab8e6225e5297c2bbcbf9d857fc0db1af717445cda785de806dbdd5aeb05818dee707c44c8b7257d92cd879999fd48759c4adabcfcc7f0a0a7c7bafb24ad87cdab070cdf31e3e9ddb0ef311f003984b3834f3fc038bdff84c8594b351b62ab044c5f54ba458f194c772953565cc8f1bce11fdb92ba850afc8848a6cd0f69b33cb586b478d9ab0fa71628c6a9ac3818dc3e91f32dfbe4327b6b05fec0a8fa030766da9b53c6530fa160431879acc2cad4c23915ebfc97c02d51657c20b3eb587fcff98fa9c1bb05937107a49ea1c7ad6141dcc96bc4de6a99cae19e04c7a0e5b04e6188e1bf740f919555eab414a492d24d875ed9d90a440256bca51c7ca1ff134d83b1405cc71903273297629f7dc0a45a4d52c8d852280a826561d3d393aac18d2420c5118e8b86250f25645865c339e969c5e21bba7db7b7851eddd1d654851950dbb0a61dc48f0efadc2c75f92eee1a356eceeeaa88b8d7b6dd683ed97c236ece817d7cb28ca9151d2c3869bba161ef2b2de322d52804e618fcd085c51073affa446bf31adcbb7133ff8e7f1e83ec47fd0206a08adfa9cd089d72cfcbd650bfa1cbbcd25c7695d553996a5ffb7c684f0d2393be2800bad7035c947ea595b452ca45d4d73487f748bbc5084361b8da0b628a2838366a181d778dfc91eeaba19fdc52b44d599f9f39a824cdd5f9f4e6c9b9e326c84791b176ce86a4546242bd5424ace812680d77abaaf7dd5a94b910091976ebaa2d17e6f3000101f99491f32e224c443c2ca5245136e5ff2beb86c23f05216e877f8fab8000d6fa927bc3013d637f4382eb3d1524f6a3aeeb62c782375cb19c5e7d7922ec851f5051c548d97d7d5b54f76bd64577753b5c2919f4733ab22b5bf6da9a9384f377173eeb498fd16b70f59a4752bbd16eb296cece3bacbe8ab74133e3bb84822b2e233b07eb2ff453dc34ea89688f99fe279eac537e599ffe610479d2e03fef2089b4cd0b00c9c8a4c76822d87577e42b5ab85c6f6176d42d5cff59e2300f3fef89d572f69d6d60bfda63d447de8041e3213934aacae933930a4e987fd50ba43868cdc8d9015ac0650da97ad8e8f2f58f4732661e3604f76910a980d3965fdc28caabc8b313890998c338a6b0c089ed989fa2c9a6f6d3d0f78e1023a6c67006f03bada0119cd424c7e7e0e3971024006bb4ea9e244e10899c3c584dc7ee93d2ca12204fea761505e89d0e637780a05483e8bfcd126aa327cf4633a7207558aad9480ef0d4da81985b783dea8260c0a3aa58d07d012433f9974e8bb017ff0a41f04c836c225454fd993a5d5ef873ca7e5e57a31d69f506656222cbdf73423f45776765772876ed28217cdeb6067bf65c1b59f2706e6cf0f5f587e93d4bdc5c90e0fcdf7d6de311711998501a369da2423e7d08f4f6e3e56a63c67beeb3f1ac89df56f0050afa898afe4fdcab0f14aa5f3ea2c8c945425067e3f8cbd27a92c0f55224c6d8fcd388ce3c3de7dd07cade1ba2300d0d818d1feb93c1fc6e11c9de007b943191744896b022abdb6ac24500182abe10a794f7658e07eeb028754987f38710094ce0e2a23535854ec05b3e9a3dcaa76db409fb7f2e7cd3473b7b5d74a15585e1545f0598c6731382604c44c78e90d973fa77961a86baca00bc792ee1c079a4ea4b4003629678dbd177ed2d2300e49e37e634a48bb1af3698dad71a5f4f9eafa96865437284c0b71a36b5b8bab480d4907f6c9cb19f547c73b8509900e9d43397ddbafe3e5c65eb22319006adca4376caadb81aa19b295acc33d5ba20cd7162b810e025d7394797b00556428aaab17d024383649a88ec02c9ae8c4e04cbe8f270d3c90f0bf52f4b1aa447f277ec4f0a81353973a8b52b3c97c90e160acea478a204abefeedec6f695434d920bc221b5c9dc5c5e7c29ba71445b3fceea3881f887eaa8efb7ca9bb0688810673f173bb9762883e4d90b45df052257bb1bc207767020c8920418f2b57af8fc044b0d41f84e884b32d5905484362826bd4ab8c93d7985964cbae26e9aad98cd9d2f4c7563420e99508dfed3d02898668000ee1304ed225c49aa734ebd99105b786ee2375d7cbbd3086a41caf35e3aac0d6294fd8fc46459ed340c189166f519103caa41a4b09902eef7d6abf19b3a309a479d16c6e3ed010d173bd687b9c4a7a0397e25147f2205e78a3a5b137624489688021116f52bba708cbb05cbb9cf2982ab1f24db63df40b904017c18896580a48257e82e88ee184be4c14e7b56ce66b059494bad6c98e8905a51a541e54835f91bea1912bad4d7e5e97b79961c546fe92d28db49c1cc2cf9579ac26783e31bd15c913b019172fc0bb215492cbc0ded36d6bef31583f1aee77d98d9ee248bc1db05c6a27289c2d0e1e3f83b2feef96e26d57576dae50e7cfbdbc2d01ec322e15591b65c7eb022f13b86c384229184d700beca9680b9f61ddc78274696f9156ed019c46718b1dcc16bcede554d53ab7e749bf36d71893cfb7374eed7194ee023fad1b64e2ceff09d648570b17c688968549b2c3c4dac17918dbec6716e6191de06efd72ece7de566786b4bf2754a2bdc024b09d6a29561c76b10e03878840969296c8052bcb81ede7e166aec9f4a196c2e6ec5ceb3dc4108bae60d1c1aaf2c88877ecaac04bd4cbec0caa2e955463b8ac0a4cc671b553d38716ed57e4245a8a274b5151b4b1c8bdc37ee86e6dd0ccbd592bdac9bbc37cbe5a4c1de52e1f5cb24f7047a36951a2ee19cc6438f6e32711dcc9d277b6c4ee5214d0b9d6a808a2ec7595e576dfdc48dfd34c5777239a6d489206ccc6fd3a63307ca47cba28a44e83ff3c2c64006a0818921f46adcc08ef619b9de5bbcb6a1fd0f96fb22628c757a68c92c6531e7f61f89b656e28984b11c7e5247461a913b89412a635841da15cf096842ae31296f09613c000c840a7fbd094ce82734aa8a50edd0ba363e50b0f6383f9748989b06ef4efc7829719f6d9e1aa6d4ae240256bb0cd555c15b88d97bb4b4cc858cb1a0de4e1ff5bc94d6de56ccc106a3de2c27c23348fa25b55f798ed213c2b6e35c470faec42d73a137126f2b4e93d9f07f2b5d45e0386b9f6f428c6f58eaa6db23ab5016ca660f59a8af5c7c7d414f28a22e03bf3bee6b8574b6676b39b6b739364026cb0ac8843486d4fa18f4813aa02fcaf08754cf88def51cc1a5e6b2a7ce0146a33fbae090f85f97311e15b1b6dcc3f84e6907b9ce59004c50d11e8080cd467972def28f37525185e4a03e3fa34016f5731b647827004ca793710f09a4c5cab42cc4c7eee77ad25eeccfc832d92eea208de5d96347a37d1fed8e23115040e6874bbcbcaf0f"]}, @nested={0xc, 0x2b, 0x0, 0x1, [@typed={0x8, 0x70, 0x0, 0x0, @fd=r2}]}, @nested={0x3f, 0x8c, 0x0, 0x1, [@generic, @generic="f667bd5cbc9934725c118d3b9f93ed9bff8b56911d1c985879bd0e7bbea565eb26407b9997cee596a99d09", @typed={0x8, 0x2e, 0x0, 0x0, @fd}, @typed={0x8, 0x62, 0x0, 0x0, @uid}]}]}, 0x232c}], 0x2, &(0x7f0000003080)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r1, r5, r6}}}], 0xa8, 0x4000080}, 0x40011)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
lsetxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x1)
chroot(&(0x7f0000000100)='./file1\x00')

00:12:58 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 8)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:12:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401001110000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:12:58 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401271f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000e000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2650.963447] audit: type=1326 audit(1716336778.220:4145): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55061 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:12:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401231110000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2650.967788] audit: type=1326 audit(1716336778.220:4146): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55061 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.026062] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=14 sclass=netlink_xfrm_socket pid=55376 comm=syz-executor.1
00:12:58 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000280)={0x2, &(0x7f00000001c0)=[{0x7fff, 0x1, 0x5, 0x10000}, {0x1, 0x81, 0x0, 0x100}]}, 0x10)
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0xcd03, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x85, 0x9, 0x20}, {0x4ff, 0xc1, 0x1, 0x5}, {0x9, 0x1f, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x0, 0x7c, 0x6, 0x7}]})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r2=>r1, {0x4}}, './file1/../file0\x00'})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0}, &(0x7f0000000100)=0x14, 0xfa1a43a8818f0c40)
setsockopt$inet_mreqn(r4, 0x0, 0x24, &(0x7f00000000c0)={@broadcast, @private=0xa010101, r5}, 0xc)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0}, &(0x7f0000000100)=0x14, 0xfa1a43a8818f0c40)
setsockopt$inet_mreqn(r6, 0x0, 0x24, &(0x7f00000000c0)={@broadcast, @private=0xa010101, r7}, 0xc)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r3, 0x0, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x44}, 0x1, 0x0, 0x0, 0xd9ac5d3f7f422d78}, 0x200040cc)
chroot(&(0x7f0000000100)='./file1\x00')

[ 2651.037824] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=14 sclass=netlink_xfrm_socket pid=55403 comm=syz-executor.1
[ 2651.059477] audit: type=1326 audit(1716336778.316:4147): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.070576] audit: type=1326 audit(1716336778.316:4148): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.074279] audit: type=1326 audit(1716336778.319:4149): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:12:58 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84011f2710000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:58 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 9)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:12:58 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 8)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:12:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401d82010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2651.109054] audit: type=1326 audit(1716336778.319:4150): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.132211] audit: type=1326 audit(1716336778.319:4151): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.140890] FAULT_INJECTION: forcing a failure.
[ 2651.140890] name failslab, interval 1, probability 0, space 0, times 0
[ 2651.142059] CPU: 0 PID: 55499 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2651.142683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2651.143410] Call Trace:
[ 2651.143652]  dump_stack+0x107/0x167
[ 2651.143978]  should_fail.cold+0x5/0xa
[ 2651.144319]  ? create_object.isra.0+0x3a/0xa20
[ 2651.144728]  should_failslab+0x5/0x20
[ 2651.145073]  kmem_cache_alloc+0x5b/0x310
[ 2651.145442]  create_object.isra.0+0x3a/0xa20
[ 2651.145833]  kmemleak_alloc_percpu+0xa0/0x100
[ 2651.146237]  pcpu_alloc+0x4e2/0x1240
[ 2651.146593]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 2651.147015]  percpu_ref_init+0x31/0x3d0
[ 2651.147384]  cgroup_mkdir+0x28b/0xf50
[ 2651.147725]  ? cgroup_destroy_locked+0x710/0x710
[ 2651.148152]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2651.148521]  vfs_mkdir+0x493/0x700
[ 2651.148843]  do_mkdirat+0x150/0x2b0
[ 2651.149172]  ? user_path_create+0xf0/0xf0
[ 2651.149543]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2651.149935] audit: type=1326 audit(1716336778.319:4152): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.150012]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2651.153525]  do_syscall_64+0x33/0x40
[ 2651.153857]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2651.154312] RIP: 0033:0x7f72960ceb19
[ 2651.154647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2651.156256] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2651.156922] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2651.157550] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2651.158177] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2651.158815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2651.159452] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2651.172736] audit: type=1326 audit(1716336778.371:4153): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:12:58 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r1=>r0, {0x5}}, './file0\x00'})
r2 = fsmount(0xffffffffffffffff, 0x0, 0x8c)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000b80)={{0x1, 0x1, 0x18, r2, {r0}}, './file0\x00'})
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x7f, 0xa, &(0x7f00000009c0)=[{&(0x7f0000000180)="8bcb673c4f3457ab480ecd7f8f8838b8d039d8ece6c7434aacedf4eca0dc017451bb214706d68cb1a147b5fa926bca9cb786a620e84172809d6b34c33ddea66c12967ba188275841928356132675ea06736297037dea8a210ec316f7437b9149d2fcb595edd6d3a55b316082e5b56612f1613227080f87", 0x77, 0x8}, {&(0x7f0000000280)="91684e7c5a2321f8833a28d6cf68055a8461554cac18af6c161f31cadab8813ade753e7a6c687b91184c7eaaa85d00aa5cade65bf3596d1678344d81ae71c0f8a40f3881fb27018a", 0x48, 0x1000}, {&(0x7f0000000300)="a03c3aff185c542ab75f9bab71c6b74c70779150d88ad0c342b12d8fd6a808c87072a7c9fced265c45fa298bd1d6b6e82cc3866047c6b62023ef66ef6e1f4b32ccfb006a5a1f8d7ce465951405f8fff437848a2143b190c4cf46c5f735f30ef543a232e35ee18d833a7a5851ecdbe431d7ca116cf26791f7ee0a7c398eb506460a429c17623310d08a9c75a637ca1b72ba63cc983547b27a1cfc50745e595e02c3af38ed8284e957d51598b71eb72002c1499fa8ee31cca52e3f600d0444eac89dff3f49439ee70d", 0xc8, 0xfffffffffffff000}, {&(0x7f0000000400)="5b7f7287f6cdf3a896a1e39289902ea799220048d3635924d5cc6c7c662051366cd5950c97b818e4a9d384e9d348718f46c7dfd17430141fb7be4264ec83460c6d5b2fa8fb1689492dee73e67ecae17f3d2999a394003c7f92f5b63a02cabf88a6a8d842b1a0721907bd2a1d1173bfae10aea21c12", 0x75, 0x9}, {&(0x7f0000000480)="f796e619324d018deb48ef1f276d6431fa88f82396452369bc4d736c7c6f35db0886c4b3ba8dda35773e681494dd2a9dd3224184d936f0144dfc5c3bf0aa0182e47dd1d6aad867968abb199869f535bf03d342f33cb97ffc8bfc270af13d143b5bd2537ed080f458109af91dcb92498a82bdba48f0c0912fa34c439a73234ae3eb57da337be0d26af6289f7b7a94f07956da2cf70c5ffd5c1218dcb6bf8de45f24d2632b5c2f10d71c79bf8a8558b121e27812b26994dea594f1", 0xba, 0x7f}, {&(0x7f0000000540)="eeea6ae9d855af59ebee1fc39ce84ed993b8850b9bbe1a475323e570aec5f4095beba5a42bbbe17fe628f0f56097afb01b7cff15eebbe6edf4c7787d23c221ac41aa37b02d7ec1c7ac865607d98398d220194aaa55b8a2a78aca98331c7d6bff8a736fcff32dfffea0fc53173ea479f96c7db77b0192bc3892a065b3e085ffe6c8e421fca73571ecc22a5fca4db4b178d14105f7f4136e", 0x97, 0x3}, {&(0x7f0000000600)="3b57cc147f6a0fc15a43ed01263123309e7586622f6182dc4b15526eb86d2dbb5a88ccb4e22823269256c0d402d95029f59a764bdd13e23b80c41521b15f0beb103df99042a6b0d72f142d2b1de74261e7829b18dfb3f92ff18f5742a410d224a4c1b15b57c5aa4bc33003dbdc531c95183bd6382d08d1e54dd2dab5f18b97547dc434132b0d0169b1c3def50778f93ef39ba27deced788e150555b3946c5c81e8e51df1120cada6d3ca96c74c62516b33b0f2", 0xb3, 0x3}, {&(0x7f00000006c0)="7f6ac8bbf45dcaa4407b48f3a56c41ebd5793d7eb2e75eea3db30c1264f46a7e9195b28e1a0964029f1455fa2ca104d54050ca83c55445aef676873e0ed14affdcfeba19c1e39acaaa1f4292e33c028d481c11a0e8bdac5eee1237e9275c34c7bf5c370239a9f45230133d64d9c0455faa2f98554050fddf6202a4f6751f82cd476ad684becefacb444fb2749e9e55192e0a577162de2e037ab20f3e32adfe39056a3f584315b566521c0d37c394290e5ae98c2e9390deecb272ec8769f68e5da42726c03e73704cb7b60a98fffa85c84c6fa56be2728175d19410882019466882", 0xe1, 0xfffffffffffffffc}, {&(0x7f00000007c0)="d18ec409f14ea08bad65b64fd4939b4fb1d0b8a09e49a2a2a4f919de8d02229b5df2615ed3b77ecf9e2e64a443365d5dc586e4b1c0b4950fbbe9eb43a6f0bad6e25837ce457351a6818b1325c9ba7f7f9f2a43b6128ff99db9ceee45e70086582d27b4bcd099f7853306949c59b6bae4f5c9984a86e48d58e0502e1e54bd36d15de22b17265bd4c3127476a7b3a261cfe88e3ef695f9d70010e379db3f36c5c383fe4c2ce70b45f7a63423386f46cb0c4a47a7870cbf04c69ef88c259d36fa18fa1d1f008cf0eb3b2c9b6388e18a3bc8827d8f140faa7b7d1357baeaed18aaa1949a0fadfb4d4f32a60176e9330de69795caedd47fbe9bea", 0xf8, 0x2a9e}, {&(0x7f00000008c0)="5f4f2e73939f541cc7844e3d37d78487f3fb81a6e22fbe38daf39545f6a6777a0364ce4d7e7ff715aef6c9d85ac865c447aba69233c12ac6b921076b7189d3884e6383938a1633e32a37429338c2d0d0c6e34bc9043aede7940eafd77191abd7ea89dd25c1e91b1f597998f38fe1374b134fb118624eeefbf266fef6362ce86f058c72ba06955f02167d3efae9de70462081a4ec6a75a18e7f0bb6427525e2bbe0fb6b3928cb93a9cd20ed2d3c4bc20d1d77e6e844b2c0f606d33af1eb4fdd2ae4", 0xc1, 0x6}], 0x80a002, &(0x7f0000000ac0)={[{@huge_always}, {@huge_advise}, {@mode={'mode', 0x3d, 0x7fff}}, {@huge_never}, {@nr_blocks={'nr_blocks', 0x3d, [0x31, 0x78, 0x70]}}, {@nr_inodes={'nr_inodes', 0x3d, [0x7, 0x37]}}, {@huge_never}, {@huge_never}, {@huge_within_size}], [{@func={'func', 0x3d, 'MODULE_CHECK'}}]})
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r3 = fork()
ptrace$setopts(0x4206, r3, 0x10001, 0x0)
ptrace(0x10, r3)

00:12:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000f000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:12:58 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2651.196531] audit: type=1326 audit(1716336778.372:4154): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=55402 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2651.215309] FAULT_INJECTION: forcing a failure.
[ 2651.215309] name failslab, interval 1, probability 0, space 0, times 0
[ 2651.217279] CPU: 1 PID: 55661 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2651.218303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2651.219523] Call Trace:
[ 2651.219928]  dump_stack+0x107/0x167
[ 2651.220474]  should_fail.cold+0x5/0xa
[ 2651.221044]  ? avc_has_extended_perms+0xf40/0xf40
[ 2651.221763]  ? create_object.isra.0+0x3a/0xa20
[ 2651.222450]  should_failslab+0x5/0x20
[ 2651.223018]  kmem_cache_alloc+0x5b/0x310
[ 2651.223417] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=55693 comm=syz-executor.1
[ 2651.223628]  create_object.isra.0+0x3a/0xa20
[ 2651.225328]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2651.226086]  kmem_cache_alloc+0x159/0x310
[ 2651.226721]  xfrm_state_alloc+0x21/0x4e0
[ 2651.227329]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 2651.228091]  xfrm_add_sa+0xd3b/0x3510
[ 2651.228670]  ? xfrm_send_acquire+0xad0/0xad0
[ 2651.229325]  ? security_capable+0x95/0xc0
[ 2651.229952]  ? __nla_parse+0x3e/0x50
[ 2651.230516]  ? xfrm_send_acquire+0xad0/0xad0
[ 2651.231156]  xfrm_user_rcv_msg+0x416/0x830
[ 2651.231780]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2651.232572]  ? __mutex_lock+0x4fe/0x10b0
[ 2651.233177]  ? lock_acquire+0x197/0x470
[ 2651.233765]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2651.234433]  netlink_rcv_skb+0x14b/0x430
[ 2651.235040]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2651.235754]  ? netlink_ack+0xab0/0xab0
[ 2651.236328]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2651.236594] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=55703 comm=syz-executor.1
[ 2651.237008]  xfrm_netlink_rcv+0x6b/0x90
[ 2651.237028]  netlink_unicast+0x549/0x7f0
[ 2651.239230]  ? netlink_attachskb+0x870/0x870
[ 2651.239886]  netlink_sendmsg+0x90f/0xdf0
[ 2651.240496]  ? netlink_unicast+0x7f0/0x7f0
[ 2651.241135]  ? netlink_unicast+0x7f0/0x7f0
[ 2651.241767]  __sock_sendmsg+0x154/0x190
[ 2651.242358]  ____sys_sendmsg+0x70d/0x870
[ 2651.242969]  ? sock_write_iter+0x3d0/0x3d0
00:12:58 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r1 = fork()
ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000340)={{r0}, 0x6, &(0x7f0000000300)=[0x1, 0x9, 0x9, 0x27f7cf3, 0x100000001, 0x6], 0x200, 0x6, [0x8, 0xea, 0xd69, 0x10001]})
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
mount$bind(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x10000, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2651.243719]  ? do_recvmmsg+0x6d0/0x6d0
[ 2651.244310]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2651.245079]  ? lock_downgrade+0x6d0/0x6d0
[ 2651.245696]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2651.246463]  ? SOFTIRQ_verbose+0x10/0x10
[ 2651.247074]  ___sys_sendmsg+0xf3/0x170
[ 2651.247645]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2651.248326]  ? lock_downgrade+0x6d0/0x6d0
[ 2651.248939]  ? find_held_lock+0x2c/0x110
[ 2651.249550]  ? __fget_files+0x296/0x4c0
[ 2651.250148]  ? __fget_light+0xea/0x290
[ 2651.250728]  __sys_sendmsg+0xe5/0x1b0
[ 2651.251298]  ? __sys_sendmsg_sock+0x40/0x40
[ 2651.251925]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2651.252632]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2651.253407]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2651.254155]  ? trace_hardirqs_on+0x5b/0x180
[ 2651.254795]  do_syscall_64+0x33/0x40
[ 2651.255341]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2651.256090] RIP: 0033:0x7f87f21a2b19
00:12:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401112310000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2651.256633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2651.259449] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2651.260539] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2651.261583] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2651.262625] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2651.263663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2651.264701] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:12:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000011000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2651.324146] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2651.334217] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
00:13:15 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000012000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:15 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401003f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2667.787968] kauditd_printk_skb: 8 callbacks suppressed
[ 2667.787990] audit: type=1326 audit(1716336795.044:4163): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.792843] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2667.804247] audit: type=1326 audit(1716336795.045:4164): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.814897] FAULT_INJECTION: forcing a failure.
[ 2667.814897] name failslab, interval 1, probability 0, space 0, times 0
[ 2667.816130] CPU: 0 PID: 56038 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2667.816960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2667.817697] Call Trace:
[ 2667.817942]  dump_stack+0x107/0x167
[ 2667.818261]  should_fail.cold+0x5/0xa
[ 2667.818603]  should_failslab+0x5/0x20
[ 2667.818945]  __kmalloc_track_caller+0x79/0x370
[ 2667.819348]  ? xfrm_add_sa+0x19a5/0x3510
[ 2667.819704]  kmemdup+0x23/0x50
[ 2667.819992]  xfrm_add_sa+0x19a5/0x3510
[ 2667.820339]  ? xfrm_send_acquire+0xad0/0xad0
[ 2667.820729]  ? security_capable+0x95/0xc0
[ 2667.821107]  ? __nla_parse+0x3e/0x50
[ 2667.821430]  ? xfrm_send_acquire+0xad0/0xad0
[ 2667.821815]  xfrm_user_rcv_msg+0x416/0x830
[ 2667.822191]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2667.822625] audit: type=1326 audit(1716336795.045:4165): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.822772] audit: type=1326 audit(1716336795.046:4166): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.824489]  ? __mutex_lock+0x4fe/0x10b0
[ 2667.824511]  ? lock_acquire+0x197/0x470
[ 2667.828832]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2667.829232]  netlink_rcv_skb+0x14b/0x430
[ 2667.829590]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2667.830036]  ? netlink_ack+0xab0/0xab0
[ 2667.830380]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2667.830796]  xfrm_netlink_rcv+0x6b/0x90
[ 2667.831143]  netlink_unicast+0x549/0x7f0
[ 2667.831505]  ? netlink_attachskb+0x870/0x870
[ 2667.831891]  netlink_sendmsg+0x90f/0xdf0
[ 2667.832248]  ? netlink_unicast+0x7f0/0x7f0
[ 2667.832623]  ? netlink_unicast+0x7f0/0x7f0
[ 2667.832992]  __sock_sendmsg+0x154/0x190
[ 2667.833344]  ____sys_sendmsg+0x70d/0x870
[ 2667.833712]  ? sock_write_iter+0x3d0/0x3d0
[ 2667.834085]  ? do_recvmmsg+0x6d0/0x6d0
[ 2667.834431]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2667.834900]  ? lock_downgrade+0x6d0/0x6d0
[ 2667.835269]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2667.835737]  ? SOFTIRQ_verbose+0x10/0x10
[ 2667.836099]  ___sys_sendmsg+0xf3/0x170
[ 2667.836453]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2667.836856]  ? lock_downgrade+0x6d0/0x6d0
[ 2667.837230]  ? find_held_lock+0x2c/0x110
[ 2667.837595]  ? __fget_files+0x296/0x4c0
[ 2667.837960]  ? __fget_light+0xea/0x290
[ 2667.838305]  __sys_sendmsg+0xe5/0x1b0
[ 2667.838642]  ? __sys_sendmsg_sock+0x40/0x40
[ 2667.839032]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2667.839454]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2667.839916]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2667.840371]  ? trace_hardirqs_on+0x5b/0x180
[ 2667.840747]  do_syscall_64+0x33/0x40
[ 2667.841076]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2667.841524] RIP: 0033:0x7f87f21a2b19
[ 2667.841848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2667.843439] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2667.844113] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2667.844746] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2667.845362] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2667.845982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2667.846600] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:13:15 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:13:15 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 10)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:13:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401003f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:13:15 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000180)='net/ip_tables_matches\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:13:15 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="27a9fe8941494c75342c80caba03f9ac508243951fcacd81b690b3923e28c45cbbbc11992fb9218175f081a3a9073715dd41163e8c94d24a6df588c657398b35e19f6999ce70f408f2f6b9d991cea7465b63ff7edeb66e6c1b4a465c50bc8d1ee7b4e728b0c917f2e870075d350807cd82ee7cfa6bd70818c3bce8d689b0de04a3dd45ddec48316f658f8f44d741ad90ffab91b8f73a76c03bee2b632e8bb00c9d7df290754b2d5f8c9dce94cfc57f0f24"], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:13:15 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 9)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2667.847589] audit: type=1326 audit(1716336795.046:4167): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.851605] netlink: 348 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2667.872642] audit: type=1326 audit(1716336795.046:4168): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.901623] FAULT_INJECTION: forcing a failure.
[ 2667.901623] name failslab, interval 1, probability 0, space 0, times 0
[ 2667.903596] CPU: 1 PID: 56036 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2667.904584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2667.905753] Call Trace:
[ 2667.906141]  dump_stack+0x107/0x167
[ 2667.906687]  should_fail.cold+0x5/0xa
[ 2667.907239]  ? create_object.isra.0+0x3a/0xa20
[ 2667.907890]  should_failslab+0x5/0x20
[ 2667.908444]  kmem_cache_alloc+0x5b/0x310
[ 2667.909028]  ? mark_held_locks+0x9e/0xe0
[ 2667.909621]  create_object.isra.0+0x3a/0xa20
[ 2667.910265]  kmemleak_alloc_percpu+0xa0/0x100
[ 2667.910941]  pcpu_alloc+0x4e2/0x1240
[ 2667.911506]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 2667.912183]  percpu_ref_init+0x31/0x3d0
[ 2667.912752]  cgroup_mkdir+0x28b/0xf50
[ 2667.913325]  ? cgroup_destroy_locked+0x710/0x710
[ 2667.914008]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2667.914604]  vfs_mkdir+0x493/0x700
[ 2667.915142]  do_mkdirat+0x150/0x2b0
[ 2667.915668]  ? user_path_create+0xf0/0xf0
[ 2667.916257]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2667.916996]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2667.917737]  do_syscall_64+0x33/0x40
[ 2667.918278]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2667.919013] RIP: 0033:0x7f72960ceb19
[ 2667.919552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2667.922163] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2667.923251] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2667.924263] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2667.925275] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2667.926286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2667.927298] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2667.929066] audit: type=1326 audit(1716336795.160:4169): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.937937] audit: type=1326 audit(1716336795.161:4170): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56030 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:15 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x8, &(0x7f0000000080)=[{0x1, 0x1, 0x1}, {0x8, 0x2, 0x1, 0x3}, {0x8001, 0x3, 0x1, 0x6f2c}, {0x1f, 0x22, 0x7f, 0x9}, {0x3, 0xf8, 0x7}, {0x1, 0x7f, 0x8, 0x10000}, {0x5, 0x4, 0xd9}, {0x7f, 0x8, 0x4, 0x6}]})
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x4}, {0xfb, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
write$binfmt_elf64(r1, &(0x7f00000001c0)=ANY=[], 0xfdef)
openat(r1, &(0x7f00000001c0)='./file1\x00', 0x200002, 0x20)

[ 2667.984066] audit: type=1326 audit(1716336795.240:4171): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56348 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2667.987443] audit: type=1326 audit(1716336795.243:4172): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56348 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:29 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:29 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0xfe, 0x0, 0x3, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:13:29 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
fork()
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:13:29 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 10)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:13:29 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:13:29 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:13:29 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 11)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:13:29 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000018000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2681.932392] kauditd_printk_skb: 32 callbacks suppressed
[ 2681.932410] audit: type=1326 audit(1716336809.189:4205): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2681.936319] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2681.937009] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2681.939423] audit: type=1326 audit(1716336809.194:4206): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2681.953213] audit: type=1326 audit(1716336809.196:4207): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2681.959665] FAULT_INJECTION: forcing a failure.
[ 2681.959665] name failslab, interval 1, probability 0, space 0, times 0
[ 2681.961543] CPU: 1 PID: 56477 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2681.962552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2681.963749] Call Trace:
[ 2681.964146]  dump_stack+0x107/0x167
[ 2681.964678]  should_fail.cold+0x5/0xa
[ 2681.965244]  ? create_object.isra.0+0x3a/0xa20
[ 2681.965910]  should_failslab+0x5/0x20
[ 2681.966474]  kmem_cache_alloc+0x5b/0x310
[ 2681.967079]  ? mark_held_locks+0x9e/0xe0
[ 2681.967685]  create_object.isra.0+0x3a/0xa20
[ 2681.968327]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2681.969052]  __kmalloc_track_caller+0x177/0x370
[ 2681.969727]  ? xfrm_add_sa+0x19a5/0x3510
[ 2681.970332]  kmemdup+0x23/0x50
[ 2681.970797]  xfrm_add_sa+0x19a5/0x3510
[ 2681.971385]  ? xfrm_send_acquire+0xad0/0xad0
[ 2681.972022]  ? security_capable+0x95/0xc0
[ 2681.972628]  ? __nla_parse+0x3e/0x50
[ 2681.973173]  ? xfrm_send_acquire+0xad0/0xad0
[ 2681.973804]  xfrm_user_rcv_msg+0x416/0x830
[ 2681.974410]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2681.975190]  ? __mutex_lock+0x4fe/0x10b0
[ 2681.975791]  ? lock_acquire+0x197/0x470
[ 2681.976384]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2681.977036]  netlink_rcv_skb+0x14b/0x430
[ 2681.977631]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2681.978353]  ? netlink_ack+0xab0/0xab0
[ 2681.978946]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2681.979623]  xfrm_netlink_rcv+0x6b/0x90
[ 2681.980210]  netlink_unicast+0x549/0x7f0
[ 2681.980804]  ? netlink_attachskb+0x870/0x870
[ 2681.981459]  netlink_sendmsg+0x90f/0xdf0
[ 2681.982057]  ? netlink_unicast+0x7f0/0x7f0
[ 2681.982682]  ? netlink_unicast+0x7f0/0x7f0
[ 2681.983310]  __sock_sendmsg+0x154/0x190
[ 2681.983886]  ____sys_sendmsg+0x70d/0x870
[ 2681.984482]  ? sock_write_iter+0x3d0/0x3d0
[ 2681.985100]  ? do_recvmmsg+0x6d0/0x6d0
[ 2681.985671]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2681.986432]  ? lock_downgrade+0x6d0/0x6d0
[ 2681.987048]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2681.987822]  ? SOFTIRQ_verbose+0x10/0x10
[ 2681.988429]  ___sys_sendmsg+0xf3/0x170
[ 2681.988999]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2681.989672]  ? lock_downgrade+0x6d0/0x6d0
[ 2681.990279]  ? find_held_lock+0x2c/0x110
[ 2681.990887]  ? __fget_files+0x296/0x4c0
[ 2681.991481]  ? __fget_light+0xea/0x290
[ 2681.992061]  __sys_sendmsg+0xe5/0x1b0
[ 2681.992623]  ? __sys_sendmsg_sock+0x40/0x40
[ 2681.993256]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2681.993948]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2681.994712]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2681.995477]  ? trace_hardirqs_on+0x5b/0x180
[ 2681.996106]  do_syscall_64+0x33/0x40
[ 2681.996646]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2681.997401] RIP: 0033:0x7f87f21a2b19
[ 2681.997946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2682.000582] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2682.001709] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2682.002733] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2682.003763] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2682.004794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2682.005828] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2682.013639] FAULT_INJECTION: forcing a failure.
[ 2682.013639] name failslab, interval 1, probability 0, space 0, times 0
[ 2682.015274] CPU: 1 PID: 56466 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2682.016281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2682.017462] Call Trace:
[ 2682.017851]  dump_stack+0x107/0x167
[ 2682.018382]  should_fail.cold+0x5/0xa
[ 2682.018957]  ? percpu_ref_init+0xd8/0x3d0
[ 2682.019576]  should_failslab+0x5/0x20
[ 2682.020132]  kmem_cache_alloc_trace+0x55/0x320
[ 2682.020801]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 2682.021495]  percpu_ref_init+0xd8/0x3d0
[ 2682.022082]  cgroup_mkdir+0x28b/0xf50
[ 2682.022640]  ? cgroup_destroy_locked+0x710/0x710
[ 2682.023332]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2682.023932]  vfs_mkdir+0x493/0x700
[ 2682.024461]  do_mkdirat+0x150/0x2b0
[ 2682.024992]  ? user_path_create+0xf0/0xf0
[ 2682.025610]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2682.026368]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2682.027137]  do_syscall_64+0x33/0x40
[ 2682.027694]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2682.028442] RIP: 0033:0x7f72960ceb19
[ 2682.028884] netlink: 368 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2682.028977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2682.028993] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2682.033473] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2682.034501] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2682.035542] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2682.036566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2682.037596] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2682.037678] netlink: 368 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2682.043842] audit: type=1326 audit(1716336809.199:4208): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:29 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000028000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:29 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2682.057657] audit: type=1326 audit(1716336809.199:4209): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2682.060770] audit: type=1326 audit(1716336809.205:4210): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:29 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:13:29 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="468a"], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:13:29 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100002f000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:29 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2682.168332] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=47 sclass=netlink_xfrm_socket pid=56823 comm=syz-executor.1
[ 2682.177476] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=47 sclass=netlink_xfrm_socket pid=56861 comm=syz-executor.1
[ 2682.199992] audit: type=1326 audit(1716336809.456:4211): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:29 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2682.209526] audit: type=1326 audit(1716336809.463:4212): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=56463 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:29 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 12)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:13:29 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000060000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:29 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 11)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2682.286864] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=96 sclass=netlink_xfrm_socket pid=56985 comm=syz-executor.1
[ 2682.309314] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=96 sclass=netlink_xfrm_socket pid=57015 comm=syz-executor.1
[ 2682.326623] FAULT_INJECTION: forcing a failure.
[ 2682.326623] name failslab, interval 1, probability 0, space 0, times 0
[ 2682.327773] CPU: 0 PID: 57011 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2682.328367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2682.329074] Call Trace:
[ 2682.329314]  dump_stack+0x107/0x167
[ 2682.329629]  should_fail.cold+0x5/0xa
[ 2682.329966]  ? create_object.isra.0+0x3a/0xa20
[ 2682.330365]  should_failslab+0x5/0x20
[ 2682.330695]  kmem_cache_alloc+0x5b/0x310
[ 2682.331064]  create_object.isra.0+0x3a/0xa20
[ 2682.331450]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2682.331892]  kmem_cache_alloc_trace+0x151/0x320
[ 2682.332297]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 2682.332711]  percpu_ref_init+0xd8/0x3d0
[ 2682.333058]  cgroup_mkdir+0x28b/0xf50
[ 2682.333404]  ? cgroup_destroy_locked+0x710/0x710
[ 2682.333824]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2682.334199]  vfs_mkdir+0x493/0x700
[ 2682.334519]  do_mkdirat+0x150/0x2b0
[ 2682.334849]  ? user_path_create+0xf0/0xf0
[ 2682.335222]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2682.335683]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2682.336145]  do_syscall_64+0x33/0x40
[ 2682.336472]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2682.336927] RIP: 0033:0x7f72960ceb19
[ 2682.337253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2682.338761] FAULT_INJECTION: forcing a failure.
[ 2682.338761] name failslab, interval 1, probability 0, space 0, times 0
[ 2682.338849] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2682.341070] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2682.341679] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2682.342299] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2682.342913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2682.343531] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2682.344177] CPU: 1 PID: 57032 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2682.345177] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2682.346354] Call Trace:
[ 2682.346741]  dump_stack+0x107/0x167
[ 2682.347279]  should_fail.cold+0x5/0xa
[ 2682.347833]  ? crypto_create_tfm_node+0x84/0x340
[ 2682.348519]  should_failslab+0x5/0x20
[ 2682.349070]  __kmalloc_node+0x76/0x420
[ 2682.349645]  crypto_create_tfm_node+0x84/0x340
[ 2682.350310]  crypto_alloc_tfm_node+0x108/0x270
[ 2682.350977]  esp_init_authenc+0x1d2/0x920
[ 2682.351579]  ? esp_init_aead+0x2f0/0x2f0
[ 2682.352178]  ? __xfrm_init_state+0x6ca/0x1490
[ 2682.352828]  ? lock_downgrade+0x6d0/0x6d0
[ 2682.353437]  esp6_init_state+0x367/0x420
[ 2682.354022]  __xfrm_init_state+0x778/0x1490
[ 2682.354652]  xfrm_add_sa+0x1ec5/0x3510
[ 2682.355226]  ? xfrm_send_acquire+0xad0/0xad0
[ 2682.355861]  ? security_capable+0x95/0xc0
[ 2682.356465]  ? __nla_parse+0x3e/0x50
[ 2682.357009]  ? xfrm_send_acquire+0xad0/0xad0
[ 2682.357643]  xfrm_user_rcv_msg+0x416/0x830
[ 2682.358246]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2682.359028]  ? __mutex_lock+0x4fe/0x10b0
[ 2682.359619]  ? lock_acquire+0x197/0x470
[ 2682.360186]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2682.360832]  netlink_rcv_skb+0x14b/0x430
[ 2682.361413]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2682.362133]  ? netlink_ack+0xab0/0xab0
[ 2682.362693]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2682.363366]  xfrm_netlink_rcv+0x6b/0x90
[ 2682.363926]  netlink_unicast+0x549/0x7f0
[ 2682.364526]  ? netlink_attachskb+0x870/0x870
[ 2682.365163]  netlink_sendmsg+0x90f/0xdf0
[ 2682.365756]  ? netlink_unicast+0x7f0/0x7f0
[ 2682.366368]  ? netlink_unicast+0x7f0/0x7f0
[ 2682.366987]  __sock_sendmsg+0x154/0x190
[ 2682.367556]  ____sys_sendmsg+0x70d/0x870
[ 2682.368146]  ? sock_write_iter+0x3d0/0x3d0
[ 2682.368747]  ? do_recvmmsg+0x6d0/0x6d0
[ 2682.369310]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2682.370046]  ? lock_downgrade+0x6d0/0x6d0
[ 2682.370652]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2682.371394]  ? SOFTIRQ_verbose+0x10/0x10
[ 2682.371983]  ___sys_sendmsg+0xf3/0x170
[ 2682.372536]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2682.373201]  ? lock_downgrade+0x6d0/0x6d0
[ 2682.373793]  ? find_held_lock+0x2c/0x110
[ 2682.374393]  ? __fget_files+0x296/0x4c0
[ 2682.374978]  ? __fget_light+0xea/0x290
[ 2682.375553]  __sys_sendmsg+0xe5/0x1b0
[ 2682.376098]  ? __sys_sendmsg_sock+0x40/0x40
[ 2682.376718]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2682.377399]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2682.378152]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2682.378889]  ? trace_hardirqs_on+0x5b/0x180
[ 2682.379520]  do_syscall_64+0x33/0x40
[ 2682.380047]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2682.380787] RIP: 0033:0x7f87f21a2b19
[ 2682.381316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2682.383927] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2682.384994] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2682.386008] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2682.387033] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2682.388052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2682.389071] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:13:44 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:44 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 13)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:13:44 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x5, 0x6, 0x801, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)

00:13:44 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
ptrace(0x4208, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:13:44 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:13:44 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000063000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:44 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 12)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:13:44 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2696.991197] audit: type=1326 audit(1716336824.247:4213): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2696.994521] audit: type=1326 audit(1716336824.248:4214): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2696.995869] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=99 sclass=netlink_xfrm_socket pid=57156 comm=syz-executor.1
[ 2697.001301] audit: type=1326 audit(1716336824.248:4215): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2697.009215] FAULT_INJECTION: forcing a failure.
[ 2697.009215] name failslab, interval 1, probability 0, space 0, times 0
[ 2697.011201] CPU: 0 PID: 57147 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2697.012313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2697.013652] Call Trace:
[ 2697.014082]  dump_stack+0x107/0x167
[ 2697.014664]  should_fail.cold+0x5/0xa
[ 2697.015308]  ? create_object.isra.0+0x3a/0xa20
[ 2697.016041]  should_failslab+0x5/0x20
[ 2697.016653]  kmem_cache_alloc+0x5b/0x310
[ 2697.017318]  create_object.isra.0+0x3a/0xa20
[ 2697.018031]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2697.018154] audit: type=1326 audit(1716336824.248:4216): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2697.018843]  __kmalloc_node+0x1ae/0x420
[ 2697.022573]  crypto_create_tfm_node+0x84/0x340
[ 2697.022857] FAULT_INJECTION: forcing a failure.
[ 2697.022857] name failslab, interval 1, probability 0, space 0, times 0
[ 2697.023315]  crypto_alloc_tfm_node+0x108/0x270
[ 2697.023344]  esp_init_authenc+0x1d2/0x920
[ 2697.023366]  ? esp_init_aead+0x2f0/0x2f0
[ 2697.023397]  ? __xfrm_init_state+0x6ca/0x1490
[ 2697.023418]  ? lock_downgrade+0x6d0/0x6d0
[ 2697.023447]  esp6_init_state+0x367/0x420
[ 2697.023473]  __xfrm_init_state+0x778/0x1490
[ 2697.029714]  xfrm_add_sa+0x1ec5/0x3510
[ 2697.030360]  ? xfrm_send_acquire+0xad0/0xad0
[ 2697.031082]  ? security_capable+0x95/0xc0
[ 2697.031753]  ? __nla_parse+0x3e/0x50
[ 2697.032366]  ? xfrm_send_acquire+0xad0/0xad0
[ 2697.033079]  xfrm_user_rcv_msg+0x416/0x830
[ 2697.033760]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2697.034617]  ? __mutex_lock+0x4fe/0x10b0
[ 2697.035279]  ? lock_acquire+0x197/0x470
[ 2697.035915]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2697.036645]  netlink_rcv_skb+0x14b/0x430
[ 2697.037306]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2697.038113]  ? netlink_ack+0xab0/0xab0
[ 2697.038744]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2697.039498]  xfrm_netlink_rcv+0x6b/0x90
[ 2697.040146]  netlink_unicast+0x549/0x7f0
[ 2697.040804]  ? netlink_attachskb+0x870/0x870
[ 2697.041522]  netlink_sendmsg+0x90f/0xdf0
[ 2697.042189]  ? netlink_unicast+0x7f0/0x7f0
[ 2697.042874]  ? netlink_unicast+0x7f0/0x7f0
[ 2697.043570]  __sock_sendmsg+0x154/0x190
[ 2697.044213]  ____sys_sendmsg+0x70d/0x870
[ 2697.044869]  ? sock_write_iter+0x3d0/0x3d0
[ 2697.045551]  ? do_recvmmsg+0x6d0/0x6d0
[ 2697.046186]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2697.047037]  ? mark_lock+0xf5/0x2df0
[ 2697.047635]  ? lock_downgrade+0x6d0/0x6d0
[ 2697.048311]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2697.049165]  ___sys_sendmsg+0xf3/0x170
[ 2697.049793]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2697.050538]  ? lock_downgrade+0x6d0/0x6d0
[ 2697.051215]  ? find_held_lock+0x2c/0x110
[ 2697.051881]  ? __fget_files+0x296/0x4c0
[ 2697.052535]  ? __fget_light+0xea/0x290
[ 2697.053179]  __sys_sendmsg+0xe5/0x1b0
[ 2697.053780]  ? __sys_sendmsg_sock+0x40/0x40
[ 2697.054477]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2697.055257]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2697.056099]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2697.056918]  ? trace_hardirqs_on+0x5b/0x180
[ 2697.057617]  do_syscall_64+0x33/0x40
[ 2697.058225]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2697.059056] RIP: 0033:0x7f87f21a2b19
[ 2697.059655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2697.062597] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2697.063831] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2697.064978] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2697.066124] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2697.067282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2697.068424] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2697.069604] CPU: 1 PID: 57149 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2697.070653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2697.071870] Call Trace:
[ 2697.072271]  dump_stack+0x107/0x167
[ 2697.072818]  should_fail.cold+0x5/0xa
[ 2697.073395]  ? create_object.isra.0+0x3a/0xa20
[ 2697.074077]  should_failslab+0x5/0x20
[ 2697.074644]  kmem_cache_alloc+0x5b/0x310
[ 2697.075259]  create_object.isra.0+0x3a/0xa20
[ 2697.075920]  kmemleak_alloc_percpu+0xa0/0x100
[ 2697.076591]  pcpu_alloc+0x4e2/0x1240
[ 2697.076692] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=99 sclass=netlink_xfrm_socket pid=57183 comm=syz-executor.1
[ 2697.077170]  cgroup_rstat_init+0x14f/0x1f0
[ 2697.077201]  cgroup_mkdir+0x709/0xf50
[ 2697.080152]  ? cgroup_destroy_locked+0x710/0x710
[ 2697.080795]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2697.081356]  vfs_mkdir+0x493/0x700
[ 2697.081840]  do_mkdirat+0x150/0x2b0
[ 2697.082335]  ? user_path_create+0xf0/0xf0
[ 2697.082897]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2697.083611]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2697.084311]  do_syscall_64+0x33/0x40
[ 2697.084801]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2697.085490] RIP: 0033:0x7f72960ceb19
[ 2697.085993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2697.088433] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2697.089448] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2697.090401] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2697.091359] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2697.092315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2697.093264] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2697.108454] audit: type=1326 audit(1716336824.248:4217): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2697.120079] audit: type=1326 audit(1716336824.264:4218): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:44 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:44 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010030000000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:44 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401007410000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2697.224974] audit: type=1326 audit(1716336824.481:4219): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2697.229006] audit: type=1326 audit(1716336824.481:4220): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57127 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2697.230983] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=784 sclass=netlink_xfrm_socket pid=57405 comm=syz-executor.1
[ 2697.245713] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=784 sclass=netlink_xfrm_socket pid=57418 comm=syz-executor.1
00:13:44 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401007410000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:44 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:13:44 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010040000000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:44 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x9, &(0x7f0000000180)=[{0x5, 0x4, 0x4, 0x1}, {0x8000, 0x81, 0xcf, 0x81}, {0x40, 0x0, 0x2, 0x8001}, {0x7, 0x0, 0x17, 0x9}, {0x3, 0x31, 0x7f, 0x7}, {0x81, 0x20, 0x9, 0xf0}, {0x2, 0x1, 0x8, 0x8}, {0x8001, 0x7, 0x4, 0x2}, {0x200, 0x80, 0x5, 0x46c}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2697.408340] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=57515 comm=syz-executor.1
[ 2697.425729] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=57533 comm=syz-executor.1
[ 2697.469829] audit: type=1326 audit(1716336824.726:4221): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57547 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2697.477582] audit: type=1326 audit(1716336824.731:4222): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57547 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:58 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x18, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:13:58 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401007a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:58 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:13:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010020100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:58 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 14)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:13:58 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7666f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x5}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
syz_io_uring_setup(0x77a1, &(0x7f00000000c0)={0x0, 0x7680, 0x4, 0x1, 0x34a}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_setup(0x203, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000000c0)={@broadcast, @private=0xa010101}, 0xc)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r6)
[ 2710.970610] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=528 sclass=netlink_xfrm_socket pid=57663 comm=syz-executor.1
[ 2710.974910] kauditd_printk_skb: 8 callbacks suppressed
[ 2710.975794] audit: type=1326 audit(1716336838.231:4231): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2710.986269] audit: type=1326 audit(1716336838.237:4232): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.001372] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=528 sclass=netlink_xfrm_socket pid=57723 comm=syz-executor.1
[ 2711.006616] FAULT_INJECTION: forcing a failure.
[ 2711.006616] name failslab, interval 1, probability 0, space 0, times 0
[ 2711.008665] CPU: 1 PID: 57671 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2711.009749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2711.011040] Call Trace:
[ 2711.011479]  dump_stack+0x107/0x167
[ 2711.012057]  should_fail.cold+0x5/0xa
[ 2711.012669]  ? crypto_create_tfm_node+0x84/0x340
[ 2711.013423]  should_failslab+0x5/0x20
[ 2711.014024]  __kmalloc_node+0x76/0x420
[ 2711.014653]  crypto_create_tfm_node+0x84/0x340
syz_io_uring_submit(r1, r4, &(0x7f0000000a80)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a40)={&(0x7f00000004c0)=@ll={0x11, 0x5, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000540)="e25762ee35b14a814c26f1db1bbdfb0ac38ae6fe59355a9957de739e9f77f838331d99eb2871f435dd5657b9fd42e97bfe93ff", 0x33}, {&(0x7f0000000640)="55d0c76ee3e6e0bb7a", 0x9}, {&(0x7f0000000680)="f93e102f3c868cf3d71ab48cb31fcf49051a2677010f663250716a2652a9ad0abce36afead075f91953ea4c0396c7bc8e7ab4baecfbbb0aab01d9768f226db2e386b2f093f8563e7c0770a525b72adec5bcd7c580d84d66776bc747640ddfadc33a319b0f082f4919636ee138209ec02f752f6807febcdc868b93493c458535fa9f6972982b805f0796ce2bc0b", 0x8d}, {&(0x7f0000000740)="adb19694f55a0a7a728273977107f16e4287e308ac674b58015e8314a2e97a6b834b65059f52c36c5d285bfd940e9a4407bcfda9ae5c0a273c055e002d9dba2d13f0c8a970fa118eaf71b7054103cef15aecdf1264b9894e80318218fa62ece930a8fe8ce76cbc9b9b09ce487ca1c86d345034a256125e799947cd338983e22f5a6c5eb02093604b2320f7b9523f46b893565242f8aeae73fb8a65a04b3d17bdd780ff4539fb1fb0bb9da68f84347b14987e18b8f7ed335930a9099c130bdca157e100c925257edff2adc72419487432", 0xd0}, {&(0x7f0000000840)="cf9cc9b61bec89f9b99d9a6a1364c6ba15e3d53ef77c618075fb4bd0b4dfc2d625054aacc97c29bf92c7bad22e34ec42eb633f87342f394562ff5c607d88e9b953129a73528904e4be807bf95c9ede3e", 0x50}, {&(0x7f00000008c0)="305a16beab48252f99843a741f17ac9339efb23d0cafbd757a860d3be23086365c7b6e67126c68bacf935e3d81e02bc048c363e76cab6e9d640f98a90800c1d1b226381173b705442ac3cae4ba3cf4dbe1663d5880b11f35df5edf6803437a0ab18b43c4bec0676cda451d901ea9326db952263eddf2c315ca2db6ec8cacdb508c21129b025dd87f5ab1a900f1f37a16527669b8df900a82c77b68e4886e89bf5b1640116584ac9a98d6e068113d50b11856faa73a7b44e892794dc28852de02fc078d56af4b634aa427f7cfc5671d4266d4352122bae27714b7602b71a6e1b5f55de61491b1b8a2e90b9963f68170", 0xef}], 0x6, &(0x7f0000003400)=[{0xe8, 0x116, 0x210, "e802e90efe7b249c7b572dffb78e2ec82981c69105d22e52113190d731f49e02795ca2a9e7d1d00711d5247ca46465e98b27d5e850241df7de8a7c45f4d1773b363abb45d67edeb2600ba6967bb1b5670d2ab385bc2616a07fafad0f2fea598eb8473f8e985615bfb97ae61bdc12b1a08531ee90a2c4ec5e229aee35e5398fa343fb69c4dd441ff69207251a95fef066659e0d5394b3fcbfc5688b5aa78cd96037b2ed7f37015b31d2effccc9c87de81e738f55e0d45ef078ec9f3433e1931d0b1fd3c77f1608cbb8aa025d09f0481018c76f791f2f7fb"}, {0xa0, 0x185, 0x8b2, "ad3579e46893150f2506efb0a5bd954441ec9a2d1ba6efa718f5735ea4e949dfe5cc9bd4dd908e04ee7208b718be078ebbf3bacd72030620fe27117bcd7922c61153ad57fae9af42d8cb687a988bda3f0910be8fc8a471c0560e2db3237a575c1266ff48e312ae88c4bf2a95ff59acbcaa84d4c1e7a49867407231054b453a04ea222f4796edc8a7fa7c9a47"}, {0x18, 0x112, 0x7fffffff, "9f"}, {0x180, 0x10e, 0x2, "c6654feb075e503089b2bc5aa19fce2296c0c1188bd71ec64bb840ea89336f14e381b4429def4600e921911031cf64cfdf02e832727cb91dcdad5be1d3e78361e74b9f8a03237a55e424a286b757125d4ce0d18dae88929350cf7be32bb17c99ea8e15b5b35dda516cba28b5d9f492bde86d27ee2c4f376c735c3f556b24a9fed77dfc27cbf1098db0898d7bc32ca755edb2e08c95914521541b63622e868ab821eab569da561f49cc5d458ed9273dc45439afde0c28ecdd93dc8395a4f39d815d95f64ad0eb8efd58b3234dc463175df20d7e77a664a35c934876f3f06a2e74e7d0f8425d7536ffd1d8103969bbb1d2814f588a258817985661b34fd76e6bf94b8ab97d01a7588e9b374de18b313f2bfc5e175bb82bf9bea183941da49302bad2375593a0a50d27fce2333a4933192efae6b648c823d6f9fd1172f34157c4413cad7cde14b44d386b8c95dc428b082e671f50bf92b79da4c7e61851d0e42876b2f992d1cac10739d8fdc34d"}, {0xa0, 0x109, 0x80000000, "cab96c8f9ace89cfc412a717a7c61fcb149797c23a4f327ab0dabc6213038910265ef846445f575c77cadb1b17ce490f4a6a51e24d6a4f25605ebc2b8762f7240fd2e9f07ac0060b31a9fcedfc2f029c8aa64d35cf0e3c12c801371b80d7fecdebcc119444ddeb38f09898635a6e7239fc812b889c16a8db0bf74cac77817f871a21031e7d0a2bcff5cf09cdbdf08a"}, {0xc8, 0x19, 0x3, "45709a011c45900f95e36f865808734bc6c7a23395dcad9e8d18b2a590199b695460e38a5c7c5b7aea0848af63c330a82ecafbbd921fbcab2d2ea194cbacd6ef3f568426833c1dde956bded67c9fb78426a88c4c32cff0babbd13b0fa0212ce74ebf0413189d02d7c780b5d2739922e6f036e3afe0ee3fb7d2aea9df43eb8556add00209a07a530e39086bcd772f8506903124860ac112d97a23891d897211b7f9522236ba5ce5f52a656a6e7abb4f0768e5"}, {0xe0, 0x18, 0x3e6e, "ce67e9cf72860cdc687c96352c3e43999023253ddabbc8aaf15b3be1f7fdc6cfb0a2e21b921a49ba0f697c89ba77a62caab15986eefbc093233f7696f944f88b71303557487af483d10fcbd148b9c867fed0fa1f17df9a3c89288d64b7e8337efd3fafbee81674701b849cc6dc9da82a29b75cbdf0cc114a0fcf3331ee761277445e31e585b4f1178ca87deddf17bad40c98c1c11c5a70672dcc3ad905669e9f8a197095c5cecd888e54d67a0e3b808cf9422d33a55fd04b17efa636d7a2dfcf91cc3396db5134319e66e3"}, {0x1010, 0x113, 0x80, "991a3a706b8744d0d71f5768544ac6e2ddabc195057b0f94d48f216a103ed774babbded12151f67be42d6dff710f5bb8c155ab5648bc10a0c6fd4818c38cd59a0f6678a3f42e7382a3f1ed9bf018f6d296f401a5a632d94b301fd50340d7bea1acb134794e72aaf26633b5e20382dbf7f095bfca1ce32e1307c884f8378f63facc819ffb97e2dcfea65337c092b87a3908afc2240f903f844a26d84ba60a948ef5f0a39ebdcafa1ab256f9ad2cc7bd8a01d59e6927f8f0358751fa07dcb773c53ecad11818effb5c4be4a17c31477563e3b3f494dc0c9b434c3d1832223b55e768f2e3b4b9056bb7dc07e44a75e3082301f345baa1f46ac29c7abefbd52aa6fd0b20debc6869e58449d22b214f3e0b953d1e40e3fcb8ba13c091db28a463ebe80ec4fa809a1993ad97ac56a11fe3b27197a0ac15b4d031e4ba9c001ca95052473d18027c59525c8bf3d53651849103041f16f7aac77b3835947d6c10240ea269e44eed53c8dded363126493b6daf5279f1b41919df2f894e90a2921d26137d11d73246e418825afae16fb1546bbd9b40634917d428d625758ec979749b4d80252b64eaa41b0d560f35ec09f3dec1544e9d5f6c2c59357027c563af7f9b278851ad414b34636cf17ca7b787515056abf6974e95a260d1b7635b1bdec09310e2b1ec0b41584cc54019408cecd61a39afc603ed8eaa9157ad95e19364a23a41f45232d02677a91807e106faaba3808a1bbe8ab39dcb9b7f24b990e194ec3eaaae73c30a581ae963575a9eda0270ed72317377639a748fd59920a7d9d98a467fb4fd888646e3ed57af017587d096f7fa8584e5a3fc45dda17d5120aa469ee07b179c1e5a8762310b4b0f54ece5c05aebf07f15a6e4f2ced871c2c552915a7a44240c35cf853a6bd5ab6e7cfda1032c81cb3f6683888ea0292321f72a8775e04057aba6dbec0c029c59c9677b64698c912017192c0991d7f558872f0aef4aca9c6301ffd2d8bb9f0427d75b7a46b202771f78e76d0b68189280f8442bb0bee1b3517877374a2d853dcf5eb692dc71790e4aea61af3050e88c4a8b4019d793e1aec7a5b6a78c4c748b7260ecda409069f8ccf528d03a4e70994e8e330102885af4505a885cccb5bb97dc6f9d325dc634b30e9227b79e342784a7a397b60c24ab435a9a665a175479fa8d75278b244f6d4fa2b5f0cd41e8d7571a4b7c3482a6c19ef891a4c36064afc325c7244bcc96ddec1055ba5f3e841bec1f0ca13014892445d3ff440f267e0c6285086e1cf4b13d2cb5bbade1e53a0a9cba660a7c194b547fc9095769ffe2e0fdb417f72e7b0c06e44577c19e85b4873bd1ee46d38c89782ffa04650680d26ec42b89ae79465df91c1554b518ebb8eb2853b779ed976cc58088f7ab2d5224ea738c6267f6801c7b7cf3b4c18f0b7203abb25d27300678bff933754e4b534c5e3e9c7f77490cb55535fd650523d3e581e4b337c49b5adbb8f149793773059dba6115f546ba5252df06eae7a91eff2d8673fa388b7cf3f1d61664fb9e6810ebf9679de730848d265e5b095d87f404a8ac278f6e098b2e5f9161a2d5851744ea01df39214628d80330dd5c8245428ffce4d37db5a8b9380a418b5fd45f127927e77246bee6a3a001fb55b94a62df83b554a5822ce148a63b30f1293e41f4c4d292ba9e30eedb131146da03afac53aedd835e4ed4c13dcd5b871d8064d24900b7c0d24b26da2b93e67468ae0faa4af94fabdf86f0dc3fd3c0a21d294a243b53568e9696cfb51bf1c4ee91c0ef7a34bcf24d0d95848cef6b605dd3289a90ae9b0e0f5d741ad98c999309df104da258dd2b42b6c6cb896793d751b837fc37dede73eaa9bb0eb20a4e5d53d76a30e743db1e303a595a21f7783306307f621ff34c846a56d1b1ca67ed6cff2001c5aaceb9f87744f2dd0107186ed52501bf04144079341e877b49491b97575d57caa6c066b484506e6c2249b033f78038e5df11f74b93c0431be8067f6dbd4f1e878bfe47a1ab8e16de74f2c84c4555ef1fa57a34fdafe11aa9b80697148ad3a61a0c83dd9c29ac061a647081d4af3e6ba7730db85da0a82573208dd3aa4797733bc310cd1ca3dfdfec56eeb4b82c4768f31ed1c805b230e8f50dd0f010ec58d8d62b09755ef348fda14bcf664543b79a17587a169cf002248cb207fb7144a24aea381662224ae04bbbed651512c204e47653222b4bef6d407444d0c58df4670cec152396c99b3d6135fb4a7613dddcce155e3967c691bc9cc150a114f4b0f9e541f12b6650301db4f8e1d1dfad6533955011fe1b173713c36a270dbd6da4d28b06e2d8f9c25de7554b17a425d489a1d78f3eac5d20169945b526759c8f3ae268e104de3e7ebe8ef8ce97dbf75583224abcef9ce9410849764662021926a74eb37714a922e0243f502335e66528762da82c32506dde7b62cd4d423d74b2b20cc1b0ea02099c311e5ece2c59971436a76bd24e3d37b48fea9ec590f7f0b00ee692cad2a2871dab345dca3db40c200216961acaf0db07189178eb7d5fe1ac204766466b075799fb3fd7e6c97f63828fc5071c3339cd22f5950725e6814c897b71138fc04d72d62b755e1cb3179067ab1eb13027687a2460320c1750ed0e65a59dcb49491a2cb4d4264029b0bb0271c7d89476ef8d3975ada5378d847b64e98c768038a9ef295dcefdde4dd2bbe50f25dbcfc3e4c14ce46b19f60856650178abf3d2bed219ca8e5b70f367ac9fa8a2c0b94487d55063a9d4903fc3368547f77685e8f58aa9956085fb27774e7a70ee4ca90eb88b542257ffacbb996d517dbc86cef74eed9805f12ee9cfef96f3706b32eaf2a0c2e14e9d5d743946d4abc65564542ef7d096dee343a5c813b758433506fd06374407a037fec5de15d0d5c897f4a930a29da88c05b41facdd5cff3390eb8befda542465f84120b2f7739c2aab190201cb2d00557102d4825d149b3a79d1e364326089532407146a6ceda3287cc083f4dd3a9dc66e6d5ed458e6b732521d3fb524c35fb71cb6f9b2f331ab2d471412c2cc8c52b08456f86025f29a8d27ed71edd45bd43a19cb0e71221d9848da7632c8e4e67b8be721cc4ff252cd79df557a0830f839e05b4af8314409c093599ca6fa36b33ca194c6898921941632ad2a0cd5faf4a5c1cc7348664e850be815c0d7aff0908516803f54f8d23d9325065e5d5d35fb4bb81c8b749ef6643282aa4d9bcbf67f01600c2b5642d021cc014977ae111e93bad7e72cbaec2a15d07feb84b9751ae167e8c4764fe914fc36fe3fc49dd662f30b860768816cee1ad0b1e59cad3cd9dc5dc19616a0efde500bb1615285d5500964b5e45ca09a1255044b485f64ae37d5e7a6fe5964dea820f9c42b92579ebfcd15a5df00e54951b7c76452998486212c1bf9b25c8ddf7c73942dbd0d1b2ff6055a75a5195d1e46a63e2308980100ad21cdab668e2a2a253aad00f3f82862f04d61a0eb1a2ee4a0df61321e7d20c3524b24eeb4818b21e1ff0c325b32301ceac3edb24e39fe160e9df9ffbf24aa447ee91e038fca529639096b1a0df18f9a94b2dd69829a355d4e383f0bd1fa301b2f4fc5d9138c7fdc4b950dd543649223a147e3aa359d6b19795569c377ce60a49bc7291a5de354323aa585bfcb949271006f04bee77031e957657af3840dbbecc3faf9fdb5f1377103e18b3ce4d08e4efeba2bfa1e0b4fe6c38a166015b6817da5e6e748f98a24b3516b983a5146669bf23e751ea5c4387aaf7de890b8d4c3f93c67591b59ffacc3a550eb5850de895eda4591133bd30e8553199d3f47bf0fe75cf65bcc777a9bbb32e2e0b7f4ecfc34613774f2b27af99618c8632ac077ed069c8e13cf0d49ee86ca5712b34f5d324587b20341a5ad347e528c2d53476df5fda93c737108479a2309a82a20ed31117e9f522437ce9e3c75b3d15145903fb974810f3dc48a4fe928af1bb11e604b036014692f20230bbdc3e60c286771e95ec8d6dde87771be268cae8f8816ee83a45a984188f68ea64aa2b7468d9b7fa3438302858685fd3b690426ea8a8151e16af1e70eb216882a902dd536643589809b85cdff1b3826744d2008908c60d8c4c79f115fbecf75b3764fc822ea83be0abb817d5a263a95f4ad4c76e57c275455ab25ed47ee6183da6c9bdd7502d1f5fd1b623b3806272adbc2edd65fcaff92cc955ff0c1ab3f281814ae10372d2817589a340a49dd724c1659a2b6118d8ebd1715add3b233f3cff393403e92bc654dd4e35471a2abb69d338cb0f1e6baea61639ceb0203b1198a6665e0c948cb33b8ef31bea06dfe8ac6f8c962af61d1453db9a2aac1e2b029dfb9338907104dcf9b810e55ac3858e3a2af2d9ec3f23f8399a206498cc38f37b06fd43429a78f473a98c72243b64518c0e13c83ab22609b8c0f3dd835dfef081f3399b73c66f65b7b81fd9a40ace7c6a20807dcc2e30ba8991ca33dccb1aa50d5918ec7757154032f386863673a7a1bb3c9e5b1f54ee1b518517cbcf081190eabc7dd05b1f0d8003510416e20e744a453bb4c6f7d68b1e7a1844c1a1d663325327ac18678edc0e0b513493a45d809a4c94ccc661aa9727f6e7df48c737f688336849109209ea24663801152152dce8cf27bb738912aea0d43d632be9a02b6e689acb9e0c98f2601aa704af9e15dcf2994262298c3aaffc01fb52493f6155fb005c08ee12a138b92bc2bbf3f38d5b2be72cd40fee119c49d2dcec69607af7afd91d62d7f2bf04586f18e9faf85ff34987e4a93dddc54c77c784c17677567ed13b6fd56ef55fd68f1db4583bfe772a47a57095b48d2ed8457a77ee2110470cc0bd25fcbede9eb4a7d91f8e4791ab5281b0efb1e3d56fe884286d49201a5f03009c1fd6b9df783ea61595cd47e417606164914cb04ef3c7129e1a001287dd3fdcdcee4e921a6e19e3b673d091a1a389e599a809aca16044d98a57db35b9a03a77f58409c9589042d308a2afe72e79ab9fd77e4d007ef9cc6f69c0ea6ff99038f52675f1794ae93fbe00a5f386ef6a12ae0c24c9a8f3f948eb9ce3fcf3aba8d9df741a8d533cff0d31719b9e92edcd488acc75f6245f2b8a148aad2d893f26bc881b1060d7e909e7f127211223838b36517311e871f66e6dba7e98e7aa1b23719bfffe42b5c26a788806caa0ab8d473f2b30c7f5f06502742a6aa7ef044a2989b83338a92635920bd1fd8b5d38e4a5c546fbafffe8fdf286fe41f9842703daaecd98be32f48e4e546c3da4ef6d6b7ea09f1eafd8117bf571f76709734095e317e264ae2cb076ae597edabdf3b42d564999fd5d5c0ab05b28938580b7ad6cbc48873eb2847103b6a077dd10de01b95151f5b483ef191e46bba458206e6eff300a865c555ea81f8c79dfc07dd7dc6e6dea8e20db3cf94fd607b9d64577956d429c65d5a83d2127cff7544cc187a1512c43267440e0fefdc417042950e465dad4557bf30586883e395fe04c9bb24edc0c0f8bbfd683e9ea97babc3e8a4d0bd3bee99efc4eafe51ae8ce7851734875bff8261ade5227cee072668a735903d01ce3424f8739b608a19dcb9ffd169bd281955560e507388747d1dbeebee9f4bdb3ec459e545e77f2a8025ae6172be47c77071436a241ec10b9dac62be0ff2b56c3ea5febfee40edd6142848fabcf3561c7c02abd62fa62b9df5ef3d3e6b8df03fb2a1706cffa1c2a9974f2f1b313c85958bf3e0966e09659e0ec4ac8e51640f850bc51ee058b4dbe814cecc13a156852865fa17f2799059dabd6af17e9c0806fa99"}, {0xf0, 0xff, 0x800, "6e71938e728261def54de916ca971ac180731419ba438aa8e0a398f40972fa6c94802df76742cfa40060571faa8c9a136fbabef14f13601a14fded32a55bb6222112c65e65cf5b3b5e7a3de53d45b6c4e76e41e99d7aa356bb554cdfda3d81611fbe1ad556e0eb57d6e05342ba2563d1a9fcb094e2d608145ef21912fc3030fd11d7848ea4dc8b03cd06e5105bcc98efed60faff8a31424f507be7b3252dce691aaa8ae031580a3f4e463dfd57cef379ac38f9b41886de61c20984beb30f15f43f1b3b9b06112a6cfe30a2d207334eb473adc23f77cd6b799e524a"}, {0x18, 0x111, 0x800, "ddd9cc9b4033443d"}], 0x1680}, 0x0, 0x4004, 0x1, {0x0, r6}}, 0x7)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_RECV=@use_registered_buffer, 0x7ff)
syz_mount_image$nfs(&(0x7f00000001c0), &(0x7f0000000280)='./file0\x00', 0x8001, 0x3, &(0x7f00000003c0)=[{&(0x7f00000002c0)="08ea83af31cb1828ab578b331b0989aae605c6b33d489aaadab907f932726713176741467891e9147c1b5f25", 0x2c, 0x800}, {&(0x7f0000000300)="ffd94be905bc4dca6886f39b50c84efc4e9ee153369269bf71f604b6455c40c1d882a46ca772d6", 0x27, 0x1000}, {&(0x7f0000000340)="47abb01b7672c035945e8881f37c9246210f049b661cd91969a6a3b4c30981222fb5ba14b254d4d3708c0a11f08ea47d6fdbc42a655fc3261a2407a693237b86d43faef65ab33da9e1d5a0bfe193dbe6", 0x50, 0x6}], 0x800, &(0x7f0000000440)={[{'\')-%@'}, {'\xca\'(!{&&/-@m%:)'}, {'.'}], [{@subj_type}, {@hash}, {@fowner_gt={'fowner>', 0xee01}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@hash}, {@obj_user={'obj_user', 0x3d, '\'#($]i'}}]})
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_WRITE={0x17, 0x4, 0x2007, @fd_index=0xa, 0xa4e, &(0x7f0000000580)="5ce1c1ae99b517ee981a7c8852532b86780027d8f4ae13174c219eb8fd10db256d9a47263c5bb8128f4c0e1a7f195437994a526160c189fcae6870242cbf2d4152befe8d0108a542bcbe72ffc612842e29c138543676ec60a59d4d7ec5b742cf53bb0700784d8ebd72390edef48c6089ba54729d9fbb6c69df1be6", 0x7b, 0x12, 0x1, {0x0, r7}}, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r8 = fork()
ptrace$setopts(0x4206, r8, 0x10001, 0x0)
ptrace(0x10, r8)

00:13:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401007a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:13:58 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 13)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2711.015544]  crypto_spawn_tfm2+0x60/0xc0
[ 2711.016222]  aead_init_geniv+0x1c3/0x330
[ 2711.016862]  ? kasan_unpoison_shadow+0x33/0x50
[ 2711.017579]  ? aead_geniv_free+0x20/0x20
[ 2711.018219]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2711.018923]  crypto_create_tfm_node+0x117/0x340
[ 2711.019670]  crypto_alloc_tfm_node+0x108/0x270
[ 2711.020394]  esp_init_authenc+0x1d2/0x920
[ 2711.021059]  ? esp_init_aead+0x2f0/0x2f0
[ 2711.021715]  ? __xfrm_init_state+0x6ca/0x1490
[ 2711.022422]  ? lock_downgrade+0x6d0/0x6d0
[ 2711.023086]  esp6_init_state+0x367/0x420
[ 2711.023733]  __xfrm_init_state+0x778/0x1490
[ 2711.024426]  xfrm_add_sa+0x1ec5/0x3510
[ 2711.025047]  ? xfrm_send_acquire+0xad0/0xad0
[ 2711.025139] audit: type=1326 audit(1716336838.238:4233): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.025733]  ? security_capable+0x95/0xc0
[ 2711.025759]  ? __nla_parse+0x3e/0x50
[ 2711.028794]  ? xfrm_send_acquire+0xad0/0xad0
[ 2711.029485]  xfrm_user_rcv_msg+0x416/0x830
[ 2711.030157]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2711.030999]  ? __mutex_lock+0x4fe/0x10b0
[ 2711.031642]  ? lock_acquire+0x197/0x470
[ 2711.032267]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2711.032970]  netlink_rcv_skb+0x14b/0x430
[ 2711.033615]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2711.034394]  ? netlink_ack+0xab0/0xab0
[ 2711.035018]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2711.035749]  xfrm_netlink_rcv+0x6b/0x90
[ 2711.036375]  netlink_unicast+0x549/0x7f0
[ 2711.037017]  ? netlink_attachskb+0x870/0x870
[ 2711.037722]  netlink_sendmsg+0x90f/0xdf0
[ 2711.038368]  ? netlink_unicast+0x7f0/0x7f0
[ 2711.039044]  ? netlink_unicast+0x7f0/0x7f0
[ 2711.039719]  __sock_sendmsg+0x154/0x190
[ 2711.040347]  ____sys_sendmsg+0x70d/0x870
[ 2711.040982]  ? sock_write_iter+0x3d0/0x3d0
[ 2711.041642]  ? do_recvmmsg+0x6d0/0x6d0
[ 2711.041982] audit: type=1326 audit(1716336838.238:4234): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.042251]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2711.044890]  ? lock_downgrade+0x6d0/0x6d0
[ 2711.045553]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2711.046373]  ? SOFTIRQ_verbose+0x10/0x10
[ 2711.047016]  ___sys_sendmsg+0xf3/0x170
[ 2711.047638]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2711.047798] FAULT_INJECTION: forcing a failure.
[ 2711.047798] name failslab, interval 1, probability 0, space 0, times 0
[ 2711.048354]  ? lock_downgrade+0x6d0/0x6d0
[ 2711.048379]  ? find_held_lock+0x2c/0x110
[ 2711.050597]  ? __fget_files+0x296/0x4c0
[ 2711.051233]  ? __fget_light+0xea/0x290
[ 2711.051856]  __sys_sendmsg+0xe5/0x1b0
[ 2711.052443]  ? __sys_sendmsg_sock+0x40/0x40
[ 2711.053122]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2711.053857]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2711.054678]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2711.055504]  ? trace_hardirqs_on+0x5b/0x180
[ 2711.056213]  do_syscall_64+0x33/0x40
[ 2711.056791]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2711.057585] RIP: 0033:0x7f87f21a2b19
[ 2711.058159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2711.061002] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2711.062161] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2711.063284] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2711.064388] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2711.065495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2711.066602] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2711.067741] CPU: 0 PID: 57779 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2711.068353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2711.069074] Call Trace:
[ 2711.069308]  dump_stack+0x107/0x167
[ 2711.069632]  should_fail.cold+0x5/0xa
[ 2711.069967]  ? create_object.isra.0+0x3a/0xa20
[ 2711.070373]  should_failslab+0x5/0x20
[ 2711.070717]  kmem_cache_alloc+0x5b/0x310
[ 2711.071088]  ? mark_held_locks+0x9e/0xe0
[ 2711.071475]  create_object.isra.0+0x3a/0xa20
[ 2711.071872]  kmemleak_alloc_percpu+0xa0/0x100
[ 2711.072271]  pcpu_alloc+0x4e2/0x1240
[ 2711.072612]  cgroup_rstat_init+0x14f/0x1f0
[ 2711.072988]  cgroup_mkdir+0x709/0xf50
[ 2711.073323]  ? cgroup_destroy_locked+0x710/0x710
[ 2711.073742]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2711.074106]  vfs_mkdir+0x493/0x700
[ 2711.074424]  do_mkdirat+0x150/0x2b0
[ 2711.074743]  ? user_path_create+0xf0/0xf0
[ 2711.075111]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2711.075585]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2711.076040]  do_syscall_64+0x33/0x40
[ 2711.076369]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2711.076816] RIP: 0033:0x7f72960ceb19
[ 2711.077142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2711.078730] RSP: 002b:00007f7293623188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2711.079413] RAX: ffffffffffffffda RBX: 00007f72961e2020 RCX: 00007f72960ceb19
[ 2711.080028] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000004
[ 2711.080641] RBP: 00007f72936231d0 R08: 0000000000000000 R09: 0000000000000000
[ 2711.081265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2711.081871] R13: 00007ffd82cbc6ef R14: 00007f7293623300 R15: 0000000000022000
[ 2711.093763] nfs: Unknown parameter '')-%@'
[ 2711.094516] audit: type=1326 audit(1716336838.248:4235): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.101417] audit: type=1326 audit(1716336838.249:4236): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.111112] audit: type=1326 audit(1716336838.249:4237): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840120d810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:13:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010030100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2711.122366] audit: type=1326 audit(1716336838.249:4238): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.130342] audit: type=1326 audit(1716336838.292:4239): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2711.140672] audit: type=1326 audit(1716336838.302:4240): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=57668 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:13:58 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840102d410000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:58 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, 0xffffffffffffffff], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2711.203315] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=784 sclass=netlink_xfrm_socket pid=57969 comm=syz-executor.1
[ 2711.216641] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=784 sclass=netlink_xfrm_socket pid=58017 comm=syz-executor.1
00:13:58 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
fcntl$getown(r0, 0x9)
chroot(&(0x7f0000000100)='./file1\x00')

00:13:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100f010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:13:58 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010040100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:58 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100f010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:13:58 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 14)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2711.350754] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=58244 comm=syz-executor.1
[ 2711.360603] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=58248 comm=syz-executor.1
00:13:58 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="80a80b40edccabf326a4b39de93f4cbe2d1cc313d66fb166e80848d40aca09053caaaaf422768f7ac1931d1c4c6b5216"], 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r2 = fork()
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100)={<r3=>0x0}, &(0x7f0000000280)=0xc)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x20, 0x8, 0x3, 0x7, 0x0, 0x7, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_bp={&(0x7f00000000c0), 0xf}, 0x80, 0x1, 0x200, 0x3, 0x8, 0x7, 0xff, 0x0, 0x1, 0x0, 0x8}, r3, 0x7, r0, 0x2b2ebf44b3371038)
ptrace(0x10, r2)

00:13:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000003000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:13:58 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, 0xffffffffffffffff], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2711.435650] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3 sclass=netlink_xfrm_socket pid=58313 comm=syz-executor.5
[ 2711.439806] FAULT_INJECTION: forcing a failure.
[ 2711.439806] name failslab, interval 1, probability 0, space 0, times 0
[ 2711.440877] CPU: 0 PID: 58309 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2711.441473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2711.442203] Call Trace:
[ 2711.442444]  dump_stack+0x107/0x167
[ 2711.442766]  should_fail.cold+0x5/0xa
[ 2711.443111]  ? create_object.isra.0+0x3a/0xa20
[ 2711.443531]  should_failslab+0x5/0x20
[ 2711.443872]  kmem_cache_alloc+0x5b/0x310
[ 2711.444241]  ? mark_held_locks+0x9e/0xe0
[ 2711.444603]  create_object.isra.0+0x3a/0xa20
[ 2711.445000]  kmemleak_alloc_percpu+0xa0/0x100
[ 2711.445397]  pcpu_alloc+0x4e2/0x1240
[ 2711.445742]  cgroup_rstat_init+0x14f/0x1f0
[ 2711.446123]  cgroup_mkdir+0x709/0xf50
[ 2711.446468]  ? cgroup_destroy_locked+0x710/0x710
[ 2711.446892]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2711.447276]  vfs_mkdir+0x493/0x700
[ 2711.447593]  do_mkdirat+0x150/0x2b0
[ 2711.447916]  ? user_path_create+0xf0/0xf0
[ 2711.448285]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2711.448743]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2711.449199]  do_syscall_64+0x33/0x40
[ 2711.449531]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2711.449982] RIP: 0033:0x7f72960ceb19
[ 2711.450313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2711.451930] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2711.452598] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2711.453219] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2711.453847] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2711.454473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2711.455095] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2711.457427] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3 sclass=netlink_xfrm_socket pid=58313 comm=syz-executor.5
[ 2726.797123] kauditd_printk_skb: 46 callbacks suppressed
[ 2726.797133] audit: type=1326 audit(1716336854.054:4287): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:14:14 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$getenv(0x4201, r0, 0x7f, &(0x7f0000000000))

00:14:14 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r9, 0xffffffffffffffff], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:14:14 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})

00:14:14 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010050100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:14 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 15)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:14:14 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000003000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2726.806385] audit: type=1326 audit(1716336854.063:4288): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2726.808870] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=58532 comm=syz-executor.5
[ 2726.809239] audit: type=1326 audit(1716336854.066:4289): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2726.825083] FAULT_INJECTION: forcing a failure.
[ 2726.825083] name failslab, interval 1, probability 0, space 0, times 0
[ 2726.826233] CPU: 0 PID: 58530 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2726.826840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2726.827573] Call Trace:
[ 2726.827819]  dump_stack+0x107/0x167
[ 2726.828149]  should_fail.cold+0x5/0xa
[ 2726.828488]  ? create_object.isra.0+0x3a/0xa20
[ 2726.828897]  should_failslab+0x5/0x20
[ 2726.829237]  kmem_cache_alloc+0x5b/0x310
[ 2726.829597]  create_object.isra.0+0x3a/0xa20
[ 2726.829988]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2726.830434]  __kmalloc_node+0x1ae/0x420
[ 2726.830796]  crypto_create_tfm_node+0x84/0x340
[ 2726.831221]  crypto_spawn_tfm2+0x60/0xc0
[ 2726.831585]  aead_init_geniv+0x1c3/0x330
[ 2726.831950]  ? kasan_unpoison_shadow+0x33/0x50
[ 2726.832352]  ? aead_geniv_free+0x20/0x20
[ 2726.832713]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2726.833117]  crypto_create_tfm_node+0x117/0x340
[ 2726.833531]  crypto_alloc_tfm_node+0x108/0x270
[ 2726.833939]  esp_init_authenc+0x1d2/0x920
[ 2726.834312]  ? esp_init_aead+0x2f0/0x2f0
[ 2726.834516] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1296 sclass=netlink_xfrm_socket pid=58539 comm=syz-executor.1
[ 2726.834681]  ? __xfrm_init_state+0x6ca/0x1490
[ 2726.837177]  ? lock_downgrade+0x6d0/0x6d0
[ 2726.837548]  esp6_init_state+0x367/0x420
[ 2726.837909]  __xfrm_init_state+0x778/0x1490
[ 2726.838305]  xfrm_add_sa+0x1ec5/0x3510
[ 2726.838665]  ? xfrm_send_acquire+0xad0/0xad0
[ 2726.839058]  ? security_capable+0x95/0xc0
[ 2726.839432]  ? __nla_parse+0x3e/0x50
[ 2726.839765]  ? xfrm_send_acquire+0xad0/0xad0
[ 2726.840151]  xfrm_user_rcv_msg+0x416/0x830
[ 2726.840525]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2726.840994]  ? __mutex_lock+0x4fe/0x10b0
[ 2726.841352]  ? lock_acquire+0x197/0x470
[ 2726.841701]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2726.842100]  netlink_rcv_skb+0x14b/0x430
[ 2726.842459]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2726.842896]  ? netlink_ack+0xab0/0xab0
[ 2726.843247]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2726.843486] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1296 sclass=netlink_xfrm_socket pid=58541 comm=syz-executor.1
[ 2726.843662]  xfrm_netlink_rcv+0x6b/0x90
[ 2726.846088]  netlink_unicast+0x549/0x7f0
00:14:14 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000005000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:14:14 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 15)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2726.846457]  ? netlink_attachskb+0x870/0x870
[ 2726.847023]  netlink_sendmsg+0x90f/0xdf0
[ 2726.847068] audit: type=1326 audit(1716336854.070:4290): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2726.847385]  ? netlink_unicast+0x7f0/0x7f0
[ 2726.851361]  ? netlink_unicast+0x7f0/0x7f0
[ 2726.851727]  __sock_sendmsg+0x154/0x190
[ 2726.852090]  ____sys_sendmsg+0x70d/0x870
[ 2726.852447]  ? sock_write_iter+0x3d0/0x3d0
[ 2726.852815]  ? do_recvmmsg+0x6d0/0x6d0
[ 2726.853158]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2726.853628]  ? lock_downgrade+0x6d0/0x6d0
[ 2726.853985]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2726.854435]  ? SOFTIRQ_verbose+0x10/0x10
[ 2726.854787]  ___sys_sendmsg+0xf3/0x170
[ 2726.855128]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2726.855528]  ? lock_downgrade+0x6d0/0x6d0
[ 2726.855893]  ? find_held_lock+0x2c/0x110
[ 2726.856245]  ? __fget_files+0x296/0x4c0
[ 2726.856601]  ? __fget_light+0xea/0x290
[ 2726.856944]  __sys_sendmsg+0xe5/0x1b0
[ 2726.857273]  ? __sys_sendmsg_sock+0x40/0x40
[ 2726.857647]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2726.858064]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2726.858526]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2726.858978]  ? trace_hardirqs_on+0x5b/0x180
[ 2726.859354]  do_syscall_64+0x33/0x40
[ 2726.859682]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2726.860118] RIP: 0033:0x7f87f21a2b19
[ 2726.860444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2726.861653] audit: type=1326 audit(1716336854.070:4291): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2726.861985] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2726.861998] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2726.862004] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2726.862011] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2726.862017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2726.862024] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2726.868519] FAULT_INJECTION: forcing a failure.
[ 2726.868519] name failslab, interval 1, probability 0, space 0, times 0
[ 2726.869237] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3 sclass=netlink_xfrm_socket pid=58537 comm=syz-executor.6
[ 2726.869556] CPU: 0 PID: 58538 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2726.873613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2726.874339] Call Trace:
[ 2726.874569]  dump_stack+0x107/0x167
[ 2726.874892]  should_fail.cold+0x5/0xa
[ 2726.875234]  ? create_object.isra.0+0x3a/0xa20
[ 2726.875640]  should_failslab+0x5/0x20
[ 2726.875977]  kmem_cache_alloc+0x5b/0x310
[ 2726.876343]  create_object.isra.0+0x3a/0xa20
[ 2726.876728]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2726.877186]  __kmalloc_track_caller+0x177/0x370
[ 2726.877601]  ? kstrdup_const+0x53/0x80
[ 2726.877943]  ? find_held_lock+0x2c/0x110
[ 2726.878308]  kstrdup+0x36/0x70
[ 2726.878592]  kstrdup_const+0x53/0x80
[ 2726.878924]  __kernfs_new_node+0x9d/0x860
[ 2726.879301]  ? mark_held_locks+0x9e/0xe0
[ 2726.879669]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2726.880090]  ? cpumask_next+0x1f/0x30
[ 2726.880426]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2726.880835]  ? pcpu_alloc+0x12a/0x1240
[ 2726.881190]  kernfs_new_node+0x18d/0x250
[ 2726.881553]  kernfs_create_dir_ns+0x49/0x160
[ 2726.881949]  cgroup_mkdir+0x318/0xf50
[ 2726.882285]  ? cgroup_destroy_locked+0x710/0x710
[ 2726.882702]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2726.883071]  vfs_mkdir+0x493/0x700
[ 2726.883391]  do_mkdirat+0x150/0x2b0
[ 2726.883714]  ? user_path_create+0xf0/0xf0
[ 2726.884086]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2726.884542]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2726.884999]  do_syscall_64+0x33/0x40
[ 2726.885324]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2726.885784] RIP: 0033:0x7f72960ceb19
[ 2726.886115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2726.887726] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2726.888388] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2726.889014] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2726.889639] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2726.890262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2726.890887] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2726.895620] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=58532 comm=syz-executor.5
[ 2726.899233] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3 sclass=netlink_xfrm_socket pid=58537 comm=syz-executor.6
[ 2726.907563] audit: type=1326 audit(1716336854.070:4292): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:14:14 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010060100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2726.950341] audit: type=1326 audit(1716336854.206:4293): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2726.953954] audit: type=1326 audit(1716336854.207:4294): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58526 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:14:14 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10000, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:14:14 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000005000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:14 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000006000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2727.034462] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1552 sclass=netlink_xfrm_socket pid=58821 comm=syz-executor.1
[ 2727.048675] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1552 sclass=netlink_xfrm_socket pid=58833 comm=syz-executor.1
[ 2727.053063] audit: type=1326 audit(1716336854.309:4295): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58828 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2727.062825] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=58842 comm=syz-executor.6
[ 2727.071120] audit: type=1326 audit(1716336854.327:4296): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=58828 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2727.072246] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=58842 comm=syz-executor.6
00:14:14 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 16)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:14:14 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2727.105459] FAULT_INJECTION: forcing a failure.
[ 2727.105459] name failslab, interval 1, probability 0, space 0, times 0
[ 2727.106641] CPU: 0 PID: 58860 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2727.107234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2727.107948] Call Trace:
[ 2727.108182]  dump_stack+0x107/0x167
[ 2727.108504]  should_fail.cold+0x5/0xa
[ 2727.108846]  ? __kernfs_new_node+0xd4/0x860
[ 2727.109225]  ? __kernfs_new_node+0xd4/0x860
[ 2727.109609]  should_failslab+0x5/0x20
[ 2727.109944]  kmem_cache_alloc+0x5b/0x310
[ 2727.110300]  __kernfs_new_node+0xd4/0x860
[ 2727.110660]  ? mark_held_locks+0x9e/0xe0
[ 2727.111014]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2727.111433]  ? cpumask_next+0x1f/0x30
[ 2727.111767]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2727.112172]  ? pcpu_alloc+0x12a/0x1240
[ 2727.112519]  kernfs_new_node+0x18d/0x250
[ 2727.112874]  kernfs_create_dir_ns+0x49/0x160
[ 2727.113265]  cgroup_mkdir+0x318/0xf50
[ 2727.113597]  ? cgroup_destroy_locked+0x710/0x710
[ 2727.114007]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2727.114367]  vfs_mkdir+0x493/0x700
[ 2727.114681]  do_mkdirat+0x150/0x2b0
[ 2727.115001]  ? user_path_create+0xf0/0xf0
[ 2727.115374]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2727.115839]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2727.116293]  do_syscall_64+0x33/0x40
[ 2727.116627]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2727.117075] RIP: 0033:0x7f72960ceb19
[ 2727.117405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2727.118958] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2727.119628] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2727.120248] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2727.120860] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2727.121483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2727.122101] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:14:14 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000006000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:30 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000007000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:30 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = syz_open_dev$loop(&(0x7f0000000340), 0x1, 0x2)
preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000440)=""/205, 0xcd}, {&(0x7f0000000380)=""/68, 0x44}, {&(0x7f0000000540)=""/86, 0x56}], 0x3, 0x1, 0x9)
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x817e)
r2 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
r3 = pidfd_getfd(r2, 0xffffffffffffffff, 0x0)
unlinkat(r2, &(0x7f0000000300)='./file1/file0\x00', 0x200)
ptrace$cont(0x9, r1, 0x68c, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0xfffffff8}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x41, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')
openat$cgroup_ro(r3, &(0x7f0000000600)='pids.current\x00', 0x0, 0x0)
lstat(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180))

00:14:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000007000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:14:30 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 16)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:14:30 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:14:30 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 17)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:14:30 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
dup(r0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=<r1=>0x0)
r2 = fork()
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
ptrace(0x10, r2)
syz_io_uring_setup(0x6dcc, &(0x7f00000000c0)={0x0, 0x37f8, 0x8, 0x3, 0x220}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000180))
r4 = syz_open_dev$mouse(&(0x7f00000001c0), 0x1ff, 0x4084)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r1, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x5, 0x0, r4, 0x0, &(0x7f0000000280)='./file0\x00', 0x1, 0x109040, 0x23456, {0x0, r5}}, 0xffffffff)

[ 2742.890096] kauditd_printk_skb: 6 callbacks suppressed
[ 2742.890115] audit: type=1326 audit(1716336870.146:4303): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2742.895154] selinux_netlink_send: 4 callbacks suppressed
[ 2742.895165] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=7 sclass=netlink_xfrm_socket pid=59085 comm=syz-executor.6
[ 2742.899059] audit: type=1326 audit(1716336870.146:4304): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2742.902660] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=7 sclass=netlink_xfrm_socket pid=59083 comm=syz-executor.5
[ 2742.904531] FAULT_INJECTION: forcing a failure.
[ 2742.904531] name failslab, interval 1, probability 0, space 0, times 0
[ 2742.905618] CPU: 0 PID: 59088 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2742.906205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2742.906908] Call Trace:
[ 2742.907143]  dump_stack+0x107/0x167
[ 2742.907460]  should_fail.cold+0x5/0xa
[ 2742.907797]  ? create_object.isra.0+0x3a/0xa20
[ 2742.908191]  should_failslab+0x5/0x20
[ 2742.908522]  kmem_cache_alloc+0x5b/0x310
[ 2742.908875]  create_object.isra.0+0x3a/0xa20
[ 2742.909257]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2742.909697]  kmem_cache_alloc+0x159/0x310
[ 2742.910068]  __kernfs_new_node+0xd4/0x860
[ 2742.910429]  ? mark_held_locks+0x9e/0xe0
[ 2742.910784]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2742.911204]  ? cpumask_next+0x1f/0x30
[ 2742.911553]  ? kmemleak_alloc_percpu+0xaf/0x100
00:14:30 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010070100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2742.911960]  ? pcpu_alloc+0x12a/0x1240
[ 2742.912448]  kernfs_new_node+0x18d/0x250
[ 2742.912814]  kernfs_create_dir_ns+0x49/0x160
[ 2742.913207]  cgroup_mkdir+0x318/0xf50
[ 2742.913536]  ? cgroup_destroy_locked+0x710/0x710
[ 2742.913951]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2742.914303]  vfs_mkdir+0x493/0x700
[ 2742.914610]  do_mkdirat+0x150/0x2b0
[ 2742.914925]  ? user_path_create+0xf0/0xf0
[ 2742.915288]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2742.915739]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2742.916186]  do_syscall_64+0x33/0x40
[ 2742.916533]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2742.916993] RIP: 0033:0x7f72960ceb19
[ 2742.917326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2742.917836] FAULT_INJECTION: forcing a failure.
[ 2742.917836] name failslab, interval 1, probability 0, space 0, times 0
[ 2742.918880] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2742.918893] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2742.918900] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2742.918906] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2742.918913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2742.918919] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2742.920607] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=7 sclass=netlink_xfrm_socket pid=59085 comm=syz-executor.6
[ 2742.921049] CPU: 1 PID: 59087 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2742.929842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2742.931118] Call Trace:
[ 2742.931554]  dump_stack+0x107/0x167
[ 2742.932132]  should_fail.cold+0x5/0xa
[ 2742.932453] audit: type=1326 audit(1716336870.163:4305): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2742.932740]  ? crypto_create_tfm_node+0x84/0x340
[ 2742.935254]  should_failslab+0x5/0x20
[ 2742.935857]  __kmalloc_node+0x76/0x420
[ 2742.936482]  crypto_create_tfm_node+0x84/0x340
[ 2742.937203]  crypto_spawn_tfm2+0x60/0xc0
[ 2742.937854]  crypto_authenc_init_tfm+0x3f/0x290
[ 2742.937939] audit: type=1326 audit(1716336870.163:4306): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2742.938576]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2742.941118]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2742.941821]  crypto_create_tfm_node+0x117/0x340
[ 2742.942545]  crypto_spawn_tfm2+0x60/0xc0
[ 2742.943185]  aead_init_geniv+0x1c3/0x330
[ 2742.943819]  ? kasan_unpoison_shadow+0x33/0x50
[ 2742.944531]  ? aead_geniv_free+0x20/0x20
[ 2742.944887] audit: type=1326 audit(1716336870.163:4307): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2742.945158]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2742.945184]  crypto_create_tfm_node+0x117/0x340
[ 2742.948405]  crypto_alloc_tfm_node+0x108/0x270
[ 2742.949115]  esp_init_authenc+0x1d2/0x920
[ 2742.949761]  ? esp_init_aead+0x2f0/0x2f0
[ 2742.950395]  ? __xfrm_init_state+0x6ca/0x1490
[ 2742.951088]  ? lock_downgrade+0x6d0/0x6d0
[ 2742.951738]  esp6_init_state+0x367/0x420
[ 2742.952366]  __xfrm_init_state+0x778/0x1490
[ 2742.953055]  xfrm_add_sa+0x1ec5/0x3510
[ 2742.953666]  ? xfrm_send_acquire+0xad0/0xad0
[ 2742.954335]  ? security_capable+0x95/0xc0
[ 2742.954981]  ? __nla_parse+0x3e/0x50
[ 2742.955566]  ? xfrm_send_acquire+0xad0/0xad0
[ 2742.956250]  xfrm_user_rcv_msg+0x416/0x830
[ 2742.956900]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2742.957215] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9 sclass=netlink_xfrm_socket pid=59092 comm=syz-executor.6
[ 2742.957722]  ? __mutex_lock+0x4fe/0x10b0
[ 2742.959274]  ? lock_acquire+0x197/0x470
[ 2742.959937]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2742.960636]  netlink_rcv_skb+0x14b/0x430
[ 2742.961254]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2742.961648] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9 sclass=netlink_xfrm_socket pid=59092 comm=syz-executor.6
[ 2742.962011]  ? netlink_ack+0xab0/0xab0
[ 2742.962043]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2742.964313]  xfrm_netlink_rcv+0x6b/0x90
[ 2742.964918]  netlink_unicast+0x549/0x7f0
[ 2742.965551]  ? netlink_attachskb+0x870/0x870
[ 2742.966240]  netlink_sendmsg+0x90f/0xdf0
[ 2742.966858]  ? netlink_unicast+0x7f0/0x7f0
[ 2742.967516]  ? netlink_unicast+0x7f0/0x7f0
[ 2742.968169]  __sock_sendmsg+0x154/0x190
[ 2742.968789]  ____sys_sendmsg+0x70d/0x870
[ 2742.969416]  ? sock_write_iter+0x3d0/0x3d0
[ 2742.970065]  ? do_recvmmsg+0x6d0/0x6d0
[ 2742.970666]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2742.971483]  ? lock_downgrade+0x6d0/0x6d0
[ 2742.972126]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2742.972929]  ? SOFTIRQ_verbose+0x10/0x10
[ 2742.973553]  ___sys_sendmsg+0xf3/0x170
[ 2742.974157]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2742.974855]  ? lock_downgrade+0x6d0/0x6d0
[ 2742.975495]  ? find_held_lock+0x2c/0x110
[ 2742.976136]  ? __fget_files+0x296/0x4c0
[ 2742.976756]  ? __fget_light+0xea/0x290
[ 2742.977352]  __sys_sendmsg+0xe5/0x1b0
[ 2742.977938]  ? __sys_sendmsg_sock+0x40/0x40
[ 2742.978594]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2742.979332]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2742.980129]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2742.980906]  ? trace_hardirqs_on+0x5b/0x180
[ 2742.981564]  do_syscall_64+0x33/0x40
[ 2742.982133]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2742.982897] RIP: 0033:0x7f87f21a2b19
[ 2742.983461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2742.986177] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2742.987315] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2742.988380] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2742.989436] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2742.990493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2742.991562] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2742.995183] audit: type=1326 audit(1716336870.251:4308): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2742.997125] audit: type=1326 audit(1716336870.252:4309): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2743.006772] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1808 sclass=netlink_xfrm_socket pid=59191 comm=syz-executor.1
00:14:30 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000009000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2743.008215] audit: type=1326 audit(1716336870.252:4310): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59080 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2743.012004] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1808 sclass=netlink_xfrm_socket pid=59195 comm=syz-executor.1
00:14:30 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000a000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:30 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010080100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:30 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 18)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2743.070800] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10 sclass=netlink_xfrm_socket pid=59282 comm=syz-executor.6
[ 2743.077061] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10 sclass=netlink_xfrm_socket pid=59282 comm=syz-executor.6
[ 2743.097752] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2064 sclass=netlink_xfrm_socket pid=59319 comm=syz-executor.1
[ 2743.105482] FAULT_INJECTION: forcing a failure.
[ 2743.105482] name failslab, interval 1, probability 0, space 0, times 0
[ 2743.106685] CPU: 0 PID: 59316 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2743.107287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2743.108012] Call Trace:
[ 2743.108253]  dump_stack+0x107/0x167
[ 2743.108577]  should_fail.cold+0x5/0xa
[ 2743.108916]  ? selinux_kernfs_init_security+0x137/0x4c0
[ 2743.109387]  should_failslab+0x5/0x20
[ 2743.109728]  __kmalloc+0x72/0x390
[ 2743.110044]  selinux_kernfs_init_security+0x137/0x4c0
[ 2743.110495]  ? selinux_file_mprotect+0x610/0x610
[ 2743.110912]  ? find_held_lock+0x2c/0x110
[ 2743.111273]  ? __kernfs_new_node+0x2ad/0x860
[ 2743.111663]  ? lock_downgrade+0x6d0/0x6d0
[ 2743.112025]  ? rwlock_bug.part.0+0x90/0x90
[ 2743.112401]  security_kernfs_init_security+0x4e/0xb0
[ 2743.112841]  __kernfs_new_node+0x531/0x860
[ 2743.113210]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2743.113622]  ? cpumask_next+0x1f/0x30
[ 2743.113959]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2743.114371]  ? pcpu_alloc+0x12a/0x1240
[ 2743.114713]  kernfs_new_node+0x18d/0x250
[ 2743.115078]  kernfs_create_dir_ns+0x49/0x160
[ 2743.115463]  cgroup_mkdir+0x318/0xf50
[ 2743.115803]  ? cgroup_destroy_locked+0x710/0x710
[ 2743.116220]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2743.116581]  vfs_mkdir+0x493/0x700
[ 2743.116903]  do_mkdirat+0x150/0x2b0
[ 2743.117222]  ? user_path_create+0xf0/0xf0
[ 2743.117588]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2743.118045]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2743.118494]  do_syscall_64+0x33/0x40
[ 2743.118822]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2743.119270] RIP: 0033:0x7f72960ceb19
[ 2743.119603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2743.121184] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2743.121861] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2743.122487] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2743.123102] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2743.123743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2743.124386] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:14:45 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 19)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:14:45 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000b000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:45 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:14:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000009000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:14:45 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010090100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:45 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 17)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:14:45 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
recvfrom(r1, &(0x7f0000000180)=""/75, 0x4b, 0x12043, &(0x7f0000000300)=@ll={0x11, 0x1, 0x0, 0x1, 0x9, 0x6, @local}, 0x80)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:14:45 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="3c9578e4c96b0d63b0d8469b7782f2d373ec796a8d18d93de6d816ef7c563b1f7db06220d9d69f9f13e17d4af04dcf1daebef656cc34185723fc9766a75e5562be22fea9fbff7c2ee286eeac03f0c1484f2189fdd1bbcc02d2fa43ded4679ae4613911b004ec3f0e1d4d759cf7efb8c076a5c164ba0c4af9155ac446c3a6c4b3b2bc2a6e084e3665dc119f2692174403867a73701521436e7e23620722f7f8efcf"], 0x0, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0xee00, r0, 0x0)
r1 = getegid()
setresgid(r1, r1, 0x0)
lchown(&(0x7f0000000380)='./file0\x00', 0x0, r1)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x2082, &(0x7f0000000440)={[{@huge_always}, {@huge_never}, {@uid={'uid', 0x3d, r0}}, {@mode={'mode', 0x3d, 0x3}}, {@size={'size', 0x3d, [0x35, 0x65, 0x36, 0x67]}}], [{@appraise}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@dont_hash}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fsuuid={'fsuuid', 0x3d, {[0x33, 0x34, 0x31, 0x65, 0xfc5dfb2377b16fa2, 0x31, 0x38, 0x31], 0x2d, [0x63, 0x63, 0x63, 0x37], 0x2d, [0x64, 0x34, 0x33, 0x64], 0x2d, [0x37, 0x33, 0x36, 0x38], 0x2d, [0x33, 0x32, 0x63, 0x32, 0x63, 0x36, 0x64, 0x8]}}}, {@audit}]})
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x80, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x8}, 0x2438, 0x5, 0x0, 0x0, 0x6, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r3 = fork()
ptrace$setopts(0x4206, r3, 0x10001, 0x0)
ptrace(0x10, r3)
r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
pidfd_getfd(r4, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
pidfd_getfd(r5, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r6=>0x0, <r7=>0x0})
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x103}, {r2, 0x400}, {r4, 0x88}, {r5, 0x20}], 0x4, &(0x7f0000000100)={r6, r7+60000000}, &(0x7f0000000180)={[0x1]}, 0x8)

[ 2758.403849] audit: type=1326 audit(1716336885.660:4311): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.407539] audit: type=1326 audit(1716336885.661:4312): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.422823] FAULT_INJECTION: forcing a failure.
[ 2758.422823] name failslab, interval 1, probability 0, space 0, times 0
[ 2758.424094] CPU: 1 PID: 59427 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2758.424768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2758.425570] Call Trace:
[ 2758.425839]  dump_stack+0x107/0x167
[ 2758.426196]  should_fail.cold+0x5/0xa
[ 2758.426574]  ? create_object.isra.0+0x3a/0xa20
[ 2758.427021]  should_failslab+0x5/0x20
[ 2758.427395]  kmem_cache_alloc+0x5b/0x310
[ 2758.427803]  create_object.isra.0+0x3a/0xa20
[ 2758.428231]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2758.428729]  __kmalloc_node+0x1ae/0x420
[ 2758.429032] audit: type=1326 audit(1716336885.661:4313): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.429127]  crypto_create_tfm_node+0x84/0x340
[ 2758.432987]  crypto_spawn_tfm2+0x60/0xc0
[ 2758.433388]  crypto_authenc_init_tfm+0x3f/0x290
[ 2758.433839]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2758.434310]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2758.434755]  crypto_create_tfm_node+0x117/0x340
[ 2758.435213]  crypto_spawn_tfm2+0x60/0xc0
[ 2758.435613]  aead_init_geniv+0x1c3/0x330
[ 2758.435647] selinux_netlink_send: 1 callbacks suppressed
[ 2758.435665] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=11 sclass=netlink_xfrm_socket pid=59428 comm=syz-executor.6
[ 2758.436018]  ? kasan_unpoison_shadow+0x33/0x50
[ 2758.436031]  ? aead_geniv_free+0x20/0x20
[ 2758.436046]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2758.436066]  crypto_create_tfm_node+0x117/0x340
[ 2758.437323] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9 sclass=netlink_xfrm_socket pid=59429 comm=syz-executor.5
[ 2758.438044]  crypto_alloc_tfm_node+0x108/0x270
[ 2758.438064]  esp_init_authenc+0x1d2/0x920
[ 2758.438083]  ? esp_init_aead+0x2f0/0x2f0
[ 2758.442303] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=11 sclass=netlink_xfrm_socket pid=59428 comm=syz-executor.6
[ 2758.442361]  ? __xfrm_init_state+0x6ca/0x1490
[ 2758.444684]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.445101]  esp6_init_state+0x367/0x420
[ 2758.445498]  __xfrm_init_state+0x778/0x1490
[ 2758.445925]  xfrm_add_sa+0x1ec5/0x3510
[ 2758.446310]  ? xfrm_send_acquire+0xad0/0xad0
[ 2758.446743]  ? security_capable+0x95/0xc0
[ 2758.447149]  ? __nla_parse+0x3e/0x50
[ 2758.447526]  ? xfrm_send_acquire+0xad0/0xad0
[ 2758.447957]  xfrm_user_rcv_msg+0x416/0x830
[ 2758.448051] audit: type=1326 audit(1716336885.662:4314): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.448373]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2758.452215]  ? __mutex_lock+0x4fe/0x10b0
[ 2758.452607]  ? lock_acquire+0x197/0x470
[ 2758.452992]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2758.453437]  netlink_rcv_skb+0x14b/0x430
[ 2758.453831]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2758.454314]  ? netlink_ack+0xab0/0xab0
[ 2758.454700]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2758.455152] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9 sclass=netlink_xfrm_socket pid=59429 comm=syz-executor.5
[ 2758.456288]  xfrm_netlink_rcv+0x6b/0x90
[ 2758.456300]  netlink_unicast+0x549/0x7f0
[ 2758.456325]  ? netlink_attachskb+0x870/0x870
[ 2758.457765]  netlink_sendmsg+0x90f/0xdf0
[ 2758.458160]  ? netlink_unicast+0x7f0/0x7f0
[ 2758.458582]  ? netlink_unicast+0x7f0/0x7f0
[ 2758.458993]  __sock_sendmsg+0x154/0x190
[ 2758.459379]  ____sys_sendmsg+0x70d/0x870
[ 2758.459781]  ? sock_write_iter+0x3d0/0x3d0
[ 2758.460190]  ? do_recvmmsg+0x6d0/0x6d0
[ 2758.460569]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2758.461070]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.461474]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2758.461973]  ? SOFTIRQ_verbose+0x10/0x10
[ 2758.462370]  ___sys_sendmsg+0xf3/0x170
[ 2758.462748]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2758.463031] audit: type=1326 audit(1716336885.662:4315): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.463187]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.463207]  ? find_held_lock+0x2c/0x110
[ 2758.467349]  ? __fget_files+0x296/0x4c0
[ 2758.467751]  ? __fget_light+0xea/0x290
[ 2758.468134]  __sys_sendmsg+0xe5/0x1b0
[ 2758.468504]  ? __sys_sendmsg_sock+0x40/0x40
[ 2758.468918]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2758.469377]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2758.469876]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2758.470368]  ? trace_hardirqs_on+0x5b/0x180
[ 2758.470785]  do_syscall_64+0x33/0x40
[ 2758.471143]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2758.471635] RIP: 0033:0x7f87f21a2b19
[ 2758.472003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2758.473736] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2758.474460] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2758.475137] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2758.475437] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2320 sclass=netlink_xfrm_socket pid=59446 comm=syz-executor.1
[ 2758.475819] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2758.475827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2758.475834] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2758.487928] FAULT_INJECTION: forcing a failure.
[ 2758.487928] name failslab, interval 1, probability 0, space 0, times 0
[ 2758.490593] CPU: 0 PID: 59422 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2758.491675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2758.492976] Call Trace:
[ 2758.493396]  dump_stack+0x107/0x167
[ 2758.493973]  should_fail.cold+0x5/0xa
[ 2758.494579]  ? create_object.isra.0+0x3a/0xa20
[ 2758.495305]  should_failslab+0x5/0x20
[ 2758.495917]  kmem_cache_alloc+0x5b/0x310
[ 2758.496560]  ? stack_trace_consume_entry+0x160/0x160
[ 2758.497363]  create_object.isra.0+0x3a/0xa20
[ 2758.498057]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2758.498864]  kmem_cache_alloc+0x159/0x310
[ 2758.499530]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2758.500430]  radix_tree_extend+0x231/0x490
[ 2758.501173]  idr_get_free+0x623/0x8f0
[ 2758.501893]  idr_alloc_u32+0x170/0x2d0
[ 2758.502613]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2758.503497]  ? lock_acquire+0x197/0x470
[ 2758.504232]  ? __kernfs_new_node+0xff/0x860
[ 2758.505033]  idr_alloc_cyclic+0x102/0x230
[ 2758.505794]  ? idr_alloc+0x130/0x130
[ 2758.506475]  ? rwlock_bug.part.0+0x90/0x90
[ 2758.507267]  __kernfs_new_node+0x117/0x860
[ 2758.508048]  ? mark_held_locks+0x9e/0xe0
[ 2758.508797]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2758.509667]  ? cpumask_next+0x1f/0x30
[ 2758.510366]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2758.511223]  ? pcpu_alloc+0x12a/0x1240
[ 2758.511963]  kernfs_new_node+0x18d/0x250
[ 2758.512720]  kernfs_create_dir_ns+0x49/0x160
[ 2758.513534]  cgroup_mkdir+0x318/0xf50
[ 2758.514241]  ? cgroup_destroy_locked+0x710/0x710
[ 2758.515112]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2758.515887]  vfs_mkdir+0x493/0x700
[ 2758.516546]  do_mkdirat+0x150/0x2b0
[ 2758.517217]  ? user_path_create+0xf0/0xf0
[ 2758.517983]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2758.518936]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2758.519891]  do_syscall_64+0x33/0x40
[ 2758.520569]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2758.521499] RIP: 0033:0x7f72960ceb19
[ 2758.522175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2758.525467] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2758.526831] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2758.528115] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2758.529389] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2758.530666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2758.531952] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2758.547734] audit: type=1326 audit(1716336885.662:4316): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.555250] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2320 sclass=netlink_xfrm_socket pid=59446 comm=syz-executor.1
[ 2758.557457] audit: type=1326 audit(1716336885.760:4317): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2758.557559] audit: type=1326 audit(1716336885.760:4318): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59421 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:14:45 executing program 0:
syz_open_dev$tty1(0xc, 0x4, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000300)={0x3, &(0x7f0000000080)=[{0xb5f, 0x1f, 0x1c, 0x80000000}, {0x0, 0x81, 0x4, 0xffffffff}, {0x0, 0x80, 0x3, 0x6}]})
write$binfmt_elf64(r1, &(0x7f00000001c0)=ANY=[], 0xfdef)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000180))
chroot(&(0x7f0000000100)='./file1\x00')

00:14:45 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 20)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 2758.617859] audit: type=1326 audit(1716336885.874:4319): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59710 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:14:45 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000c000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2758.626571] audit: type=1326 audit(1716336885.883:4320): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=59710 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:14:45 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 18)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

[ 2758.675386] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12 sclass=netlink_xfrm_socket pid=59745 comm=syz-executor.6
[ 2758.680490] FAULT_INJECTION: forcing a failure.
[ 2758.680490] name failslab, interval 1, probability 0, space 0, times 0
[ 2758.681568] CPU: 1 PID: 59742 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2758.682168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2758.682884] Call Trace:
[ 2758.683126]  dump_stack+0x107/0x167
[ 2758.683449]  should_fail.cold+0x5/0xa
[ 2758.683802]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2758.684310]  should_failslab+0x5/0x20
[ 2758.684645]  kmem_cache_alloc+0x5b/0x310
[ 2758.685014]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2758.685507]  idr_get_free+0x4b5/0x8f0
[ 2758.685852]  idr_alloc_u32+0x170/0x2d0
[ 2758.686202]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2758.686635]  ? lock_acquire+0x197/0x470
[ 2758.686987]  ? __kernfs_new_node+0xff/0x860
[ 2758.687371]  idr_alloc_cyclic+0x102/0x230
[ 2758.687745]  ? idr_alloc+0x130/0x130
[ 2758.688075]  ? rwlock_bug.part.0+0x90/0x90
[ 2758.688462]  __kernfs_new_node+0x117/0x860
[ 2758.688838]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2758.689260]  ? cpumask_next+0x1f/0x30
[ 2758.689599]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2758.690018]  ? pcpu_alloc+0x12a/0x1240
[ 2758.690372]  kernfs_new_node+0x18d/0x250
[ 2758.690742]  kernfs_create_dir_ns+0x49/0x160
[ 2758.691142]  cgroup_mkdir+0x318/0xf50
[ 2758.691486]  ? cgroup_destroy_locked+0x710/0x710
[ 2758.691910]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2758.692280]  vfs_mkdir+0x493/0x700
[ 2758.692596]  do_mkdirat+0x150/0x2b0
[ 2758.692920]  ? user_path_create+0xf0/0xf0
[ 2758.693289]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2758.693747]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2758.694206]  do_syscall_64+0x33/0x40
[ 2758.694535]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2758.694986] RIP: 0033:0x7f72960ceb19
[ 2758.695317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2758.696902] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2758.697562] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2758.698187] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2758.698807] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2758.699431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2758.700061] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2758.704624] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12 sclass=netlink_xfrm_socket pid=59745 comm=syz-executor.6
[ 2758.716880] FAULT_INJECTION: forcing a failure.
[ 2758.716880] name failslab, interval 1, probability 0, space 0, times 0
[ 2758.719019] CPU: 0 PID: 59746 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2758.720160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2758.721511] Call Trace:
[ 2758.721948]  dump_stack+0x107/0x167
[ 2758.722551]  should_fail.cold+0x5/0xa
[ 2758.723181]  ? crypto_create_tfm_node+0x84/0x340
[ 2758.723970]  should_failslab+0x5/0x20
[ 2758.724603]  __kmalloc_node+0x76/0x420
[ 2758.725254]  crypto_create_tfm_node+0x84/0x340
[ 2758.726010]  crypto_init_shash_ops_async+0x59/0x3a0
[ 2758.726822]  crypto_ahash_init_tfm+0x3f0/0x500
[ 2758.727571]  crypto_create_tfm_node+0x117/0x340
[ 2758.728345]  crypto_spawn_tfm2+0x60/0xc0
[ 2758.729020]  crypto_authenc_init_tfm+0x3f/0x290
[ 2758.729773]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2758.730559]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2758.731290]  crypto_create_tfm_node+0x117/0x340
[ 2758.732066]  crypto_spawn_tfm2+0x60/0xc0
[ 2758.732734]  aead_init_geniv+0x1c3/0x330
[ 2758.733398]  ? kasan_unpoison_shadow+0x33/0x50
[ 2758.734144]  ? aead_geniv_free+0x20/0x20
[ 2758.734817]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2758.735550]  crypto_create_tfm_node+0x117/0x340
[ 2758.736325]  crypto_alloc_tfm_node+0x108/0x270
[ 2758.737075]  esp_init_authenc+0x1d2/0x920
[ 2758.737756]  ? esp_init_aead+0x2f0/0x2f0
[ 2758.738429]  ? __xfrm_init_state+0x6ca/0x1490
[ 2758.739159]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.739847]  esp6_init_state+0x367/0x420
[ 2758.740504]  __xfrm_init_state+0x778/0x1490
[ 2758.741213]  xfrm_add_sa+0x1ec5/0x3510
[ 2758.741853]  ? xfrm_send_acquire+0xad0/0xad0
[ 2758.742565]  ? security_capable+0x95/0xc0
[ 2758.743238]  ? __nla_parse+0x3e/0x50
[ 2758.743855]  ? xfrm_send_acquire+0xad0/0xad0
[ 2758.744563]  xfrm_user_rcv_msg+0x416/0x830
[ 2758.745254]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2758.746113]  ? __mutex_lock+0x4fe/0x10b0
[ 2758.746771]  ? lock_acquire+0x197/0x470
[ 2758.747411]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2758.748139]  netlink_rcv_skb+0x14b/0x430
[ 2758.748792]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2758.749588]  ? netlink_ack+0xab0/0xab0
[ 2758.750240]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2758.750982]  xfrm_netlink_rcv+0x6b/0x90
[ 2758.751632]  netlink_unicast+0x549/0x7f0
[ 2758.752296]  ? netlink_attachskb+0x870/0x870
[ 2758.753030]  netlink_sendmsg+0x90f/0xdf0
[ 2758.753686]  ? netlink_unicast+0x7f0/0x7f0
[ 2758.754386]  ? netlink_unicast+0x7f0/0x7f0
[ 2758.755060]  __sock_sendmsg+0x154/0x190
[ 2758.755716]  ____sys_sendmsg+0x70d/0x870
[ 2758.756367]  ? sock_write_iter+0x3d0/0x3d0
[ 2758.757054]  ? do_recvmmsg+0x6d0/0x6d0
[ 2758.757675]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2758.758531]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.759198]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2758.760064]  ? SOFTIRQ_verbose+0x10/0x10
[ 2758.760721]  ___sys_sendmsg+0xf3/0x170
[ 2758.761358]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2758.762090]  ? lock_downgrade+0x6d0/0x6d0
[ 2758.762768]  ? find_held_lock+0x2c/0x110
[ 2758.763424]  ? __fget_files+0x296/0x4c0
[ 2758.764095]  ? __fget_light+0xea/0x290
[ 2758.764726]  __sys_sendmsg+0xe5/0x1b0
[ 2758.765348]  ? __sys_sendmsg_sock+0x40/0x40
[ 2758.766036]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2758.766813]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2758.767641]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2758.768479]  ? trace_hardirqs_on+0x5b/0x180
[ 2758.769162]  do_syscall_64+0x33/0x40
[ 2758.769766]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2758.770573] RIP: 0033:0x7f87f21a2b19
[ 2758.771172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2758.774044] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2758.775270] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2758.776392] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2758.777509] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2758.778617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2758.779737] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:14:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000a000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:14:46 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000100a0100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:46 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000d000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:14:46 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='cramfs\x00', 0x1080040, &(0x7f0000000180)='{)!:\xa4]^*]u#%&-:]4{%#-{!{^$\xa2/\x00')
fork()

[ 2758.823032] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=13 sclass=netlink_xfrm_socket pid=59756 comm=syz-executor.6
[ 2758.825132] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10 sclass=netlink_xfrm_socket pid=59758 comm=syz-executor.5
[ 2774.166803] selinux_netlink_send: 4 callbacks suppressed
[ 2774.166822] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=11 sclass=netlink_xfrm_socket pid=60078 comm=syz-executor.5
00:15:01 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000100b0100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:01 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, 0xffffffffffffffff, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:01 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xea, 0xc4, 0x3, 0x40, 0x0, 0x4a, 0x82000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x400, 0x4, @perf_bp={&(0x7f0000000000), 0xc}, 0x4, 0x1f, 0x0, 0x2, 0x401, 0x1, 0xfff, 0x0, 0x3, 0x0, 0xf6a}, 0x0, 0xa, 0xffffffffffffffff, 0xa)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
kcmp(0x0, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, r0)
ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)

00:15:01 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x80)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r1 = fork()
dup2(r0, r0)
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
r2 = creat(&(0x7f0000000080)='./file1\x00', 0x64)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x214, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_BSSID={0xa}, @NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0xfffffffc}, {0x8, 0x0, 0x1ee00000}, {0x8, 0x0, 0x8}]}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x9c, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @random="c368f6d1b611"}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x5}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x24, 0x6, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x8, 0x2, 0x1}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x3}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x1}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x1}]}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x54, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x9}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x80000000}, @NL80211_BAND_6GHZ={0x8}, @NL80211_BAND_6GHZ={0x8, 0x3, 0xfffffffa}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x290f8bed}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x10000}, @NL80211_BAND_5GHZ={0x8, 0x1, 0xf5c2}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x20}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x2}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x4}]}]}, @NL80211_ATTR_SCAN_SUPP_RATES={0x138, 0x7d, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x2d, 0x0, "589800eb49e48a0f529b595a6cf1f39fd9cbea77a5d1b7b765a7f28156c44cbe6c315638c3bb16269e"}, @NL80211_BAND_60GHZ={0x102, 0x2, "d4fd980fc34328a0865dd58b65f847cde4e646997b903916940dfcc936e6a5e668eb46a54ae3153ef5d46fd4b0c2640e9dfae9656167e0c310bad4bc1a152e44e9ff9761914b66ebc79860787d0b792ffb5c8173406365007bb8001d06088e607d5f87cb1704c54e11fc425a00140850e3977957e37d69d549c02ef3dd2db06537d975ac5ad1d1a82e25b8db5642d9bc1a47a9a7e5a325f2215abea6d7529a7cba7077737a71ca3ca4c5fbc427a882675e96f2121e506c5d2c66181322a71998bfa19180de8ea14ecd6d8936d545551f93798a1d8ed4e041360834395d4f51db824d1529185a67105206a546a62c85676397929a4d2c3d0c7e70fb9a1cfc"}]}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}]}, 0x214}}, 0x0)
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:15:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000b000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:15:01 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 21)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:15:01 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 19)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:01 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000e000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2774.180480] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=14 sclass=netlink_xfrm_socket pid=60081 comm=syz-executor.6
[ 2774.187081] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2832 sclass=netlink_xfrm_socket pid=60077 comm=syz-executor.1
[ 2774.191143] kauditd_printk_skb: 32 callbacks suppressed
[ 2774.191165] audit: type=1326 audit(1716336901.447:4353): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.197603] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=14 sclass=netlink_xfrm_socket pid=60081 comm=syz-executor.6
[ 2774.197645] audit: type=1326 audit(1716336901.454:4354): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.201013] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=11 sclass=netlink_xfrm_socket pid=60078 comm=syz-executor.5
[ 2774.204820] FAULT_INJECTION: forcing a failure.
[ 2774.204820] name failslab, interval 1, probability 0, space 0, times 0
[ 2774.206715] CPU: 1 PID: 60084 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2774.207723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2774.208915] Call Trace:
[ 2774.209302]  dump_stack+0x107/0x167
[ 2774.209836]  should_fail.cold+0x5/0xa
[ 2774.210393]  ? create_object.isra.0+0x3a/0xa20
[ 2774.211087]  should_failslab+0x5/0x20
[ 2774.211665]  kmem_cache_alloc+0x5b/0x310
[ 2774.212289]  create_object.isra.0+0x3a/0xa20
[ 2774.212940]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2774.213682]  __kmalloc_node+0x1ae/0x420
[ 2774.214289]  crypto_create_tfm_node+0x84/0x340
[ 2774.214944]  crypto_init_shash_ops_async+0x59/0x3a0
[ 2774.215670]  crypto_ahash_init_tfm+0x3f0/0x500
[ 2774.216334]  crypto_create_tfm_node+0x117/0x340
[ 2774.216462] FAULT_INJECTION: forcing a failure.
[ 2774.216462] name failslab, interval 1, probability 0, space 0, times 0
[ 2774.217016]  crypto_spawn_tfm2+0x60/0xc0
[ 2774.217039]  crypto_authenc_init_tfm+0x3f/0x290
[ 2774.217057]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2774.217086]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2774.221382]  crypto_create_tfm_node+0x117/0x340
[ 2774.222054]  crypto_spawn_tfm2+0x60/0xc0
[ 2774.222644]  aead_init_geniv+0x1c3/0x330
[ 2774.223237]  ? kasan_unpoison_shadow+0x33/0x50
[ 2774.223905]  ? aead_geniv_free+0x20/0x20
[ 2774.224505]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2774.225173]  crypto_create_tfm_node+0x117/0x340
[ 2774.225840]  crypto_alloc_tfm_node+0x108/0x270
[ 2774.226527]  esp_init_authenc+0x1d2/0x920
[ 2774.227128]  ? esp_init_aead+0x2f0/0x2f0
[ 2774.227726]  ? __xfrm_init_state+0x6ca/0x1490
[ 2774.228383]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.229001]  esp6_init_state+0x367/0x420
[ 2774.229573]  __xfrm_init_state+0x778/0x1490
[ 2774.230231]  xfrm_add_sa+0x1ec5/0x3510
[ 2774.230792]  ? xfrm_send_acquire+0xad0/0xad0
[ 2774.231446]  ? security_capable+0x95/0xc0
[ 2774.232054]  ? __nla_parse+0x3e/0x50
[ 2774.232605]  ? xfrm_send_acquire+0xad0/0xad0
[ 2774.233241]  xfrm_user_rcv_msg+0x416/0x830
[ 2774.233856]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2774.234655]  ? __mutex_lock+0x4fe/0x10b0
[ 2774.235274]  ? lock_acquire+0x197/0x470
[ 2774.235846]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2774.236511]  netlink_rcv_skb+0x14b/0x430
[ 2774.237107]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2774.237802]  ? netlink_ack+0xab0/0xab0
[ 2774.238383]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2774.239037]  xfrm_netlink_rcv+0x6b/0x90
[ 2774.239606]  netlink_unicast+0x549/0x7f0
[ 2774.240200]  ? netlink_attachskb+0x870/0x870
[ 2774.240837]  netlink_sendmsg+0x90f/0xdf0
[ 2774.241428]  ? netlink_unicast+0x7f0/0x7f0
[ 2774.242060]  ? netlink_unicast+0x7f0/0x7f0
[ 2774.242652]  __sock_sendmsg+0x154/0x190
[ 2774.243236]  ____sys_sendmsg+0x70d/0x870
[ 2774.243808]  ? sock_write_iter+0x3d0/0x3d0
[ 2774.244436]  ? do_recvmmsg+0x6d0/0x6d0
[ 2774.244984]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2774.245735]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.246335]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2774.247094]  ? SOFTIRQ_verbose+0x10/0x10
[ 2774.247671]  ___sys_sendmsg+0xf3/0x170
[ 2774.248253]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2774.248895]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.249502]  ? find_held_lock+0x2c/0x110
[ 2774.250092]  ? __fget_files+0x296/0x4c0
[ 2774.250675]  ? __fget_light+0xea/0x290
[ 2774.251237]  __sys_sendmsg+0xe5/0x1b0
[ 2774.251782]  ? __sys_sendmsg_sock+0x40/0x40
[ 2774.252404]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2774.253102]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2774.253835]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2774.254581]  ? trace_hardirqs_on+0x5b/0x180
[ 2774.255193]  do_syscall_64+0x33/0x40
[ 2774.255726]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2774.256459] RIP: 0033:0x7f87f21a2b19
[ 2774.256999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2774.259543] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2774.260647] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2774.261676] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2774.262700] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2774.263724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2774.264761] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2774.265826] CPU: 0 PID: 60082 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2774.266967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2774.268328] Call Trace:
[ 2774.268775]  dump_stack+0x107/0x167
[ 2774.269419]  should_fail.cold+0x5/0xa
[ 2774.269623] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2832 sclass=netlink_xfrm_socket pid=60085 comm=syz-executor.1
[ 2774.270027]  ? create_object.isra.0+0x3a/0xa20
[ 2774.270052]  should_failslab+0x5/0x20
[ 2774.270079]  kmem_cache_alloc+0x5b/0x310
[ 2774.273773]  create_object.isra.0+0x3a/0xa20
[ 2774.274508]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2774.274969] audit: type=1326 audit(1716336901.460:4355): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.275351]  __kmalloc_track_caller+0x177/0x370
[ 2774.279106]  ? security_context_to_sid_core+0xb4/0x890
[ 2774.279998]  kmemdup_nul+0x2d/0xa0
[ 2774.280587]  security_context_to_sid_core+0xb4/0x890
[ 2774.281438]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 2774.282329]  ? do_raw_spin_lock+0x121/0x260
[ 2774.283032]  ? rwlock_bug.part.0+0x90/0x90
[ 2774.283731]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2774.284544]  ? do_raw_spin_unlock+0x4f/0x220
[ 2774.285261]  ? _raw_spin_unlock+0x1a/0x30
[ 2774.285951]  security_context_to_sid+0x35/0x50
[ 2774.286713]  selinux_kernfs_init_security+0x19d/0x4c0
[ 2774.287566]  ? selinux_file_mprotect+0x610/0x610
[ 2774.288359]  ? find_held_lock+0x2c/0x110
[ 2774.288602] audit: type=1326 audit(1716336901.522:4356): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.289023]  ? __kernfs_new_node+0x2ad/0x860
[ 2774.289049]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.293392]  ? rwlock_bug.part.0+0x90/0x90
[ 2774.294089]  security_kernfs_init_security+0x4e/0xb0
[ 2774.294940]  __kernfs_new_node+0x531/0x860
[ 2774.295655]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2774.296449]  ? cpumask_next+0x1f/0x30
[ 2774.297063]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2774.297841]  ? pcpu_alloc+0x12a/0x1240
[ 2774.298498]  kernfs_new_node+0x18d/0x250
[ 2774.299184]  kernfs_create_dir_ns+0x49/0x160
[ 2774.299924]  cgroup_mkdir+0x318/0xf50
[ 2774.300564]  ? cgroup_destroy_locked+0x710/0x710
[ 2774.301027] audit: type=1326 audit(1716336901.522:4357): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.301359]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2774.304987]  vfs_mkdir+0x493/0x700
[ 2774.305596]  do_mkdirat+0x150/0x2b0
[ 2774.306196]  ? user_path_create+0xf0/0xf0
[ 2774.306885]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2774.307738]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2774.308598]  do_syscall_64+0x33/0x40
[ 2774.309195]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2774.310037] RIP: 0033:0x7f72960ceb19
[ 2774.310650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2774.313620] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2774.314873] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2774.315624] audit: type=1326 audit(1716336901.522:4358): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.316038] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2774.316050] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2774.316062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2774.316082] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:15:01 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000100f0100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2774.396515] audit: type=1326 audit(1716336901.652:4359): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.400147] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3856 sclass=netlink_xfrm_socket pid=60239 comm=syz-executor.1
00:15:01 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000f000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2774.408949] audit: type=1326 audit(1716336901.665:4360): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60073 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.419065] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3856 sclass=netlink_xfrm_socket pid=60290 comm=syz-executor.1
00:15:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000c000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2774.504657] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=60379 comm=syz-executor.6
00:15:01 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010100100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2774.521631] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=60379 comm=syz-executor.6
00:15:01 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, 0xffffffffffffffff, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:01 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000210000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:01 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 20)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:01 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010110100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000d000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:15:01 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0x201, 0x9, 0x6, 0x1}, {0x6, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4200, 0x0, 0x100000001, 0x10)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
r1 = shmget(0x0, 0x3000, 0x10, &(0x7f0000ffd000/0x3000)=nil)
lstat(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getegid()
setresgid(r3, r3, 0x0)
r4 = fork()
ptrace$setopts(0x4206, r4, 0x10001, 0x0)
ptrace(0x10, r4)
ptrace$cont(0x9, r4, 0x68c, 0x0)
shmctl$IPC_SET(r1, 0x1, &(0x7f0000000300)={{0x1, 0xee00, 0xffffffffffffffff, r2, r3, 0xe2}, 0x4f2e, 0x100000001, 0x8b7b, 0x8, r4, r0, 0x6})
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2774.740436] audit: type=1326 audit(1716336901.996:4361): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60511 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.740460] FAULT_INJECTION: forcing a failure.
[ 2774.740460] name failslab, interval 1, probability 0, space 0, times 0
[ 2774.740486] CPU: 0 PID: 60507 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2774.746734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2774.748125] Call Trace:
[ 2774.748649]  dump_stack+0x107/0x167
[ 2774.749266]  should_fail.cold+0x5/0xa
[ 2774.749519] audit: type=1326 audit(1716336902.005:4362): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60511 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2774.749914]  ? crypto_create_tfm_node+0x84/0x340
[ 2774.753625]  should_failslab+0x5/0x20
[ 2774.754245]  __kmalloc_node+0x76/0x420
[ 2774.754885]  ? crypto_init_shash_ops_async+0x2d4/0x3a0
[ 2774.755751]  crypto_create_tfm_node+0x84/0x340
[ 2774.756530]  crypto_spawn_tfm2+0x60/0xc0
[ 2774.757189]  crypto_authenc_init_tfm+0x6f/0x290
[ 2774.757949]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2774.758725]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2774.759466]  crypto_create_tfm_node+0x117/0x340
[ 2774.760308]  crypto_spawn_tfm2+0x60/0xc0
[ 2774.760991]  aead_init_geniv+0x1c3/0x330
[ 2774.761656]  ? kasan_unpoison_shadow+0x33/0x50
[ 2774.762414]  ? aead_geniv_free+0x20/0x20
[ 2774.763075]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2774.763820]  crypto_create_tfm_node+0x117/0x340
[ 2774.764627]  crypto_alloc_tfm_node+0x108/0x270
[ 2774.765410]  esp_init_authenc+0x1d2/0x920
[ 2774.766078]  ? esp_init_aead+0x2f0/0x2f0
[ 2774.766776]  ? __xfrm_init_state+0x6ca/0x1490
[ 2774.767529]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.768209]  esp6_init_state+0x367/0x420
[ 2774.768883]  __xfrm_init_state+0x778/0x1490
[ 2774.769598]  xfrm_add_sa+0x1ec5/0x3510
[ 2774.770242]  ? xfrm_send_acquire+0xad0/0xad0
[ 2774.770973]  ? security_capable+0x95/0xc0
[ 2774.771659]  ? __nla_parse+0x3e/0x50
[ 2774.772293]  ? xfrm_send_acquire+0xad0/0xad0
[ 2774.773016]  xfrm_user_rcv_msg+0x416/0x830
[ 2774.773718]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2774.774593]  ? __mutex_lock+0x4fe/0x10b0
[ 2774.775257]  ? lock_acquire+0x197/0x470
[ 2774.775928]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2774.776671]  netlink_rcv_skb+0x14b/0x430
[ 2774.777349]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2774.778166]  ? netlink_ack+0xab0/0xab0
[ 2774.778831]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2774.779620]  xfrm_netlink_rcv+0x6b/0x90
[ 2774.780295]  netlink_unicast+0x549/0x7f0
[ 2774.780969]  ? netlink_attachskb+0x870/0x870
[ 2774.781721]  netlink_sendmsg+0x90f/0xdf0
[ 2774.782403]  ? netlink_unicast+0x7f0/0x7f0
[ 2774.783099]  ? netlink_unicast+0x7f0/0x7f0
[ 2774.783799]  __sock_sendmsg+0x154/0x190
[ 2774.784480]  ____sys_sendmsg+0x70d/0x870
[ 2774.785151]  ? sock_write_iter+0x3d0/0x3d0
[ 2774.785849]  ? do_recvmmsg+0x6d0/0x6d0
[ 2774.786503]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2774.787371]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.788065]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2774.788930]  ? SOFTIRQ_verbose+0x10/0x10
[ 2774.789613]  ___sys_sendmsg+0xf3/0x170
[ 2774.790251]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2774.790998]  ? lock_downgrade+0x6d0/0x6d0
[ 2774.791684]  ? find_held_lock+0x2c/0x110
[ 2774.792375]  ? __fget_files+0x296/0x4c0
[ 2774.793030]  ? __fget_light+0xea/0x290
[ 2774.793694]  __sys_sendmsg+0xe5/0x1b0
[ 2774.794340]  ? __sys_sendmsg_sock+0x40/0x40
[ 2774.795032]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2774.795824]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2774.796699]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2774.797555]  ? trace_hardirqs_on+0x5b/0x180
[ 2774.798261]  do_syscall_64+0x33/0x40
[ 2774.798878]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2774.799716] RIP: 0033:0x7f87f21a2b19
[ 2774.800350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2774.803322] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2774.804599] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2774.805761] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2774.806909] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2774.808068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2774.809214] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:15:02 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010480100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:15 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000310000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:15 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 22)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:15:15 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
chroot(&(0x7f0000000100)='./file1\x00')

00:15:15 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 21)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:15 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, 0xffffffffffffffff, 0xffffffffffffffff, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:15 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000104c0100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000e000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2788.731796] selinux_netlink_send: 10 callbacks suppressed
[ 2788.731813] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=14 sclass=netlink_xfrm_socket pid=60731 comm=syz-executor.5
[ 2788.741920] kauditd_printk_skb: 9 callbacks suppressed
[ 2788.741933] audit: type=1326 audit(1716336915.998:4372): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2788.753047] audit: type=1326 audit(1716336916.009:4373): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2788.755124] audit: type=1326 audit(1716336916.010:4374): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2788.758847] FAULT_INJECTION: forcing a failure.
[ 2788.758847] name failslab, interval 1, probability 0, space 0, times 0
[ 2788.758985] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=19472 sclass=netlink_xfrm_socket pid=60745 comm=syz-executor.1
[ 2788.761149] CPU: 0 PID: 60737 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2788.762785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2788.764090] Call Trace:
[ 2788.764531]  dump_stack+0x107/0x167
[ 2788.765125]  should_fail.cold+0x5/0xa
[ 2788.765739]  ? crypto_create_tfm_node+0x84/0x340
[ 2788.766499]  should_failslab+0x5/0x20
[ 2788.767104]  __kmalloc_node+0x76/0x420
[ 2788.767718]  ? crypto_init_shash_ops_async+0x2d4/0x3a0
[ 2788.768021] audit: type=1326 audit(1716336916.010:4375): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2788.768564]  crypto_create_tfm_node+0x84/0x340
[ 2788.768590]  crypto_spawn_tfm2+0x60/0xc0
[ 2788.770500] audit: type=1326 audit(1716336916.010:4376): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2788.771150]  crypto_authenc_init_tfm+0x6f/0x290
[ 2788.771171]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2788.776449]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2788.777165]  crypto_create_tfm_node+0x117/0x340
[ 2788.777913]  crypto_spawn_tfm2+0x60/0xc0
[ 2788.778590]  aead_init_geniv+0x1c3/0x330
[ 2788.779096] FAULT_INJECTION: forcing a failure.
[ 2788.779096] name failslab, interval 1, probability 0, space 0, times 0
[ 2788.779242]  ? kasan_unpoison_shadow+0x33/0x50
[ 2788.779262]  ? aead_geniv_free+0x20/0x20
[ 2788.779286]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2788.782660]  crypto_create_tfm_node+0x117/0x340
[ 2788.783405]  crypto_alloc_tfm_node+0x108/0x270
[ 2788.784153]  esp_init_authenc+0x1d2/0x920
[ 2788.784812]  ? esp_init_aead+0x2f0/0x2f0
[ 2788.785477]  ? __xfrm_init_state+0x6ca/0x1490
[ 2788.786191]  ? lock_downgrade+0x6d0/0x6d0
[ 2788.786854]  esp6_init_state+0x367/0x420
[ 2788.787505]  __xfrm_init_state+0x778/0x1490
[ 2788.788209]  xfrm_add_sa+0x1ec5/0x3510
[ 2788.788835]  ? xfrm_send_acquire+0xad0/0xad0
[ 2788.789534]  ? security_capable+0x95/0xc0
[ 2788.790190]  ? __nla_parse+0x3e/0x50
[ 2788.790784]  ? xfrm_send_acquire+0xad0/0xad0
[ 2788.791479]  xfrm_user_rcv_msg+0x416/0x830
[ 2788.792164]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2788.792997]  ? __mutex_lock+0x4fe/0x10b0
[ 2788.793639]  ? lock_acquire+0x197/0x470
[ 2788.794268]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2788.794986]  netlink_rcv_skb+0x14b/0x430
[ 2788.795620]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2788.796421]  ? netlink_ack+0xab0/0xab0
[ 2788.797046]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2788.797770]  xfrm_netlink_rcv+0x6b/0x90
[ 2788.798398]  netlink_unicast+0x549/0x7f0
[ 2788.799051]  ? netlink_attachskb+0x870/0x870
[ 2788.799750]  netlink_sendmsg+0x90f/0xdf0
[ 2788.800417]  ? netlink_unicast+0x7f0/0x7f0
[ 2788.801101]  ? netlink_unicast+0x7f0/0x7f0
[ 2788.801771]  __sock_sendmsg+0x154/0x190
[ 2788.802406]  ____sys_sendmsg+0x70d/0x870
[ 2788.803061]  ? sock_write_iter+0x3d0/0x3d0
[ 2788.803722]  ? do_recvmmsg+0x6d0/0x6d0
[ 2788.804360]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2788.805188]  ? lock_downgrade+0x6d0/0x6d0
[ 2788.805854]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2788.806678]  ? SOFTIRQ_verbose+0x10/0x10
[ 2788.807335]  ___sys_sendmsg+0xf3/0x170
[ 2788.807952]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2788.808690]  ? lock_downgrade+0x6d0/0x6d0
[ 2788.809359]  ? find_held_lock+0x2c/0x110
[ 2788.810018]  ? __fget_files+0x296/0x4c0
[ 2788.810653]  ? __fget_light+0xea/0x290
[ 2788.811288]  __sys_sendmsg+0xe5/0x1b0
[ 2788.811885]  ? __sys_sendmsg_sock+0x40/0x40
[ 2788.812588]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2788.813348]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2788.814179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2788.814985]  ? trace_hardirqs_on+0x5b/0x180
[ 2788.815663]  do_syscall_64+0x33/0x40
[ 2788.816264]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2788.817076] RIP: 0033:0x7f87f21a2b19
[ 2788.817661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2788.820565] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2788.821755] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2788.822879] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2788.824009] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2788.825141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2788.826267] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2788.827425] CPU: 1 PID: 60743 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2788.828053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2788.828821] Call Trace:
[ 2788.829061]  dump_stack+0x107/0x167
[ 2788.829379]  should_fail.cold+0x5/0xa
[ 2788.829717]  should_failslab+0x5/0x20
[ 2788.830058]  __kmalloc_track_caller+0x79/0x370
[ 2788.830451]  ? sidtab_sid2str_get+0x17e/0x720
[ 2788.830845]  kmemdup+0x23/0x50
[ 2788.831128]  sidtab_sid2str_get+0x17e/0x720
[ 2788.831484]  sidtab_entry_to_string+0x33/0x110
[ 2788.831884]  security_sid_to_context_core+0x33c/0x5d0
[ 2788.832325]  selinux_kernfs_init_security+0x239/0x4c0
[ 2788.832786]  ? selinux_file_mprotect+0x610/0x610
[ 2788.833181]  ? find_held_lock+0x2c/0x110
[ 2788.833540]  ? __kernfs_new_node+0x2ad/0x860
[ 2788.833901]  ? rwlock_bug.part.0+0x90/0x90
[ 2788.834275]  security_kernfs_init_security+0x4e/0xb0
[ 2788.834685]  __kernfs_new_node+0x531/0x860
[ 2788.835055]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2788.835445]  ? cpumask_next+0x1f/0x30
[ 2788.835774]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2788.836163]  ? pcpu_alloc+0x12a/0x1240
[ 2788.836513]  kernfs_new_node+0x18d/0x250
[ 2788.836855]  kernfs_create_dir_ns+0x49/0x160
[ 2788.837248]  cgroup_mkdir+0x318/0xf50
[ 2788.837565]  ? cgroup_destroy_locked+0x710/0x710
[ 2788.837980]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2788.838321]  vfs_mkdir+0x493/0x700
[ 2788.838631]  do_mkdirat+0x150/0x2b0
[ 2788.838933]  ? user_path_create+0xf0/0xf0
[ 2788.839301]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2788.839718]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2788.840174]  do_syscall_64+0x33/0x40
[ 2788.840482]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2788.840915] RIP: 0033:0x7f72960ceb19
[ 2788.841218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2788.842921] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2788.843672] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2788.844290] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2788.844890] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2788.845494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2788.846093] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:15:15 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
io_setup(0x9, &(0x7f0000000600)=<r2=>0x0)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000180)=0x1, &(0x7f00000001c0)=0x4)
io_cancel(r2, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
kcmp(0x0, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, r4)
r5 = openat(r3, &(0x7f0000000380)='./file0\x00', 0x204000, 0xc1)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
[ 2788.847839] audit: type=1326 audit(1716336916.012:4377): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2788.851589] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=19472 sclass=netlink_xfrm_socket pid=60757 comm=syz-executor.1
io_submit(0x0, 0x5, &(0x7f0000000640)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x3ff, r0, &(0x7f00000007c0)="a8ef145009123715dc8ccd536e206793ef1bc7010fb3608b84066b33b1c7613c3f5bceb0114a26bd4d6e46f65508243dcb6d692259f1c7046ded1a05071e9ddc170a9c0beb180f3b4b4f7af9e7ce6bfb4e904ed2e42aec167524d401e04b411853857aa3680a71a77b12875da19e7aa6f6c451e36af7788b0b50e2800bf5c7ad2e444353b32dc6cb4a4425b451d0d50d69715ed2d50d5e6e9762a2a6c0bc2d8a8ee3286bf068ab170289f6d2ca97c8b80e38791c3d0dc0f40463901e9dc9196fc93238ef0accaf6da07513ae4fb677c0bd733eeec9d5ca37010083f72ab16f03f461a92a8260bd2283f63b163eacb5a6a2f6b9b5f5cec45c275e3e4266dc122c9bbbc5cce0b238fdac3b3314238f7a19a2d6295a046b663ac0f1a82d1c76d31c9abb50c29baf633c4a7175d60ef5476874a8b3353f8423e6b277fe1a0a2f7e5b861e82ad00062a91940f7e9c5c326d4f5976da0468287eee092cf6118236ace2ffed88d627159e1d7b0c6c86a1e084a004f4da1f50cee7969ee2cccef16338e11ecb588a723459b32728a3123871c61df3683ec82cbeb054a81fbccf1e7ffc619024b8f8c3cf934644e1bac3170c6534d3ad4808b81fb05838384efd3c47297d3bcff1c48cfa2bc4f8919730a4c9bc6d2a7dd6cabbff2e97f5954fd5834699727585085217d080a0c6222135fd5e3302e84de42d1220d367d07a0b212175c02d99f0321d7ebc387020abd42faf623a179828a8d8e48f5a8a9331a1cdeff17009a2112ae5cd6b9f78eb81b9c2e8908b2e689117bb2c058c8592c6867b88fc4d4062988a4286bcddf32cb09c0b3c22870d3f35667eeaaacb1ad2eee5aae01191163e6ec7e3179f3d5a7bd77f6432eac99cfdc7ee978988a12324e6401e4e021cc4fcd3a4ec69778b3404e5d822d715a0044f88eeb17c3a38c6a1412eab31d64dde288f7429e13bf9fca32319a39e897b4bf2def69d23afe6096b18e39b0e5924b9ba4d50b01229c72b6abf96f09bb7ee1f428cb25cbc04863715db12a3266b77eab26dd189f782ca79dc1b4aa0a5595403e4d458de5f753f170368c9e2f12be8c2e510b9d596be37d5f0c74dd5b8e92ece66130d702a3fb03cd4b0ca71f9c8d1034ad117b3a494fdfbffa6e0f18467b12e7de100f3bb97a2a1786f78e4735894808f11bb991bea280f7ccedcc4273da2f0361c4d80104a1905516af202e84e4f22c80402473023a877550603093a5b2a34ec68c8cb4f7ddafe4b23049cdb050764574e898947edc5ec9599bd4e13956b906cb009e3708d5d3dab02ffe35156702722d135eeb8a6cbcdd51fde8add9e25a7550294dc525f2a03289a359cda4a6c7a387ab51db3c2cc6115d89f847b93fa29ad946da07efabf660d378d8753d3980dea9a16259115b8ad5fb9ed4a14ec896a53f035fe47a7d7739998eb6820a2bbe4289dcc1badf3bc83f9bd2ce1ee5760bb6f2d1871f546166f0e3fc4891de167699e58d7996a5603a8ce6be16e3bb536fb81209bd3b2d32bf3904e7c64371dda27b3853317c43c3868c39aa47642a75a7ccd743eceb9ef51f88a88effd3ae86b3be06839cc3c49bb3ab0269aa2642365e84a71dce7d78bad3ba9f7d3f2faab65cd46174e9536eef5c58005e6ed2c67346ff56f0ab68fd37357b21b15454a61d5ce29f7f28fa04e8189ee480e3b05d863af5d894f209983c19ebcbbc9be9c6eb564151ce6ab7c90b9a6dba7fe6786a4e76a4227123ea655e5f04856f6ed879858f6fd5281d7170a2fc44be659649cf4d7e895d94c935fcadc59ef8d641e2161cbb2fac71a173a41a37a97b23c89f29cedadc31e3aefca93fd289cdd593a3a13101a09c0de2b9bbc71812fa52f5f410b01a9f550b4949ef18d1883e00e07dab2a0e86953a992567d4c080fdbef22bd8b21bffb0c63938c03543bd18c7c96a12a6a3f8d864ad48df1c442c0d75ea8e768b7d14feed8640bed8690ea7b97936b3627b0b96224807bd487ade289e85759acd9e3ae460b092dd88f6d34f8e95a45c1e7c480b10826a0b8e2ef258fdf3c83ed510beb767803daba54d3f3e14af68955fb2cb35fd0804441fb16a4bfc4041ac7a3a2cddde83528568e05c9e044da6d8e083fb8cbb1592b6b417a8a05a50983f328c5a60635f2647448dbc74ac9abba0c1bfab9cac7043a2a98b278cd1841bd460920b58ea46c776445cb15cc4f17d45f172628783ceeb197f513003b61d5ce343cbeaf76605d265b227fb9bc2c8233da18ec430c7646aa579fecd1712a23f4641df3d99f51f1392df1e5a1fa4310c47870495cc727118749874df9fd6d6bed01e6d96da6f83f1ba461d38184617b8a4ed25529268843ba0f9555fbccead249a132a8d05436d753a7c818fc5fed207534d38d68e25ecf4566415308d96f2b02a03db538be80c215f2b16d78158c1925ee2932742443b54d96f404f98d84af1aef3d459d8f47a70bf17da40e78b1bfaf8094e9b91b731e241d1c0e0bb0cd7141a1fdfeaec382412c9ec2f3959f4bf06b58c152bc9995d640e5fe3623d586cf831dbc788309eb6188fbc9546e428cb4b072ab1e3d9c3920fc310a20731434d6bbbcc9594d3ab6e24397883e69f629e96d262b3910304d786755206e661321c9760bc2adc590a0d51086b08e7a35904c84c01718baf4b68b33dda88898de8436adb226336897b7f2a58471242a5338a87efe1cef9a4cd193fb8d269078b0e4a2868bf8c8a6debb2734472819350ad4c485e98a9bfb7ae68c55a0afd7f3ec81abab97f3ce99cc75ebd399a112df846f10566cdfca3c82930db3da347144d6bd7482dcbf78214c894ea2d426df809121efe6419ff6a8c110c27c929f602ef7cf0b6c88634330c425a1f7b48b5107f50a133229667dafb7e922f90e8ee88275dccfddbd64acc8359d6f9095b9f1186dcc10247f4a6fd853892fa383126d133347a77b531478fc25d162778b37d400b7eea164c4fb8225ff93e24d841213430e00acdc96ebd13f4623b2edaf30e7b930bedcd592057c788d94da00a939295c92774e928de0cca65e602def78a8bd54e8f55895c4d94eaca58568899b97715f8c2806ddbabccb66faa9f7ef1e0cdf4ca533187c9e773cd41c24657ed434f98a602dc929a2dc633a4d6b20ba468651d137fd46241ce05096c0defd345be79b104def5c123c454d7134c1aeb215adb6f6a65147c35431e89ea990435e372922ab6a636a9018ea704adf99646a44aa9bbf1b1745403f15cc258f946a073807942a76210cb370de9e3c2f79fe14ab7b06fd0f8f01bd06efd9d10ceaea05849ab27f9c1de60062c5e7ff1ffb9421212820e5c5f2f627103dce946f44f680949a4285ce28304361c2a945a740bf801078a8b38ffe6b059de8a86ad51c6398ebe653bd3f0042f9920a898563ee1dd6c9fda76ce94728c03eac1e68e07f5d5efa991cd188beb0145f1e27886388c9ff12d900678975952c08f4cdfcb373114d0f8d73f26e6ea9243f4c3ccc75f235ec2f63af2f1bacb28941ba9757f1d89ffe62cf1f2f556daaf84a5049e74db38381a67f12ee48f56e5b2e2cdf9942c8bd3cd8a52666db48d7d3bb1cd7c75ad0c58b86515f2d802fe9541ab4e6ea316cee041a1b9d8740c6c3dc330eaf999b7a6804a94be71899867778933b1a21d03d2dd8491cc0ddbb8312dd7d7e11255a5b8cbf2c631a43a08b03289f586da80fe27727c0815617b5d15e7e8b536d93b9113baa0be5a1378fe15b59a9de71612fca3ace0ff8fa1d8f5edb28694ab1dd0845adf951ddffc18a5025c14301e2dd0f9292a1e83711dab390c37bd5b7a8433a42f7e995cf99d3c02a227410e143261c45d64e12251d0f6835522c18d934141f6561c17df646a3b14a443c29bbc4c96150f2de2559bf41a7693f406a0d61f6b81fc817a61f240724ae036fd199fcef6db63d1e1917df9e164fd22818f992da433ab7dc48b8f2cb9af3c5764af7f1f4ebbf4f99c080dbbf5a4a588b307eef33565226348b6bedd48486eadfbd83a5707798afc3ec445b3408f699b4bee1ac4fe37fef4286ff13662e0346660f661dbab69eb9c3e84e0f84a70b1c1c1210a34d42734dbcd25b40722efa119e945778fd28241874b29f1018599c95cb38481aa1da2ddfe54a16f609ad911ce118431cbdc7f24b3293035d9cdf715087862b0102d8a4b3b3c9091cd6cdaab8d3b9a44b188730c28b83d85468fcf16e8437ba27ea66dbc6e6c6bad8ac0dd33aef14c0440a3183fe4ca8d1b486a3f344d646b34028b87e26bcdccdc6a989cf2a7eec88764276167dc3b0c3f1acc5d5c3638df822607837b64ff71a7f6814ac7cda1de5f6464e5487c66abbaa6039441704c287c467e620ab7efc6fb0f76b0dd39946c8d5e00bf5508804aa9a43422f7f352f066bf223fb1a5543fe32a42a7651c7e19e7aee17a1bbc8e7ac66eeaf06d60183e72d778b7b2a3f15477b90b3906037d1f8fad4b9307867d870e28139f2d645ad44f113779028c2bf99b8aa9fd0152906526aeadf080628020af3b18dbf6f9a602a68761853b27796ad46fe27e399f0dff4d410e450cb73342020d2a82c29432627370529c3dbce712510e44a584a1863a81b56b4a1aad6dfc0d8680be8fca43ac69d4c4fde7c4f2aa7923ed6c8b587d829904fba4a1f0ef3eda87a394c4bff3595cbb0856dff13924a96b1d7e84ad345d01f3ea64e85c8751529e79d66d894b451f915acaf1604bdb05f5caa7d8041bf875125b7d9ffd1d8bcb15760ab4e3da7a8be8effd30df7a728b1bff2469e51cf2cf6d8a8601a336d229d49f3fc9f69c17379be29cf7e0380d97700e2757d21f975dc1936da14eabff007d6da0b1c91b5c02b5127df6503d3c645670824d193c852b468ac275415061bcec1a03885d40ab2a14d69cf4a8d28157122b4d4267f017de41e15d1179bc6a531ee0944ffab0083411684310c9dcf75924fccb9cbbe9b9f245f2942378e6e813d6981df2383607d4af6849386f4ecd5ca85f928ca15e75683643f9b100f52874372af274f3cb3d92c69f46efee81810c47524f22004a481ae53e148f983ece7b293a2466d818d6cbb861a6d354b824dc136bbd856ed54f95b2a98aafcbed671370250ee53c6f400af0aa3dd95db9e9e653b278a293bc61dea35a47d97beba99d57794b5aa2c4af28c6e0f5fb0124dec8ab2f56fd7bd4fb7bac713b096e8bf2b39b045f9793fa9bddcc23ae259115a6fe773e4aea562598ba13747776769ae6e098896875a019a3445d864c67c971339bff838f2ff667285a1b9ef259732398f0421288bd5a9662ef4709a3f112ce34136e47e697bd1a4fa58fa46fd99e50eb1f6cc41a3fe78028cb39cf05205f727272bdc3a960829d5cb682afe8bbc89ffe086574569c22a3f50cd9cb8f112a6bc99856b5549172f3087ea10b9bfe2330939e26ca24d35472cdb86d816bd176aa9fdccfdebed5ed02aa9c37027c443150b5ab6cd1fb87d90b3f146ab0915f9266668b00ecb05762cf085506a55c2ec89c946189f87728a5fd091ce6fa2a4912a08514bad60de89effc6a3033bd9527252777d42819ce038c0e49cc667729b553991f87e42ec53b39c7fae2939c39b331cd0bc7481e32eb4d0a181aa10b546e0f915f2dfcce34d9292e910ced387ef9eabab182b2f5d85cc0daec43ca886d28170cb090e696a5adcf1e42472b4aaf2ad01dea1810f09afa3191cf4c7fd9ab016dab5319fef01337c7cbb6f55fc344670c12f5e9cc15c06a12db7719d2f94918e49e70023b2b6be8c4a8246f", 0x1000, 0xfac, 0x0, 0x0, r3}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x7, 0x3000, r4, &(0x7f0000000300)="73dcaa1d5c9a2d0275d099358d332f7b2f3771ac2dfe7d400354bb235ac8b10ca9ab42f3e0bea0f5c5d862e47af4aa26c0fc874d68a74293e0a180e350ca2042fca562dc047f854b7aa24ce22ed4626faddaefa3f2f167017578d87575089443500b6d95173acb4bff58cfa7ef768db8", 0x70, 0x1b00000000000, 0x0, 0x0, r5}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0xc0fa, r0, &(0x7f0000001e00)="d7e8b00c00e8098122cb162b484cc3f92bf1aebae36db4bcddebdc3ccb65516c342c058fd187e15261d1a2726bfe7199535d106362843af74916e5f9a47996be1c14f00dc4b33f5e8332ba051c42d16584f8bcdad8ea8d1114f8dc9b6da2b7974c67f96f46762c73b81bc26867cf5fa4d5f40946939fcdb8f2fdcc9b90424836433d17c63f1fa555536a8decc94e4079e07bba61e9d8c3b45d7e64b9719201408f68806db7787d029e0285a057ee9b50a82dd474c39b8143828e6bc7544776aa04cd16468d878a60a1b13e8ab8182569f9e1b3f3feb93305e4344e485f3b9f11b2cc8aed4c805c16d22469931408103f985e56b98dd51c3ac3e1f9b86bda2e3f75e6668f8917644bf4cc78062dc74e79dd15b7bccd611a4104a8e4e5707acfb4062f3c7ab20396746e9dcd428d0ccce2d9e97c7d6e84d470bbf324394f390be2774e58f3ac1e6665ddf29ac1bf5202589f78df41133f9ae7b0e07a4eaaf745fe5832ab534810b5cb9f2b3bb931400dd6ac9813f7f642b50f042dc6925b777c424935e8ad35c1ae2109e2028e3df0d89a919030a9ee7e5661783f08446e1b0fe6b494eb2d3e94f51f4e8a80da8a0ac78f74bfe3b0a42925aa011c4289f51211f618593a7e20058e6102228431a0b62bf19faef4d74315d4f207e4441f2b38fc75331923af9960963784697fc9eaab1dcee6143b38c73c244f073a26de0ced7e86482ca2a7c5fb6a33748f2cf8103b821eb5029e96e9a693b66850961e978b8748de8be8de0a900803efce518488a234e7a3a44310acb6a25c198765848afdf19de529057100b97248ed3d3c7d89ba6f3a793c6f0f5ea3abfff84d69267fec81da404f85e02a1cc1bdb2c60cc29b6df171f007ed8ec0fccc93b77b68071f83ac4102b227e47fd79517e1a6a03191cc10cfa05a984a3170b8f738eedca707d4aff4ae829df55c2dddd994324524863f8193de706ec418cca60a182b26ee7c42a214f66d2e2a26d19cddc5c484a95855b6e7ea22a0ce1dedbd805fcebe1573e8ec6f2eb67433f6e86a275d95d00d6e6cb2dcf1ed7b0d885c15f3b6e923f05bececad376781f3b0453ec2518cdb7dcda73d27b41da06542473fedc2e057814087e587ebcc492c1d73073567a7da4f36bcf58029917ee6973d95ed373e16b0bf28b3e7b42e92909109cc7481821a7a8d9b3d89fc3be393461cf43629e6f5a858b7fae520dfcbf826c3efa0cc705497edce655ff0f70c5242455ec56597ac7c3c6b21f7a12d819f9157713b3085bdf513eb66862b7f3096685448500a05e0f06b9cae871df84d446998d696e9d2b09cf90a2c4e6d8ec3b035f7158eba0e81ef1ccc3edac68ac3b6d4cd97453654e4572e89184eac0965256cdce1a10b8b57df20d498001cd2cfd68fcc0ec663615dfb054c827eff5f5f63b24c4ae36765d93e297d526671dd1bbaa17d7c637e37c3aefb227b616c1a17251dd6ef40de9315d090df9d5681ee9bc16ad1a8410f4611f7376c788435e0a48c41f2660e19abc606873232299a4d4118472d751a57b607015cddf79afbef6659ccb558d3aea76126670b2286b59ee2a98eb05069c556df06e3dad5b0e8bf76b49eba7a57f0638feb22741643ead9d617e24b484d94b61c351e7152c59ce43d2d5634b38ac2950948f204894baf31f03050db9d358e478269abdbd627c48c08ace71498cee453f830887ae56c9ef26feecdf7b4c854c6d11c5d0d3e2ee1b31883b3a1604fc09e5b04dbdbcb1b01d4ede5fc02f4c248acbde8ab31a4385ab51d004648c346b5400865d0b44031009d54bc918f26de15ad8a607eaa1131d7dfa133864888948ea4253ff09d3672ce9b453ef7bab3b504633c6e2647c6887822bcb9ae27520810ce5b84df24dba73baa139a75ac1ac4a4e9b934723a0f2416155ac9755c212b037aa762ed498a2e027ce3179f0b78a96089252fcea533d6a3560325f0ce9d12491cd71f8dc961c17d31eb9328a5efe1ffcbb2c5a818f540d569bf6d557738808baa67db5ed25807f42e74ce3622a9340cdd0f96e3308e858793c4364d4411c71c84efda21a6c0f7078f842e70d7b5643f38eae5feeedad664aa44b1342cbc1a5f01420d877f04df5b6252aadb24dd91d47d936ef04161f69a316b56394452fec7289c28845ab9c130a8fa86991cdead1965dc0270fc03aec0c44e8ab3a61de0ed979da62cbc85d7bb9b9676011e8dbee873fc54c909ece37b34c0b21bd85cbf405b435d42be47e35b47f84c85bdeeb5696dc961d162a2db069b0dc5e7bf8f81297d28e2b2c4a1800132d0fc47f1c09f63c629a28569aaf6491aa201ee8e4b573d755ab50e6cfbb5c43e186df6990fad595a140f8c064e97a121bd2d858eb4088dc5d139f7da418f8d1681079bca91903792abc4b8566c54f75b8841848ff557db6e0477a205b644236a3c53e79eadd71dfb8bd3b5f756a8b67e4423e8ea2fa6c7ce240d5a1432c4af3ac126fc7d7950d07b37607fda45a1c49990a8de8eaea027ddc58672798c11278b62bb31d67ae1464a9248035b827d4e3955e29b31ebc2011195647d5568a1a12fb21c81686e72a6beb4fbb46beb668ad41f4917626d4e5d4478d72f9424edb76919bdb40f9aa46bfe43ee8ee6f6a29878483f944904a3f672d29a161293a3785b579e540d9ea52fb4dea78dc3f67860a2665644cf864f4488061940bcdb78928e5899bba24450ba7ae481fcd4f474d781f8c79549a1207bb5dff33467ae8942b5bb33d9a05258f147fa437406ff57a5e8e0f663bdf6940bdef5980d43846fd1da72274cfd3856e1009dd21cd5db5a9b278f2d2185b0f6f4f41b189d17b8d3d9a2126dc9d7cc2e717994cc254f55072d6fa8169e35fd05fb38579533d7e239cf3867c6cb88c3bb7d3773a9b601fe13a4ecc2b0ff429d96663625b3eec353890dd367c5b950952bfaebf79453572ccd4be5e0e7483e82ce74e9cc3c7ab94a47c9dd7efa6ef4f441cbf0b26818918abf1e22c05302060e62cd0727c84848a8274b93ffe15c72f71d09d275439619c05367c6e50b4572ed8b3ccc5a0b63129bb113f6186774d28e6fc340dccf232c9f57ad52407471176185acfdd7263f44b84fbcd0cd7d8484fe0b8d4516b055d642b5254f7aa2f268217cd61a29ad081587008a75e527e8235c595b34817b02b739ce8973dc61b6985475cb3cb6ab3e188aa098b39586c6313309510804a71febae5af497cf98fc7edf59f442b38ba766dfe31eaf7644e130c53498a6fc0feba02bd994577aec56c1df9e2981ae16af6d45227ee13fa94eac1abb92f109daaa446c0a0851f750afe8f75dfa1ef951a8851cdb080d0cdd64c28e5349ab4a4b17bf5a0ee059855d881c941b1f917725e2a5a2b24b80ddf1297ce854ac5f502a24cac5f761a0759b134734f82f9f37f299ffba61821ae26674b4e5944af0c70f764f792585324030cae120ebb33b170c64481957c1c60ff4830cbccc83f0ec660d36e751c8040f61c78928f57d60df2dc3e97abb107ceecfb0910d5130b4c1b671fe8de7a3f0cb29f76e73a1e2614ec137dd30cc5ce20d9703fae80ff0b0bdb380338c6221917a2acf6751afbf31fb380ecd75f00fb0caa8384fd7d1a0ef852792a6be84cbffa6d901d8c4d0128d3f0a52700ffcb4077fc6e98e17c19fc754cbeb8bc7e04a0d0e612fffa30eb0ad0aa7f1631845ac1abec0287b1668d78eeb1ea1fe8c494ab024aa1361c78a8ca1407d23f9f82a47482051e54bd81252933b2d26e1b9479e0d30dd34c7134e8ad1133eee7854d2cac8652eeca9722fe426338a4ac5cc064763012ba5f782597d162c42c8c1964302042caf24be23ecdc65a4309def07387a811a11fb926e89d4aab835afb65e32e4c8e66bd4bea731c7f2a37646833ce182f68834419d1c4a1d8bc025c90cb0a1debc5840fc86dd36e1be3171eed734dd1e9d567faf647f950dc7d6fdf838834832ef0effafce73dff5d5e2510f51839a408a53bd1059cbadecca9c8d3d19a748f9b0278efd5e312005940941c18c3e98709068355f3d04e3fd567293e3762b6093df94d5926208f416b4542993a0be0cdd7bb2bb3e08d50baa8a19928580e1abf8c1f505dad9965f3189b02c1d4fd28d81c1347612c5ea019401a9ea9b6b043729ddb77f894e82a53f94acbd835a825c24c2191517e3066c4ddd78dc0f66a0d413534165ed334bcc04c862430222d0779d8862b5ccb9da437e538a86d540a153b95872448ee3e71be924d5dd0074adbfd25963fab308b6d6d0ffe53c7501e5bffc655dfde82732673be59a3675433236d31fec23211c729171f9cb96b9072ff5a42e92da8b6c300385fa2ee433df894b4d4150d688d7c3f03fd403a53a890d93172f59034e1eabfc62ae810d8cca014a39c5da1efc70ff14825355401ff1589b7b7e286b30484df493ba09f2c76fd84df10d0a643de311c82512ec63f70891cebda724ea0a15da76fa30b2ac384305adaa9e9bf6dd9faaa8ed7093039d2c4c879401881d0529868ac8e8cc9576624b4e45383ee67e2d5c3352493c9e219ca02f77e38241902d4bdefa38fc1ada9cb0eb8538fe55c7b4bed76d4545853dfb4c17bfbed94700a4cb2cd6b981b0678e873f60e935a60ba13172ecfc63c35655477888388850a326389afd0389300141072c23fd9002f46a80b07e672862f70c86353a00ce11e145094ff616296885c140a976be408d6dfaf604ad3d2fdd9a92116d1434ad259430088be3e34b4929776b8f8aa0639ba16b69c98722d44b1a3c6ce0069205d6a5daa6e1d2b3c4431853ce7738d2fdd8d0afdd5abc6ab7012b4ab80b3c000cb932b0c2079e0763fbb47aa3d25910653544d5c3c64196beefc6df8cfe5ed12d98550fbfaf3df6b25490dbc5bc17fd36e85b0a0c84e03b7caf0ba2c3df2dd90dd149872173e7a673cf3ee0a87daa299ec14a6639f66914cb819bbb47a8ac7a3dd92e5d14ef601d7262d50f88ced9f435ec0deba55f2d80a41d1c6bc5b11d1769bff58e46710799bae71ed8b26b3aa24d9f33aa92857876df9996a2161b8065637d363f368578e0ab2a85c78323bd9cb59acbbb8987a2819cfea92614f901e902cf715415df29821b30524852e4c7772e602d4b07d98ac920c04a0e3767f4e79d4bc3d3d2a4ae2259498e4c723ffff3b527f3186c18da9e4a7e4b474973a6caac894400b26255eb4eebe0b496054c8dd69590f6a102dba1ac9e85c10ebb01b313b354efd22675c2a44abac72ac5c438f02a09542342029237d146e977403a40686631a8fe9f3fea2e431fe4efb5ec383d4ab55b4f4785d3096ad7d0ae6525cf13a8d724dd33261bc104c5a069f24747711b79d8060260f4210f8f21961ccf62113a1594756e48f9151a7f67ba0be95cfee7ec51c199ba4337dc83be07294ebde4decd7e888dbe7490ba35468e9b537fba2b32f417a3cabe66e825d2df43e197e4b63f96e85f402432048d316674e337900e70a2c702db8d46718699c0db1c4fc8d28665e604dc14f92202523b5b6585ea91b64384500bd78450551481ad40ce05976dfc67622e0307cf3f8cf0c031e7581a843a0560a084c9e97ef221aa3afab26bc5998185e527ead516f051985b654fb41ebdb85949490dbe8726a83157c90f9505b035f6f5c7d64f251561af13381838160e03bb0af6eb598dd7ef2cb5f9f170fa7762ed4ee9cfbee57ba208768a04577e9beb1ec9e40b87e4519ec7c375e0c62a398843f91349b1eb54ddae19064b6d44221856aac4a921bc4346e8", 0x1000, 0x178, 0x0, 0x1, r3}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x5, 0x1ff, r6, &(0x7f0000000440)="e4f616e0e4414e7053e2838c4cf7859cb713ce9b9674654a3804fa7e69effb7c19eb5e7bbcad90c4196dbcc0c80320d1edc8fd31b7010a18d9373f4af569d052f6830ae4cb02b0f65385f2a933b6c96e991a2fe3bcb51b31d0d6e922695ae0b6cc720c4e06e735e44e574680f8b11288f161677ba2939c0bfa66a8250df103ad71c80f94404522976e88077abfc25d39c97158a658e2cc0d24dd3cba8c8e82669b", 0xa1, 0x9, 0x0, 0x0, r0}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x7, 0x7f, r3, &(0x7f0000000540)="9518ee826c7c1543c25740d807c806acf833202240e2a3bd554a7c4a98ea466b9261816696565222399b0d638ebbccdf6f378287add1c28e4a446ce34cb05d8fca701c4951998517533e10f5ffc1b62b5ecbdf8b33e4d65e51ce11d272f823516253", 0x62, 0x1, 0x0, 0x7}])
write$binfmt_elf64(r3, &(0x7f00000001c0)=ANY=[], 0xfdef)
io_cancel(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x70e, r3, &(0x7f0000000000)="21b106338292e4598384e89d73aaadf714e50a371477f34e3b63c9c66aacc38375", 0x21, 0x6, 0x0, 0x3, r0}, &(0x7f0000000100))

00:15:16 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000410000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:16 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, r9, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:16 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 22)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:16 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010680100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:16 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
r2 = fcntl$dupfd(r0, 0x406, r0)
openat(r2, &(0x7f0000000000)='./file0\x00', 0x0, 0xb8)
ptrace$cont(0x9, r1, 0x68c, 0x0)
r3 = syz_open_procfs(r1, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, &(0x7f0000000100))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r4 = fork()
ptrace$setopts(0x4206, r4, 0x10001, 0x0)
ptrace(0x10, r4)

[ 2789.008714] FAULT_INJECTION: forcing a failure.
[ 2789.008714] name failslab, interval 1, probability 0, space 0, times 0
[ 2789.009846] CPU: 1 PID: 61037 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2789.010408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2789.011025] Call Trace:
[ 2789.011233]  dump_stack+0x107/0x167
[ 2789.011527]  should_fail.cold+0x5/0xa
[ 2789.011835]  ? __crypto_alloc_tfm+0xc6/0x460
[ 2789.012200]  should_failslab+0x5/0x20
[ 2789.012511]  __kmalloc+0x72/0x390
[ 2789.012792]  ? mark_held_locks+0x9e/0xe0
[ 2789.013109]  __crypto_alloc_tfm+0xc6/0x460
[ 2789.013450]  crypto_spawn_tfm+0x8e/0x110
[ 2789.013775]  ? skcipher_register_instance+0x280/0x280
[ 2789.014186]  skcipher_init_tfm_simple+0x46/0xd0
[ 2789.014540]  crypto_skcipher_init_tfm+0x12a/0x180
[ 2789.014932]  crypto_create_tfm_node+0x117/0x340
[ 2789.015283]  crypto_spawn_tfm2+0x60/0xc0
[ 2789.015609]  crypto_authenc_init_tfm+0x6f/0x290
[ 2789.015959]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2789.016325]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2789.016683]  crypto_create_tfm_node+0x117/0x340
[ 2789.017062]  crypto_spawn_tfm2+0x60/0xc0
[ 2789.017378]  aead_init_geniv+0x1c3/0x330
[ 2789.017703]  ? kasan_unpoison_shadow+0x33/0x50
[ 2789.018047]  ? aead_geniv_free+0x20/0x20
[ 2789.018375]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2789.018721]  crypto_create_tfm_node+0x117/0x340
[ 2789.019115]  crypto_alloc_tfm_node+0x108/0x270
[ 2789.019473]  esp_init_authenc+0x1d2/0x920
[ 2789.019806]  ? esp_init_aead+0x2f0/0x2f0
[ 2789.020151]  ? __xfrm_init_state+0x6ca/0x1490
[ 2789.020511]  ? lock_downgrade+0x6d0/0x6d0
[ 2789.020832]  esp6_init_state+0x367/0x420
00:15:16 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="840100000f000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

[ 2789.021224]  __xfrm_init_state+0x778/0x1490
[ 2789.021626]  xfrm_add_sa+0x1ec5/0x3510
[ 2789.021929]  ? xfrm_send_acquire+0xad0/0xad0
[ 2789.022290]  ? security_capable+0x95/0xc0
[ 2789.022631]  ? __nla_parse+0x3e/0x50
[ 2789.022917]  ? xfrm_send_acquire+0xad0/0xad0
[ 2789.023281]  xfrm_user_rcv_msg+0x416/0x830
[ 2789.023627]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2789.024034]  ? __mutex_lock+0x4fe/0x10b0
[ 2789.024349]  ? lock_acquire+0x197/0x470
[ 2789.024644]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2789.025016]  netlink_rcv_skb+0x14b/0x430
[ 2789.025322]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2789.025727]  ? netlink_ack+0xab0/0xab0
[ 2789.026049]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2789.026396]  xfrm_netlink_rcv+0x6b/0x90
[ 2789.026717]  netlink_unicast+0x549/0x7f0
[ 2789.027024]  ? netlink_attachskb+0x870/0x870
[ 2789.027391]  netlink_sendmsg+0x90f/0xdf0
[ 2789.027700]  ? netlink_unicast+0x7f0/0x7f0
[ 2789.028060]  ? netlink_unicast+0x7f0/0x7f0
[ 2789.028398]  __sock_sendmsg+0x154/0x190
[ 2789.028728]  ____sys_sendmsg+0x70d/0x870
[ 2789.029053]  ? sock_write_iter+0x3d0/0x3d0
[ 2789.029399]  ? do_recvmmsg+0x6d0/0x6d0
[ 2789.029694]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2789.030122]  ? lock_downgrade+0x6d0/0x6d0
[ 2789.030459]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2789.030884]  ? SOFTIRQ_verbose+0x10/0x10
[ 2789.031206]  ___sys_sendmsg+0xf3/0x170
[ 2789.031529]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2789.031870]  ? lock_downgrade+0x6d0/0x6d0
[ 2789.032224]  ? find_held_lock+0x2c/0x110
[ 2789.032534]  ? __fget_files+0x296/0x4c0
[ 2789.032864]  ? __fget_light+0xea/0x290
[ 2789.033163]  __sys_sendmsg+0xe5/0x1b0
[ 2789.033477]  ? __sys_sendmsg_sock+0x40/0x40
[ 2789.033804]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2789.034202]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2789.034593]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2789.035012]  ? trace_hardirqs_on+0x5b/0x180
[ 2789.035376]  do_syscall_64+0x33/0x40
[ 2789.035683]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2789.036120] RIP: 0033:0x7f87f21a2b19
[ 2789.036432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2789.037919] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2789.038543] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2789.039127] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2789.039705] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2789.040282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2789.040855] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2789.041720] audit: type=1326 audit(1716336916.267:4378): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2789.043521] audit: type=1326 audit(1716336916.267:4379): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=60732 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2789.059634] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=26640 sclass=netlink_xfrm_socket pid=61063 comm=syz-executor.1
00:15:16 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000510000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2789.084773] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=61066 comm=syz-executor.5
[ 2789.089189] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=15 sclass=netlink_xfrm_socket pid=61066 comm=syz-executor.5
[ 2789.092846] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=26640 sclass=netlink_xfrm_socket pid=61069 comm=syz-executor.1
00:15:30 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 23)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:15:30 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 23)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:30 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, r9, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:30 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000610000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:30 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000106c0100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000210000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:15:30 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:15:30 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x0, &(0x7f0000000080)})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2803.429018] audit: type=1326 audit(1716336930.685:4380): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.434105] audit: type=1326 audit(1716336930.686:4381): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.465663] audit: type=1326 audit(1716336930.686:4382): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.471376] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=27664 sclass=netlink_xfrm_socket pid=61296 comm=syz-executor.1
[ 2803.482413] audit: type=1326 audit(1716336930.690:4383): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.484888] FAULT_INJECTION: forcing a failure.
[ 2803.484888] name failslab, interval 1, probability 0, space 0, times 0
[ 2803.488059] CPU: 1 PID: 61297 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2803.489359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2803.490873] Call Trace:
[ 2803.491368]  dump_stack+0x107/0x167
[ 2803.492047]  should_fail.cold+0x5/0xa
[ 2803.492654] FAULT_INJECTION: forcing a failure.
[ 2803.492654] name failslab, interval 1, probability 0, space 0, times 0
[ 2803.494616]  ? create_object.isra.0+0x3a/0xa20
[ 2803.494641]  should_failslab+0x5/0x20
[ 2803.494659]  kmem_cache_alloc+0x5b/0x310
[ 2803.494685]  create_object.isra.0+0x3a/0xa20
[ 2803.494704]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2803.494728]  __kmalloc+0x16e/0x390
[ 2803.494747]  ? mark_held_locks+0x9e/0xe0
[ 2803.494774]  __crypto_alloc_tfm+0xc6/0x460
[ 2803.494798]  crypto_spawn_tfm+0x8e/0x110
[ 2803.494824]  ? skcipher_register_instance+0x280/0x280
[ 2803.502317]  skcipher_init_tfm_simple+0x46/0xd0
[ 2803.503194]  crypto_skcipher_init_tfm+0x12a/0x180
[ 2803.503998]  crypto_create_tfm_node+0x117/0x340
[ 2803.504877]  crypto_spawn_tfm2+0x60/0xc0
[ 2803.505648]  crypto_authenc_init_tfm+0x6f/0x290
[ 2803.506505]  ? crypto_authenc_exit_tfm+0x70/0x70
[ 2803.507394]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2803.508239]  crypto_create_tfm_node+0x117/0x340
[ 2803.509115]  crypto_spawn_tfm2+0x60/0xc0
[ 2803.509876]  aead_init_geniv+0x1c3/0x330
[ 2803.510642]  ? kasan_unpoison_shadow+0x33/0x50
[ 2803.511338]  ? aead_geniv_free+0x20/0x20
[ 2803.512116]  crypto_aead_init_tfm+0x13b/0x1a0
[ 2803.512934]  crypto_create_tfm_node+0x117/0x340
[ 2803.513680]  crypto_alloc_tfm_node+0x108/0x270
[ 2803.514412]  esp_init_authenc+0x1d2/0x920
[ 2803.515075]  ? esp_init_aead+0x2f0/0x2f0
[ 2803.515727]  ? __xfrm_init_state+0x6ca/0x1490
[ 2803.516453]  ? lock_downgrade+0x6d0/0x6d0
[ 2803.517031]  esp6_init_state+0x367/0x420
[ 2803.517559]  __xfrm_init_state+0x778/0x1490
[ 2803.518136]  xfrm_add_sa+0x1ec5/0x3510
[ 2803.518668]  ? xfrm_send_acquire+0xad0/0xad0
[ 2803.519251]  ? security_capable+0x95/0xc0
[ 2803.519787]  ? __nla_parse+0x3e/0x50
[ 2803.520296]  ? xfrm_send_acquire+0xad0/0xad0
[ 2803.520857]  xfrm_user_rcv_msg+0x416/0x830
[ 2803.521416]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2803.522121]  ? __mutex_lock+0x4fe/0x10b0
[ 2803.522646]  ? lock_acquire+0x197/0x470
[ 2803.523180]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2803.523773]  netlink_rcv_skb+0x14b/0x430
[ 2803.524350]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2803.525005]  ? netlink_ack+0xab0/0xab0
[ 2803.525520]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2803.526124]  xfrm_netlink_rcv+0x6b/0x90
[ 2803.526642]  netlink_unicast+0x549/0x7f0
[ 2803.527186]  ? netlink_attachskb+0x870/0x870
[ 2803.527760]  netlink_sendmsg+0x90f/0xdf0
[ 2803.528311]  ? netlink_unicast+0x7f0/0x7f0
[ 2803.528865]  ? netlink_unicast+0x7f0/0x7f0
[ 2803.529418]  __sock_sendmsg+0x154/0x190
[ 2803.529961]  ____sys_sendmsg+0x70d/0x870
[ 2803.530496]  ? sock_write_iter+0x3d0/0x3d0
[ 2803.531041]  ? do_recvmmsg+0x6d0/0x6d0
[ 2803.531549]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2803.532248]  ? lock_downgrade+0x6d0/0x6d0
[ 2803.532807]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2803.533490]  ? SOFTIRQ_verbose+0x10/0x10
[ 2803.534021]  ___sys_sendmsg+0xf3/0x170
[ 2803.534531]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2803.535129]  ? lock_downgrade+0x6d0/0x6d0
[ 2803.535673]  ? find_held_lock+0x2c/0x110
[ 2803.536220]  ? __fget_files+0x296/0x4c0
[ 2803.536741]  ? __fget_light+0xea/0x290
[ 2803.537267]  __sys_sendmsg+0xe5/0x1b0
[ 2803.537764]  ? __sys_sendmsg_sock+0x40/0x40
[ 2803.538336]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2803.538992]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2803.539674]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2803.540390]  ? trace_hardirqs_on+0x5b/0x180
[ 2803.540953]  do_syscall_64+0x33/0x40
[ 2803.541464]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2803.542134] RIP: 0033:0x7f87f21a2b19
[ 2803.542642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2803.545009] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2803.546047] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2803.546968] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2803.547875] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2803.548800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2803.549720] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2803.550682] CPU: 0 PID: 61295 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2803.551822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2803.553152] Call Trace:
[ 2803.553585]  dump_stack+0x107/0x167
[ 2803.554174]  should_fail.cold+0x5/0xa
[ 2803.554786]  ? create_object.isra.0+0x3a/0xa20
[ 2803.555521]  should_failslab+0x5/0x20
[ 2803.556136]  kmem_cache_alloc+0x5b/0x310
[ 2803.556807]  ? mark_held_locks+0x9e/0xe0
[ 2803.557465]  create_object.isra.0+0x3a/0xa20
[ 2803.558181]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2803.559004]  kmem_cache_alloc+0x159/0x310
[ 2803.559525] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=27664 sclass=netlink_xfrm_socket pid=61311 comm=syz-executor.1
[ 2803.559691]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2803.562174]  idr_get_free+0x4b5/0x8f0
[ 2803.562815]  idr_alloc_u32+0x170/0x2d0
[ 2803.563458]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2803.564243]  ? lock_acquire+0x197/0x470
[ 2803.564902]  ? __kernfs_new_node+0xff/0x860
[ 2803.565604]  idr_alloc_cyclic+0x102/0x230
[ 2803.566284]  ? idr_alloc+0x130/0x130
[ 2803.566888]  ? rwlock_bug.part.0+0x90/0x90
[ 2803.567599]  __kernfs_new_node+0x117/0x860
[ 2803.568286]  ? mark_held_locks+0x9e/0xe0
[ 2803.568960]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2803.569721]  ? cpumask_next+0x1f/0x30
[ 2803.570347]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2803.571106]  ? pcpu_alloc+0x12a/0x1240
[ 2803.571756]  kernfs_new_node+0x18d/0x250
[ 2803.572425]  kernfs_create_dir_ns+0x49/0x160
[ 2803.573154]  cgroup_mkdir+0x318/0xf50
[ 2803.573785]  ? cgroup_destroy_locked+0x710/0x710
[ 2803.574567]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2803.575242]  vfs_mkdir+0x493/0x700
[ 2803.575833]  do_mkdirat+0x150/0x2b0
[ 2803.576425]  ? user_path_create+0xf0/0xf0
[ 2803.577111]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2803.577954]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2803.578793]  do_syscall_64+0x33/0x40
[ 2803.579391]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2803.580230] RIP: 0033:0x7f72960ceb19
[ 2803.580826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2803.583829] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2803.583871] audit: type=1326 audit(1716336930.690:4384): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.585040] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2803.585053] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2803.585066] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2803.585078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2803.585090] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:15:30 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000710000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2803.642103] audit: type=1326 audit(1716336930.690:4385): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.659226] audit: type=1326 audit(1716336930.875:4386): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2803.684199] audit: type=1326 audit(1716336930.875:4387): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=61285 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:15:30 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010740100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000310000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:15:30 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 24)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:31 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2803.797537] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=29712 sclass=netlink_xfrm_socket pid=61609 comm=syz-executor.1
[ 2803.810480] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=29712 sclass=netlink_xfrm_socket pid=61618 comm=syz-executor.1
[ 2803.818399] FAULT_INJECTION: forcing a failure.
[ 2803.818399] name failslab, interval 1, probability 0, space 0, times 0
[ 2803.820223] CPU: 1 PID: 61611 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2803.821234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2803.822437] Call Trace:
[ 2803.822836]  dump_stack+0x107/0x167
[ 2803.823383]  should_fail.cold+0x5/0xa
[ 2803.823955]  ? esp_init_authenc+0x2f5/0x920
[ 2803.824607]  should_failslab+0x5/0x20
[ 2803.825174]  __kmalloc+0x72/0x390
[ 2803.825701]  esp_init_authenc+0x2f5/0x920
[ 2803.826319]  ? esp_init_aead+0x2f0/0x2f0
[ 2803.826946]  ? __xfrm_init_state+0x6ca/0x1490
[ 2803.827613]  ? lock_downgrade+0x6d0/0x6d0
[ 2803.828246]  esp6_init_state+0x367/0x420
[ 2803.828848]  __xfrm_init_state+0x778/0x1490
[ 2803.829498]  xfrm_add_sa+0x1ec5/0x3510
[ 2803.830088]  ? xfrm_send_acquire+0xad0/0xad0
[ 2803.830745]  ? security_capable+0x95/0xc0
[ 2803.831366]  ? __nla_parse+0x3e/0x50
[ 2803.831924]  ? xfrm_send_acquire+0xad0/0xad0
[ 2803.832597]  xfrm_user_rcv_msg+0x416/0x830
[ 2803.833231]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2803.834027]  ? __mutex_lock+0x4fe/0x10b0
[ 2803.834629]  ? lock_acquire+0x197/0x470
[ 2803.835212]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2803.835877]  netlink_rcv_skb+0x14b/0x430
[ 2803.836484]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2803.837212]  ? netlink_ack+0xab0/0xab0
[ 2803.837795]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2803.838473]  xfrm_netlink_rcv+0x6b/0x90
[ 2803.839058]  netlink_unicast+0x549/0x7f0
[ 2803.839669]  ? netlink_attachskb+0x870/0x870
[ 2803.840336]  netlink_sendmsg+0x90f/0xdf0
[ 2803.840942]  ? netlink_unicast+0x7f0/0x7f0
[ 2803.841580]  ? netlink_unicast+0x7f0/0x7f0
[ 2803.842203]  __sock_sendmsg+0x154/0x190
[ 2803.842792]  ____sys_sendmsg+0x70d/0x870
[ 2803.843397]  ? sock_write_iter+0x3d0/0x3d0
[ 2803.844017]  ? do_recvmmsg+0x6d0/0x6d0
[ 2803.844599]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2803.845368]  ? lock_downgrade+0x6d0/0x6d0
[ 2803.845986]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2803.846753]  ? SOFTIRQ_verbose+0x10/0x10
[ 2803.847355]  ___sys_sendmsg+0xf3/0x170
[ 2803.847930]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2803.848616]  ? lock_downgrade+0x6d0/0x6d0
[ 2803.849230]  ? find_held_lock+0x2c/0x110
[ 2803.849839]  ? __fget_files+0x296/0x4c0
[ 2803.850448]  ? __fget_light+0xea/0x290
[ 2803.851036]  __sys_sendmsg+0xe5/0x1b0
[ 2803.851606]  ? __sys_sendmsg_sock+0x40/0x40
[ 2803.852245]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2803.852958]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2803.853719]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2803.854468]  ? trace_hardirqs_on+0x5b/0x180
[ 2803.855101]  do_syscall_64+0x33/0x40
[ 2803.855652]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2803.856404] RIP: 0033:0x7f87f21a2b19
[ 2803.856955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2803.859592] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2803.860722] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2803.861743] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2803.862777] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2803.863818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2803.864862] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:15:31 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, r8, r9, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:31 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f00000002c0)=[{0x4, 0x0, 0x0, 0x5}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0x2de, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:15:31 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000107a0100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2803.999200] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=31248 sclass=netlink_xfrm_socket pid=61723 comm=syz-executor.1
[ 2804.012076] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=31248 sclass=netlink_xfrm_socket pid=61734 comm=syz-executor.1
00:15:45 executing program 2:
ioctl$DVD_AUTH(0xffffffffffffffff, 0x5390, &(0x7f0000000040)=@hrpcs={0xb, 0x40})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xfdef)
r1 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
r2 = pidfd_getfd(r1, 0xffffffffffffffff, 0x0)
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES64=r0, @ANYRESOCT=r2, @ANYRESHEX=r0, @ANYRES64, @ANYBLOB="4a2123d725584960cd2b777b92a4fab95cb58a17addb11c76057f98d2f9c54623ce97e04f657cb151a9d008e5859a2d5ac99af9728a0bd19e561c755a4c68acecd48c76a9dc10db562f6a4030d9e08609e"], 0x0, 0x36)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r3 = fork()
ptrace$setopts(0x4206, r3, 0x10001, 0x0)
ptrace(0x10, r3)

00:15:45 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 25)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:45 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 24)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:15:45 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r8 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, 0xffffffffffffffff, r8, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:15:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000410000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:15:45 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000910000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:45 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000a00000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:45 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x5, &(0x7f0000000080)=[{0x1, 0x6, 0x5, 0x8001}, {0x5, 0x9, 0x5, 0x7}, {0x3ff, 0x4, 0x6, 0xff}, {0x931, 0x0, 0xf0, 0x3ff}, {0x100, 0x5, 0x2, 0x10001}]})
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
r2 = fork()
ptrace$setopts(0x4206, r2, 0x10001, 0x0)
ptrace(0x10, r2)
ptrace$cont(0x9, r2, 0x68c, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000380)={<r3=>r0, 0x4, 0xbf31, 0x5})
perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x60, 0x4, 0x5c, 0x3, 0x0, 0x7, 0x8211, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x1, @perf_bp={&(0x7f00000001c0)}, 0x2025, 0x7f, 0x0, 0x2, 0xfffffffffffffffa, 0x2, 0x6, 0x0, 0x8, 0x0, 0x4}, r2, 0x4, r3, 0x0)
ptrace(0x10, r1)
getpgid(r1)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000020c0)={{0x1, 0xee01, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xfe, 0x3ff}, 0x0, 0x0, 0x1, 0xffff, 0x6, 0xffffffffffffffff, 0x1f, 0xff80, 0xfff8, 0x3f, 0x0, r1})
ptrace$cont(0x9, r1, 0x68c, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x4, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x7f}, {0xff, 0xc1, 0x1, 0x8}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

[ 2818.268140] FAULT_INJECTION: forcing a failure.
[ 2818.268140] name failslab, interval 1, probability 0, space 0, times 0
[ 2818.270337] CPU: 0 PID: 61846 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2818.271449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.272778] Call Trace:
[ 2818.273214]  dump_stack+0x107/0x167
[ 2818.273799]  should_fail.cold+0x5/0xa
[ 2818.274421]  ? create_object.isra.0+0x3a/0xa20
[ 2818.275161]  should_failslab+0x5/0x20
[ 2818.275774]  kmem_cache_alloc+0x5b/0x310
[ 2818.276455]  ? aead_geniv_free+0x20/0x20
[ 2818.277148]  create_object.isra.0+0x3a/0xa20
[ 2818.277887]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2818.278706]  __kmalloc+0x16e/0x390
[ 2818.279296]  esp_init_authenc+0x2f5/0x920
[ 2818.279966]  ? esp_init_aead+0x2f0/0x2f0
[ 2818.280664]  ? __xfrm_init_state+0x6ca/0x1490
[ 2818.281394]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.282076]  esp6_init_state+0x367/0x420
[ 2818.282730]  __xfrm_init_state+0x778/0x1490
[ 2818.283435]  xfrm_add_sa+0x1ec5/0x3510
[ 2818.284083]  ? xfrm_send_acquire+0xad0/0xad0
[ 2818.284833]  ? security_capable+0x95/0xc0
[ 2818.285518]  ? __nla_parse+0x3e/0x50
[ 2818.286137]  ? xfrm_send_acquire+0xad0/0xad0
[ 2818.286843]  xfrm_user_rcv_msg+0x416/0x830
[ 2818.287530]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2818.288398]  ? __mutex_lock+0x4fe/0x10b0
[ 2818.289065]  ? lock_acquire+0x197/0x470
[ 2818.289732]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2818.290470]  netlink_rcv_skb+0x14b/0x430
[ 2818.291128]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2818.291930]  ? netlink_ack+0xab0/0xab0
[ 2818.292577]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2818.293348]  xfrm_netlink_rcv+0x6b/0x90
[ 2818.293992]  netlink_unicast+0x549/0x7f0
[ 2818.294654]  ? netlink_attachskb+0x870/0x870
[ 2818.295384]  netlink_sendmsg+0x90f/0xdf0
[ 2818.296054]  ? netlink_unicast+0x7f0/0x7f0
[ 2818.296764]  ? netlink_unicast+0x7f0/0x7f0
[ 2818.297454]  __sock_sendmsg+0x154/0x190
[ 2818.297810] FAULT_INJECTION: forcing a failure.
[ 2818.297810] name failslab, interval 1, probability 0, space 0, times 0
[ 2818.298098]  ____sys_sendmsg+0x70d/0x870
[ 2818.298123]  ? sock_write_iter+0x3d0/0x3d0
[ 2818.298140]  ? do_recvmmsg+0x6d0/0x6d0
[ 2818.298162]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2818.298196]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.303329]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2818.304179]  ? SOFTIRQ_verbose+0x10/0x10
[ 2818.304850]  ___sys_sendmsg+0xf3/0x170
[ 2818.305484]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2818.306234]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.306903]  ? find_held_lock+0x2c/0x110
[ 2818.307570]  ? __fget_files+0x296/0x4c0
[ 2818.308229]  ? __fget_light+0xea/0x290
[ 2818.308867]  __sys_sendmsg+0xe5/0x1b0
[ 2818.309488]  ? __sys_sendmsg_sock+0x40/0x40
[ 2818.310186]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2818.310955]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.311800]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.312640]  ? trace_hardirqs_on+0x5b/0x180
[ 2818.313341]  do_syscall_64+0x33/0x40
[ 2818.313945]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2818.314772] RIP: 0033:0x7f87f21a2b19
[ 2818.315379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.318336] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2818.319565] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2818.320728] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2818.321875] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2818.323029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2818.324177] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2818.325370] CPU: 1 PID: 61860 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2818.326466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.327741] Call Trace:
[ 2818.328162]  dump_stack+0x107/0x167
[ 2818.328758]  should_fail.cold+0x5/0xa
[ 2818.329350]  ? ___slab_alloc+0x155/0x700
[ 2818.329984]  ? create_object.isra.0+0x3a/0xa20
[ 2818.330693]  should_failslab+0x5/0x20
[ 2818.331283]  kmem_cache_alloc+0x5b/0x310
[ 2818.331918]  create_object.isra.0+0x3a/0xa20
[ 2818.332607]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2818.333397]  __kmalloc_track_caller+0x177/0x370
[ 2818.334115]  ? sidtab_sid2str_get+0x17e/0x720
[ 2818.334817]  kmemdup+0x23/0x50
[ 2818.335323]  sidtab_sid2str_get+0x17e/0x720
[ 2818.335996]  sidtab_entry_to_string+0x33/0x110
[ 2818.336713]  security_sid_to_context_core+0x33c/0x5d0
[ 2818.337517]  selinux_kernfs_init_security+0x239/0x4c0
[ 2818.338310]  ? selinux_file_mprotect+0x610/0x610
[ 2818.339037]  ? find_held_lock+0x2c/0x110
[ 2818.339675]  ? __kernfs_new_node+0x2ad/0x860
[ 2818.340362]  ? rwlock_bug.part.0+0x90/0x90
[ 2818.341029]  security_kernfs_init_security+0x4e/0xb0
[ 2818.341811]  __kernfs_new_node+0x531/0x860
[ 2818.342475]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2818.343206]  ? cpumask_next+0x1f/0x30
[ 2818.343795]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2818.344526]  ? pcpu_alloc+0x12a/0x1240
[ 2818.345143]  kernfs_new_node+0x18d/0x250
[ 2818.345782]  kernfs_create_dir_ns+0x49/0x160
[ 2818.346471]  cgroup_mkdir+0x318/0xf50
[ 2818.347068]  ? cgroup_destroy_locked+0x710/0x710
[ 2818.347808]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2818.348457]  vfs_mkdir+0x493/0x700
[ 2818.349014]  do_mkdirat+0x150/0x2b0
[ 2818.349579]  ? user_path_create+0xf0/0xf0
[ 2818.350230]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.351030]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.351822]  do_syscall_64+0x33/0x40
[ 2818.352400]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2818.353175] RIP: 0033:0x7f72960ceb19
[ 2818.353741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.356507] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2818.357664] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2818.358735] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2818.359812] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2818.360898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2818.361974] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:15:45 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000a10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:45 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010002500000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2818.489567] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2818.506985] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
00:15:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000510000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:15:45 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000b10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:45 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 26)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:15:45 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010004000000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:15:45 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 25)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:15:45 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="0df6cbca240bc2903e0e4908499b17e3df7fe7419e587f341bbe9576edf8682c2454f37e4d1c1c7e16bbe0e725c42837a1a5149b1c"], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x19)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:15:45 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r8 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, 0xffffffffffffffff, r8, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2818.736012] FAULT_INJECTION: forcing a failure.
[ 2818.736012] name failslab, interval 1, probability 0, space 0, times 0
[ 2818.738006] CPU: 1 PID: 62250 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2818.739027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.740277] Call Trace:
[ 2818.740687]  dump_stack+0x107/0x167
[ 2818.741224]  should_fail.cold+0x5/0xa
[ 2818.741780]  ? __alloc_skb+0x6d/0x5b0
[ 2818.742338]  ? __alloc_skb+0x6d/0x5b0
[ 2818.742904]  should_failslab+0x5/0x20
[ 2818.743465]  kmem_cache_alloc_node+0x55/0x330
[ 2818.744133]  __alloc_skb+0x6d/0x5b0
[ 2818.744684]  netlink_ack+0x1ed/0xab0
[ 2818.745239]  ? netlink_sendmsg+0xdf0/0xdf0
[ 2818.745860]  ? __mutex_lock+0x4fe/0x10b0
[ 2818.746459]  ? lock_acquire+0x197/0x470
[ 2818.747042]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2818.747708]  netlink_rcv_skb+0x348/0x430
[ 2818.748326]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2818.749061]  ? netlink_ack+0xab0/0xab0
[ 2818.749647]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2818.750329]  xfrm_netlink_rcv+0x6b/0x90
[ 2818.750917]  netlink_unicast+0x549/0x7f0
[ 2818.751518]  ? netlink_attachskb+0x870/0x870
[ 2818.752180]  netlink_sendmsg+0x90f/0xdf0
[ 2818.752798]  ? netlink_unicast+0x7f0/0x7f0
[ 2818.753448]  ? netlink_unicast+0x7f0/0x7f0
[ 2818.754090]  __sock_sendmsg+0x154/0x190
[ 2818.754692]  ____sys_sendmsg+0x70d/0x870
[ 2818.755296]  ? sock_write_iter+0x3d0/0x3d0
[ 2818.755920]  ? do_recvmmsg+0x6d0/0x6d0
[ 2818.756502]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2818.757276]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.757890]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2818.758657]  ? SOFTIRQ_verbose+0x10/0x10
[ 2818.759263]  ___sys_sendmsg+0xf3/0x170
[ 2818.759854]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2818.760560]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.761189]  ? find_held_lock+0x2c/0x110
[ 2818.761817]  ? __fget_files+0x296/0x4c0
[ 2818.762432]  ? __fget_light+0xea/0x290
[ 2818.763017]  __sys_sendmsg+0xe5/0x1b0
[ 2818.763635]  ? __sys_sendmsg_sock+0x40/0x40
[ 2818.764291]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2818.765026]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.765794]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.766550]  ? trace_hardirqs_on+0x5b/0x180
[ 2818.767190]  do_syscall_64+0x33/0x40
[ 2818.767739]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2818.768501] RIP: 0033:0x7f87f21a2b19
[ 2818.769044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.771710] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2818.772863] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2818.773951] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2818.775030] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2818.776103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2818.777209] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2818.805544] FAULT_INJECTION: forcing a failure.
[ 2818.805544] name failslab, interval 1, probability 0, space 0, times 0
[ 2818.807590] CPU: 0 PID: 62271 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2818.808709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.810025] Call Trace:
[ 2818.810454]  dump_stack+0x107/0x167
[ 2818.811045]  should_fail.cold+0x5/0xa
[ 2818.811659]  ? create_object.isra.0+0x3a/0xa20
[ 2818.812402]  should_failslab+0x5/0x20
[ 2818.813015]  kmem_cache_alloc+0x5b/0x310
[ 2818.813668]  ? sidtab_sid2str_get+0x65/0x720
[ 2818.814380]  create_object.isra.0+0x3a/0xa20
[ 2818.815088]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2818.815918]  __kmalloc_track_caller+0x177/0x370
[ 2818.816663]  ? sidtab_sid2str_get+0x17e/0x720
[ 2818.817391]  kmemdup+0x23/0x50
[ 2818.817914]  sidtab_sid2str_get+0x17e/0x720
[ 2818.818613]  sidtab_entry_to_string+0x33/0x110
[ 2818.819349]  security_sid_to_context_core+0x33c/0x5d0
[ 2818.820181]  selinux_kernfs_init_security+0x239/0x4c0
[ 2818.821016]  ? selinux_file_mprotect+0x610/0x610
[ 2818.821774]  ? find_held_lock+0x2c/0x110
[ 2818.822435]  ? __kernfs_new_node+0x2ad/0x860
[ 2818.823148]  ? rwlock_bug.part.0+0x90/0x90
[ 2818.823841]  security_kernfs_init_security+0x4e/0xb0
[ 2818.824671]  __kernfs_new_node+0x531/0x860
[ 2818.825360]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2818.826127]  ? cpumask_next+0x1f/0x30
[ 2818.826733]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2818.827481]  ? pcpu_alloc+0x12a/0x1240
[ 2818.828118]  kernfs_new_node+0x18d/0x250
[ 2818.828786]  kernfs_create_dir_ns+0x49/0x160
[ 2818.829498]  cgroup_mkdir+0x318/0xf50
[ 2818.830122]  ? cgroup_destroy_locked+0x710/0x710
[ 2818.830881]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2818.831551]  vfs_mkdir+0x493/0x700
[ 2818.832127]  do_mkdirat+0x150/0x2b0
[ 2818.832724]  ? user_path_create+0xf0/0xf0
[ 2818.833396]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.834230]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.835055]  do_syscall_64+0x33/0x40
[ 2818.835653]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2818.836482] RIP: 0033:0x7f72960ceb19
[ 2818.837081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.839993] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2818.841217] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2818.842349] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2818.843488] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2818.844630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2818.845762] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:16:02 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 26)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:16:02 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000f10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:02 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r8 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, 0xffffffffffffffff, r8, r1], 0x7)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:16:02 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010005b00000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:02 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, 0xffffffffffffffff)
mount$bind(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x800404, 0x0)
ptrace$cont(0x7, r0, 0x489, 0x4)
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
mount$bind(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340)='./file1\x00', &(0x7f0000000380), 0x40048, 0x0)
ptrace(0x8, r1)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:16:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000610000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:16:02 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
stat(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x80001, &(0x7f0000000280)={[{@nr_inodes={'nr_inodes', 0x3d, [0x78, 0x34, 0x78]}}, {@mode}, {@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@size={'size', 0x3d, [0x25, 0x25, 0x6b, 0x38, 0x32, 0x31, 0x36, 0x74]}}, {@mpol={'mpol', 0x3d, {'bind', '=relative', @val={0x3a, [0x34, 0x2d, 0x34]}}}}, {@huge_advise}, {@mode={'mode', 0x3d, 0x8000}}, {@mpol={'mpol', 0x3d, {'prefer', '=relative', @void}}}], [{@fowner_lt={'fowner<', r1}}, {@smackfsfloor={'smackfsfloor', 0x3d, '@:!'}}]})
ptrace(0x10, r0)

00:16:02 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 27)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

[ 2835.021149] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2835.022782] audit: type=1326 audit(1716336962.273:4388): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2835.030123] audit: type=1326 audit(1716336962.278:4389): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2835.041370] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2835.042149] audit: type=1326 audit(1716336962.279:4390): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2835.058720] FAULT_INJECTION: forcing a failure.
[ 2835.058720] name failslab, interval 1, probability 0, space 0, times 0
[ 2835.060469] CPU: 1 PID: 62395 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2835.060515] FAULT_INJECTION: forcing a failure.
[ 2835.060515] name failslab, interval 1, probability 0, space 0, times 0
[ 2835.061462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2835.061470] Call Trace:
[ 2835.061494]  dump_stack+0x107/0x167
[ 2835.061515]  should_fail.cold+0x5/0xa
[ 2835.061543]  should_failslab+0x5/0x20
[ 2835.061563]  __kmalloc_track_caller+0x79/0x370
[ 2835.061581]  ? security_context_to_sid_core+0xb4/0x890
[ 2835.061610]  kmemdup_nul+0x2d/0xa0
[ 2835.061630]  security_context_to_sid_core+0xb4/0x890
[ 2835.061658]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 2835.069841]  ? do_raw_spin_lock+0x121/0x260
[ 2835.070468]  ? rwlock_bug.part.0+0x90/0x90
[ 2835.071080]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2835.071781]  ? do_raw_spin_unlock+0x4f/0x220
[ 2835.072419]  ? _raw_spin_unlock+0x1a/0x30
[ 2835.073033]  security_context_to_sid+0x35/0x50
[ 2835.073699]  selinux_kernfs_init_security+0x19d/0x4c0
[ 2835.074441]  ? selinux_file_mprotect+0x610/0x610
[ 2835.075124]  ? find_held_lock+0x2c/0x110
[ 2835.075721]  ? __kernfs_new_node+0x2ad/0x860
[ 2835.076356]  ? lock_downgrade+0x6d0/0x6d0
[ 2835.076973]  ? rwlock_bug.part.0+0x90/0x90
[ 2835.077595]  security_kernfs_init_security+0x4e/0xb0
[ 2835.078331]  __kernfs_new_node+0x531/0x860
[ 2835.078951]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2835.079637]  ? cpumask_next+0x1f/0x30
[ 2835.080187]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2835.080877]  ? pcpu_alloc+0x12a/0x1240
[ 2835.081462]  kernfs_new_node+0x18d/0x250
[ 2835.082061]  kernfs_create_dir_ns+0x49/0x160
[ 2835.082703]  cgroup_mkdir+0x318/0xf50
[ 2835.083265]  ? cgroup_destroy_locked+0x710/0x710
[ 2835.083952]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2835.084555]  vfs_mkdir+0x493/0x700
[ 2835.085092]  do_mkdirat+0x150/0x2b0
[ 2835.085624]  ? user_path_create+0xf0/0xf0
[ 2835.086228]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2835.086983]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2835.087731]  do_syscall_64+0x33/0x40
[ 2835.088271]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2835.089017] RIP: 0033:0x7f72960ceb19
[ 2835.089553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2835.092157] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2835.093270] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2835.094276] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2835.095283] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2835.096292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2835.097312] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2835.098351] CPU: 0 PID: 62425 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2835.099427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2835.100719] Call Trace:
[ 2835.101146]  dump_stack+0x107/0x167
[ 2835.101718]  should_fail.cold+0x5/0xa
[ 2835.102316]  ? create_object.isra.0+0x3a/0xa20
[ 2835.103027]  should_failslab+0x5/0x20
[ 2835.103619]  kmem_cache_alloc+0x5b/0x310
[ 2835.104257]  create_object.isra.0+0x3a/0xa20
[ 2835.104948]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2835.105756]  kmem_cache_alloc_node+0x169/0x330
[ 2835.106476]  __alloc_skb+0x6d/0x5b0
[ 2835.107051]  netlink_ack+0x1ed/0xab0
[ 2835.107639]  ? netlink_sendmsg+0xdf0/0xdf0
[ 2835.108303]  ? __mutex_lock+0x4fe/0x10b0
[ 2835.108941]  ? lock_acquire+0x197/0x470
[ 2835.109557]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2835.110255]  netlink_rcv_skb+0x348/0x430
[ 2835.110889]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2835.111664]  ? netlink_ack+0xab0/0xab0
[ 2835.112279]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2835.113000]  xfrm_netlink_rcv+0x6b/0x90
[ 2835.113617]  netlink_unicast+0x549/0x7f0
[ 2835.114254]  ? netlink_attachskb+0x870/0x870
[ 2835.114967]  netlink_sendmsg+0x90f/0xdf0
[ 2835.115609]  ? netlink_unicast+0x7f0/0x7f0
[ 2835.116280]  ? netlink_unicast+0x7f0/0x7f0
[ 2835.116948]  __sock_sendmsg+0x154/0x190
[ 2835.117579]  ____sys_sendmsg+0x70d/0x870
[ 2835.118216]  ? sock_write_iter+0x3d0/0x3d0
[ 2835.118873]  ? do_recvmmsg+0x6d0/0x6d0
[ 2835.119481]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2835.120297]  ? lock_downgrade+0x6d0/0x6d0
[ 2835.120953]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2835.121772]  ? SOFTIRQ_verbose+0x10/0x10
[ 2835.122419]  ___sys_sendmsg+0xf3/0x170
[ 2835.123035]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2835.123758]  ? lock_downgrade+0x6d0/0x6d0
[ 2835.124422]  ? find_held_lock+0x2c/0x110
[ 2835.125088]  ? __fget_files+0x296/0x4c0
[ 2835.125728]  ? __fget_light+0xea/0x290
[ 2835.126352]  __sys_sendmsg+0xe5/0x1b0
[ 2835.126952]  ? __sys_sendmsg_sock+0x40/0x40
[ 2835.127627]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2835.128388]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2835.129230]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2835.130043]  ? trace_hardirqs_on+0x5b/0x180
[ 2835.130727]  do_syscall_64+0x33/0x40
[ 2835.131319]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2835.132123] RIP: 0033:0x7f87f21a2b19
[ 2835.132724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2835.135591] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2835.136800] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2835.137918] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2835.139033] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2835.140150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2835.141279] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2835.155254] audit: type=1326 audit(1716336962.282:4391): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2835.169466] audit: type=1326 audit(1716336962.282:4392): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:16:02 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401001010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2835.180069] audit: type=1326 audit(1716336962.283:4393): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:16:02 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010006000000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2835.224201] audit: type=1326 audit(1716336962.479:4394): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2835.229550] audit: type=1326 audit(1716336962.486:4395): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62393 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:16:02 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 27)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:16:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000710000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:16:02 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x114)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x2, &(0x7f0000000080)=[{0x7, 0x6, 0x81, 0x7f}, {0x2, 0x8, 0x7, 0x2}]})
ptrace$cont(0x9, r0, 0x68c, 0x0)
syz_open_procfs(r0, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r0, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf2, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x5}, {0x6f, 0x20, 0x80, 0xa32e}, {0x7ffe, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x7}, {0x209, 0xff, 0x1, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')
creat(&(0x7f00000001c0)='./file1\x00', 0x1c2)

00:16:02 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401001110000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:02 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010006400000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:02 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="33228eb5408760c6e7f89362b3afe5ba183b815a3ca2d9aaaf3b77e32f6c6c7c0e7d5a6306770c8eb95c3a747be1b0a9f6d28f48cc30b710f7fdb628202c6b021203fc4fad98dd338e9caffb88759e5be528766b403af99862777620000000e8354f12bd63665d0c1c145b1fb4499074ee32ddd24eae0a43c753145cf1f17db999e38ff9edb14bc068b348a2a0a7c3d648458f59056472acb6826462939135616e15ba89c3fcaa0761f2dfc539599fad16a79c48a5cdb33e4320b00829401dfd05a31b853bbfe5f65db9aa68f3539ec6f79ae750e6868543c3774461f6390193e26d7a09dbe4fd1c5950099266219849dc5833cfc38af972fbf4a4de0aaacc52050b8f415cc1639095a4b47cad5daa6b3f5296c2c7e6dc9a25a579196de271ffb2ce06000000000000003091bb0c231144a4b2ba7ea09cdabed72803a61968ab4dd25a15d0a7c946eec5ad283a5e27bbed036efc0da7a2cf418467792094372f9af3727eb4dc52dd77e25eb8d6e7d07391f3e489ab5bcfc54147b17d2cd222b1caed9040cd2adc0f7fc5d1c56b3fe91e58f31618903f6f5dc260bb500dd803d83ce0a61ef548393f4418e11d649d00741b4ea22984d40000000000000000"], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

[ 2835.399203] audit: type=1326 audit(1716336962.656:4396): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62752 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2835.406931] audit: type=1326 audit(1716336962.663:4397): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=62752 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:16:02 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r8 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, 0xffffffffffffffff, 0xffffffffffffffff, r8, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

[ 2835.442098] FAULT_INJECTION: forcing a failure.
[ 2835.442098] name failslab, interval 1, probability 0, space 0, times 0
[ 2835.443921] CPU: 1 PID: 62781 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2835.444969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2835.446182] Call Trace:
[ 2835.446579]  dump_stack+0x107/0x167
[ 2835.447121]  should_fail.cold+0x5/0xa
[ 2835.447679]  ? create_object.isra.0+0x3a/0xa20
[ 2835.448357]  should_failslab+0x5/0x20
[ 2835.448930]  kmem_cache_alloc+0x5b/0x310
[ 2835.449538]  create_object.isra.0+0x3a/0xa20
[ 2835.450188]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2835.450940]  __kmalloc_track_caller+0x177/0x370
[ 2835.451623]  ? security_context_to_sid_core+0xb4/0x890
[ 2835.452402]  kmemdup_nul+0x2d/0xa0
[ 2835.452938]  security_context_to_sid_core+0xb4/0x890
[ 2835.453694]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 2835.454490]  ? do_raw_spin_lock+0x121/0x260
[ 2835.455129]  ? rwlock_bug.part.0+0x90/0x90
[ 2835.455763]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2835.456480]  ? do_raw_spin_unlock+0x4f/0x220
[ 2835.457147]  ? _raw_spin_unlock+0x1a/0x30
[ 2835.457762]  security_context_to_sid+0x35/0x50
[ 2835.458447]  selinux_kernfs_init_security+0x19d/0x4c0
[ 2835.459203]  ? selinux_file_mprotect+0x610/0x610
[ 2835.459890]  ? find_held_lock+0x2c/0x110
[ 2835.460526]  ? __kernfs_new_node+0x2ad/0x860
[ 2835.461188]  ? lock_downgrade+0x6d0/0x6d0
[ 2835.461790]  ? rwlock_bug.part.0+0x90/0x90
[ 2835.462421]  security_kernfs_init_security+0x4e/0xb0
[ 2835.463158]  __kernfs_new_node+0x531/0x860
[ 2835.463787]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2835.464484]  ? cpumask_next+0x1f/0x30
[ 2835.465054]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2835.465764]  ? pcpu_alloc+0x12a/0x1240
[ 2835.466351]  kernfs_new_node+0x18d/0x250
[ 2835.466957]  kernfs_create_dir_ns+0x49/0x160
[ 2835.467602]  cgroup_mkdir+0x318/0xf50
[ 2835.468171]  ? cgroup_destroy_locked+0x710/0x710
[ 2835.468879]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2835.469510]  vfs_mkdir+0x493/0x700
[ 2835.470045]  do_mkdirat+0x150/0x2b0
[ 2835.470582]  ? user_path_create+0xf0/0xf0
[ 2835.471200]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2835.471962]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2835.472730]  do_syscall_64+0x33/0x40
[ 2835.473277]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2835.474028] RIP: 0033:0x7f72960ceb19
[ 2835.474575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2835.477244] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2835.478361] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2835.479397] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2835.480441] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2835.481490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2835.482523] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
00:16:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:16:02 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:02 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 28)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:16:02 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000200000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2835.672438] FAULT_INJECTION: forcing a failure.
[ 2835.672438] name failslab, interval 1, probability 0, space 0, times 0
[ 2835.674453] CPU: 0 PID: 63008 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2835.675558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2835.676896] Call Trace:
[ 2835.677337]  dump_stack+0x107/0x167
[ 2835.677933]  should_fail.cold+0x5/0xa
[ 2835.678564]  should_failslab+0x5/0x20
[ 2835.679182]  __kmalloc_node_track_caller+0x74/0x3b0
[ 2835.679984]  ? netlink_ack+0x1ed/0xab0
[ 2835.680637]  __alloc_skb+0xb1/0x5b0
[ 2835.681228]  netlink_ack+0x1ed/0xab0
[ 2835.681831]  ? netlink_sendmsg+0xdf0/0xdf0
[ 2835.682517]  ? __mutex_lock+0x4fe/0x10b0
[ 2835.683176]  ? lock_acquire+0x197/0x470
[ 2835.683819]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2835.684529]  netlink_rcv_skb+0x348/0x430
[ 2835.685211]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2835.685998]  ? netlink_ack+0xab0/0xab0
[ 2835.686648]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2835.687384]  xfrm_netlink_rcv+0x6b/0x90
[ 2835.688019]  netlink_unicast+0x549/0x7f0
[ 2835.688676]  ? netlink_attachskb+0x870/0x870
[ 2835.689389]  netlink_sendmsg+0x90f/0xdf0
[ 2835.690041]  ? netlink_unicast+0x7f0/0x7f0
[ 2835.690718]  ? netlink_unicast+0x7f0/0x7f0
[ 2835.691384]  __sock_sendmsg+0x154/0x190
[ 2835.692018]  ____sys_sendmsg+0x70d/0x870
[ 2835.692673]  ? sock_write_iter+0x3d0/0x3d0
[ 2835.693343]  ? do_recvmmsg+0x6d0/0x6d0
[ 2835.693969]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2835.694811]  ? lock_downgrade+0x6d0/0x6d0
[ 2835.695479]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2835.696316]  ? SOFTIRQ_verbose+0x10/0x10
[ 2835.696975]  ___sys_sendmsg+0xf3/0x170
[ 2835.697600]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2835.698338]  ? lock_downgrade+0x6d0/0x6d0
[ 2835.699004]  ? find_held_lock+0x2c/0x110
[ 2835.699658]  ? __fget_files+0x296/0x4c0
[ 2835.700309]  ? __fget_light+0xea/0x290
[ 2835.700949]  __sys_sendmsg+0xe5/0x1b0
[ 2835.701565]  ? __sys_sendmsg_sock+0x40/0x40
[ 2835.702263]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2835.703019]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2835.703845]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2835.704668]  ? trace_hardirqs_on+0x5b/0x180
[ 2835.705352]  do_syscall_64+0x33/0x40
[ 2835.705949]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2835.706760] RIP: 0033:0x7f87f21a2b19
[ 2835.707351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2835.710243] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2835.711464] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2835.712601] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2835.713741] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2835.714887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2835.716031] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
00:16:03 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r0 = fork()
ptrace$setopts(0x4206, r0, 0x10001, 0x0)
ptrace(0x10, r0)

00:16:03 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401004c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:03 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000400000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:17 executing program 4:
set_tid_address(&(0x7f0000000140))
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
set_tid_address(&(0x7f00000002c0))
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
set_tid_address(0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x5, 0x20, 0xcb, 0x0, 0x9d, 0x10a38, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x3, 0x1bf2, 0x9, 0x400, 0x8, 0xb51, 0x0, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0x10, r1, 0x2)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 28)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00')
readv(r3, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

00:16:17 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/snmp6\x00')
pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000228bd7000fccbdf0088000000203cebea555e6160ffff0000e8c7980b8223ca8a7699f27e0e9e9b3d7bbc594a"], 0x20}, 0x1, 0x0, 0x0, 0x4800}, 0x10)
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240))
syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)

[ 2850.393445] kauditd_printk_skb: 6 callbacks suppressed
[ 2850.393456] audit: type=1326 audit(1716336977.650:4404): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:16:17 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000910000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
open(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:16:17 executing program 3:
clock_gettime(0x1, &(0x7f00000003c0)={<r0=>0x0})
setitimer(0x2, &(0x7f0000000400)={{r0}}, &(0x7f0000000480))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00ac1414aa000000000000000000000000ac1414bb000000000000000000000000020008800c000f0000000000000000007a4f203a048a033a9ca23d99bcfcb1781291bba788c33f783fb424197d8522aa1e6bf9096f10cd0d7c7e2c4ec0ce1ab3ae21678cc2ad7691ee1358aa2a2227bd41f2b4464267d00791bac36ce9d7f52d3f8219c14efe497a1737fb4e47a765020385cd6ebfe0e87fa701b93b109a334ae14851153e89b238c0f7e9b4a0d93d162a68c005aa2807fa755efd"], 0x184}, 0x1, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 29)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x24000091)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
pread64(r3, &(0x7f0000000180)=""/26, 0x1a, 0x9)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000001c0)=0x1)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
signalfd4(r2, &(0x7f0000000300)={[0x1]}, 0x8, 0x80000)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x2)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0xc15a}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000280)={[0x4]}, 0x8)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x7ffffff9)
pwrite64(0xffffffffffffffff, &(0x7f00000004c0)="28e850c7e78e95da0628fad68d33dfe861770929f41dac5245c99445ab77f650d86573d6c9427f54be186910d0862317ec577f0eb6905b454940efdd91dc7f3ff957c5b6bc12a89a546ce89b0666dbcf0fe7b24017055becec417d9aba2124c43abc2d1aadcde83d4206cd1140e8b004b1496de03df319f14cb08d926d5246bf15816c715b583124bb37c9371a97dac9c5154cca4f0c9e42de0d6a6a1805692677f2", 0xa2, 0x4)

00:16:17 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x110)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0xff, 0x9, 0x6, 0x1}, {0x50, 0x41, 0x3, 0x5}]})
r1 = fork()
ptrace$setopts(0x4206, r1, 0x10001, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x9, r1, 0x68c, 0x0)
r2 = fsopen(&(0x7f0000000080)='fuseblk\x00', 0x0)
dup2(r0, r2)
syz_open_procfs(r1, &(0x7f0000000280)='net/sockstat6\x00')
ptrace$pokeuser(0x6, r1, 0x40, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{0x1ff, 0xf3, 0x9, 0x7}, {0x20, 0x31, 0x1, 0x1}, {0x1, 0x20, 0x80, 0xa32e}, {0x8001, 0x81, 0x9, 0x20}, {0xff, 0xc1, 0x1, 0x5}, {0x9, 0xff, 0x5, 0x4}, {0x8000, 0x6, 0x3f, 0x5}]})
chroot(&(0x7f0000000100)='./file1\x00')

00:16:17 executing program 7:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000180))
fchdir(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r2, &(0x7f00000002c0)=""/225, 0xe1)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x1274, 0x0)
r5 = dup2(r1, r1)
r6 = syz_io_uring_complete(0x0)
syz_io_uring_complete(0x0)
r7 = io_uring_setup(0x61ba, &(0x7f00000003c0)={0x0, 0x149a, 0x8, 0x1, 0x173, 0x0, r2})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, r7, {0x1}}, './file0\x00'})
write$binfmt_elf64(r5, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c467f020600a50e00000000000002003e0000180000000000000000000040000000000000001e0300000000000006000000010238000100321f0100000100000000030000000500000000000000ff00000000000000a000000000000000d70d0000000000000300000010000000ffff0000000000005563cd9a58df47eb7fe1862c4d6716e03dda73ad79bdf1e9a003bcf3986c50d4e8aa28c957fb3d2f3a377ec19cccee4be2003b4f8551fca880d37a4b11600af6227109e9493fb7702e12a94b4c79f40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009050e7803ef2b200828b499428ee9b9a2a8b7b12c9f920579b705fd3c0af6bf6112110a54e7ec44e2b34d625b8b8b7ff90b386b392354b58823de2414a47aac6b3236ddecb22885ff9e1becc44843253f161f46ef0cb678f85801e9cae2bc3852c3ac94e575dadd6ba4741e48b019b3999ec9cab3c983447c1914e62a26bded4a424c70dff97433035bdfa12fb625f34"], 0x3c7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80)
r8 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r2, 0xffffffffffffffff, r5, r1, 0xffffffffffffffff, 0xffffffffffffffff, r8, r1], 0x8)
clone3(&(0x7f0000000200)={0x451a6100, &(0x7f00000000c0), 0x0, &(0x7f0000000100), {0x16}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)

00:16:17 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000800000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:17 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006810000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2850.408819] audit: type=1326 audit(1716336977.665:4405): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2850.411450] audit: type=1326 audit(1716336977.668:4406): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2850.414098] FAULT_INJECTION: forcing a failure.
[ 2850.414098] name failslab, interval 1, probability 0, space 0, times 0
[ 2850.415196] CPU: 1 PID: 63282 Comm: syz-executor.3 Not tainted 5.10.217 #1
[ 2850.415746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2850.416431] Call Trace:
[ 2850.416650]  dump_stack+0x107/0x167
[ 2850.416951] audit: type=1326 audit(1716336977.672:4407): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2850.417005] audit: type=1326 audit(1716336977.672:4408): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2850.418659]  should_fail.cold+0x5/0xa
[ 2850.418674]  ? create_object.isra.0+0x3a/0xa20
[ 2850.418692]  should_failslab+0x5/0x20
[ 2850.421947]  kmem_cache_alloc+0x5b/0x310
[ 2850.422661]  create_object.isra.0+0x3a/0xa20
[ 2850.423451]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2850.424337]  __kmalloc_node_track_caller+0x1a6/0x3b0
[ 2850.425214]  ? netlink_ack+0x1ed/0xab0
[ 2850.425898]  __alloc_skb+0xb1/0x5b0
[ 2850.426531]  netlink_ack+0x1ed/0xab0
[ 2850.427190]  ? netlink_sendmsg+0xdf0/0xdf0
[ 2850.427204] FAULT_INJECTION: forcing a failure.
[ 2850.427204] name failslab, interval 1, probability 0, space 0, times 0
[ 2850.429853]  ? __mutex_lock+0x4fe/0x10b0
[ 2850.430565]  ? lock_acquire+0x197/0x470
[ 2850.431276]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2850.432069]  netlink_rcv_skb+0x348/0x430
[ 2850.432795]  ? copy_to_user_tmpl.part.0+0x610/0x610
[ 2850.433666]  ? netlink_ack+0xab0/0xab0
[ 2850.434370]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2850.435177]  xfrm_netlink_rcv+0x6b/0x90
[ 2850.435878]  netlink_unicast+0x549/0x7f0
[ 2850.436592]  ? netlink_attachskb+0x870/0x870
[ 2850.437398]  netlink_sendmsg+0x90f/0xdf0
[ 2850.438116]  ? netlink_unicast+0x7f0/0x7f0
[ 2850.438880]  ? netlink_unicast+0x7f0/0x7f0
[ 2850.439619]  __sock_sendmsg+0x154/0x190
[ 2850.440327]  ____sys_sendmsg+0x70d/0x870
[ 2850.441047]  ? sock_write_iter+0x3d0/0x3d0
[ 2850.441791]  ? do_recvmmsg+0x6d0/0x6d0
[ 2850.442478]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2850.443407]  ? lock_downgrade+0x6d0/0x6d0
[ 2850.444137]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2850.445073]  ? SOFTIRQ_verbose+0x10/0x10
[ 2850.445785]  ___sys_sendmsg+0xf3/0x170
[ 2850.446490]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2850.447303]  ? lock_downgrade+0x6d0/0x6d0
[ 2850.448047]  ? find_held_lock+0x2c/0x110
[ 2850.448772]  ? __fget_files+0x296/0x4c0
[ 2850.449347]  ? __fget_light+0xea/0x290
[ 2850.449777]  __sys_sendmsg+0xe5/0x1b0
[ 2850.450213]  ? __sys_sendmsg_sock+0x40/0x40
[ 2850.450695]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2850.451232]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2850.451815]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2850.452394]  ? trace_hardirqs_on+0x5b/0x180
[ 2850.452868]  do_syscall_64+0x33/0x40
[ 2850.453244]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2850.453652] RIP: 0033:0x7f87f21a2b19
[ 2850.453967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2850.455458] RSP: 002b:00007f87ef718188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2850.456083] RAX: ffffffffffffffda RBX: 00007f87f22b5f60 RCX: 00007f87f21a2b19
[ 2850.456664] RDX: 0000000000000000 RSI: 0000000020002e00 RDI: 0000000000000004
[ 2850.457258] RBP: 00007f87ef7181d0 R08: 0000000000000000 R09: 0000000000000000
[ 2850.457828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2850.458419] R13: 00007ffccbfd2b1f R14: 00007f87ef718300 R15: 0000000000022000
[ 2850.459025] CPU: 0 PID: 63270 Comm: syz-executor.4 Not tainted 5.10.217 #1
[ 2850.459660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2850.460393] Call Trace:
[ 2850.460654]  dump_stack+0x107/0x167
[ 2850.461041]  should_fail.cold+0x5/0xa
[ 2850.461468]  should_failslab+0x5/0x20
[ 2850.461836]  __kmalloc_track_caller+0x79/0x370
[ 2850.462242]  ? simple_xattr_set+0x93/0x610
[ 2850.462619]  kstrdup+0x36/0x70
[ 2850.462904]  simple_xattr_set+0x93/0x610
[ 2850.463280]  kernfs_xattr_set+0x50/0x80
[ 2850.463635]  selinux_kernfs_init_security+0x26d/0x4c0
[ 2850.464105]  ? selinux_file_mprotect+0x610/0x610
[ 2850.464544]  ? find_held_lock+0x2c/0x110
[ 2850.464926]  ? __kernfs_new_node+0x2ad/0x860
[ 2850.465338]  ? rwlock_bug.part.0+0x90/0x90
[ 2850.465715]  security_kernfs_init_security+0x4e/0xb0
[ 2850.466178]  __kernfs_new_node+0x531/0x860
[ 2850.466567]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2850.466996]  ? cpumask_next+0x1f/0x30
[ 2850.467322]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 2850.467733]  ? pcpu_alloc+0x12a/0x1240
[ 2850.468075]  kernfs_new_node+0x18d/0x250
[ 2850.468440]  kernfs_create_dir_ns+0x49/0x160
[ 2850.468829]  cgroup_mkdir+0x318/0xf50
[ 2850.469177]  ? cgroup_destroy_locked+0x710/0x710
[ 2850.469589]  kernfs_iop_mkdir+0x14d/0x1e0
[ 2850.469965]  vfs_mkdir+0x493/0x700
[ 2850.470276]  do_mkdirat+0x150/0x2b0
[ 2850.470597]  ? user_path_create+0xf0/0xf0
[ 2850.470956]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2850.471430]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2850.471872]  do_syscall_64+0x33/0x40
[ 2850.472212]  entry_SYSCALL_64_after_hwframe+0x67/0xcc
[ 2850.472657] RIP: 0033:0x7f72960ceb19
[ 2850.472998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2850.474640] RSP: 002b:00007f7293644188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2850.475305] RAX: ffffffffffffffda RBX: 00007f72961e1f60 RCX: 00007f72960ceb19
[ 2850.475932] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 2850.476557] RBP: 00007f72936441d0 R08: 0000000000000000 R09: 0000000000000000
[ 2850.477208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2850.477826] R13: 00007ffd82cbc6ef R14: 00007f7293644300 R15: 0000000000022000
[ 2850.481136] audit: type=1326 audit(1716336977.672:4409): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=57 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
00:16:17 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_tree(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401000010000a00000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

00:16:17 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="8401006c10000100000000000000000000000000000000000000ffffac1414aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000332000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x184}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
creat(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

[ 2850.552612] audit: type=1326 audit(1716336977.799:4410): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2850.555090] audit: type=1326 audit(1716336977.812:4411): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=63264 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5faeaaab19 code=0x7ffc0000
[ 2863.670367] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff88804c9aa5b0 (size 144):
  comm "syz-executor.4", pid 63270, jiffies 4297517497 (age 21.592s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 51 39 4d 66 00 00 00 00  ........Q9Mf....
    59 16 db 28 00 00 00 00 51 39 4d 66 00 00 00 00  Y..(....Q9Mf....
  backtrace:
    [<000000003d10702d>] __kernfs_iattrs+0xbc/0x470
    [<0000000081b87612>] kernfs_xattr_set+0x2b/0x80
    [<0000000066bd033c>] selinux_kernfs_init_security+0x26d/0x4c0
    [<000000009830c8c2>] security_kernfs_init_security+0x4e/0xb0
    [<000000004cdf9798>] __kernfs_new_node+0x531/0x860
    [<0000000094653238>] kernfs_new_node+0x18d/0x250
    [<000000009e2d14fb>] kernfs_create_dir_ns+0x49/0x160
    [<0000000050a53011>] cgroup_mkdir+0x318/0xf50
    [<000000005bceff97>] kernfs_iop_mkdir+0x14d/0x1e0
    [<00000000d7064356>] vfs_mkdir+0x493/0x700
    [<0000000020b5ed87>] do_mkdirat+0x150/0x2b0
    [<000000001b611463>] do_syscall_64+0x33/0x40
    [<000000008c6143d2>] entry_SYSCALL_64_after_hwframe+0x67/0xcc

BUG: leak checking failed

VM DIAGNOSIS:
00:16:39  Registers:
info registers vcpu 0
RAX=ffffffff83e6ae20 RBX=0000000000000000 RCX=ffffffff83e52c1c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e6b428 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85674108 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e6ae2e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 ffffc90000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fffa0429000 CR3=000000000d880000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=000000000ddd062a
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004136e90000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff8500f9e8 RBX=ffffffff86bf4280 RCX=0000000000000006 RDX=0000000000000000
RSI=ffffffff8500f9b8 RDI=ffffffff8500f9f0 RBP=0000000000000000 RSP=ffff88806cf09c90
R8 =0000000000000001 R9 =ffffffff8500fa1f R10=fffffbfff0a01f43 R11=0000000000000001
R12=0000000000000000 R13=ffffffff86bf4310 R14=17d1a76834414600 R15=ffffffff86bf42a8
RIP=ffffffff83e532f2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 ffffc90000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2d70d8a018 CR3=000000000d4ca000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e
XMM02=2934343120657a697328203062356161 XMM03=3620646970202c22342e726f74756365
XMM04=2e2e2e2e2e2e2e202030302030302030 XMM05=20303020303020303020303020303020
XMM06=65747962203233207473726966282070 XMM07=31322065676128203739343731353739
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000