13dffb701195d2c7905d2b94ebb80f78f238e103f850d5c7b19c8763e7b7d4ab4076d5321dd85b6fb2f53ac940ead26c31daf1c0a151b5439beff3520275419ddcb2bb92f32f1821a9a27e49e504deab5e1f13b05d924589d5b373d09bfc5c775e50f81b70e560a38d61586b787c2099c3ab1415fed4444264357ac5247c9b61a4b1268ad68f2e673405a51d6ed75566fbe9772d9e43093efa0ff57ae24376e18984331ba20204b18aaa4685a7325c81d59ddc7f8300a034580cc6826cd3708b968bdb5409220b88f7b4079c7c9e6e7a34411c11a8684ffe8b8dade7deabd62ca1329fd105f70e4f0f86a888a6a2036d1b79c47045d3ec3bbca58b1c18d994b6987c87a7f7b8ab40593c29ae40d00f8411c307f5b7619b3a71bd9d4b671eb7adf7e3f8de2430990ddb1ef2d631ebf0200ce61f703628dded5bb2f094a8ca2e14f79a16161009142bc7161a3541c09ba978a59f1f60e56127a27d6fef7842850c106aef1463466d2a5a66e205269846a574f3158c727c2d1b48f994e06ac2d752260f2cf121b7f5f039af754c8c41708daa245c5f96fea864ef504c0cf6d04be797af437e2f858b12a7d7a7aa90ba889f6a4c613104d27726b0a80d23d42a17eb148574549df17cfd321501adc9f7c7a34e173ac2467f8a9b99f6320efb81d93ac22be292e7d5de41688064c37c67002b3fea261b803f028abf26285b5d4ad21302bbd55c9e832bba23cd7939fdd77ec24c3f4f6c41efc1fd818f611fcdad91af81b687f2316ba5e00ed705a8373d8b52745389e9c2237ffae8233307638500c47440f367914398970c81c69ad5f8d8fcf08834a317aa2d7bebf484f53c17f4bf796415a0b533bcf174ce024ba777bb7735017ed765390e1eb6e1dac9ccfb33872c4a352364ddebd01073c2e5cb4d2f193d27dfde42e6fb81d03cf177b1cddf5d3065c75f7eaf1042075d9a3101c57b99f6ab6f9110651f50c62ba84396fd21e6f05267d22665860498090385aff4c3eb8638ab6338e233e132bcda261a65696c646492114174d6bea13f1390e650f8d524395980d5f114d8515e0b5716e35899bf7305c81d84e08d34f5abdf8da9ccb7a0df3b685d4ec783c6ea4fe60d7e63054e2793588e5d68c9a1992bedae3c17d5f09dc8305a716a317dacced4540d6a2c9514349fe0d0627f8180abe9b976e21c3e38b1494b7d8f453c979ddf646aaf617988202c6bb2ea86a80592c5d54bac06827159dd02506e2ebf1209696a5f25a36b2def9317fe36e93db9c80ca5cd1b307d3bca7b5c42cb479311186baff95226a3534defd76712c2a7fa6243485d6747f2cf852844efd6b2bf774d127396c19c04d5cfc2e77d8f69c7a820dedbdda2a6ea05eeea5e4370cf0e2cf97e587756f9fab329cd2b3ed27d90a7f956679ae31390c0b4390ff9d9b61efd3c0a712238908477b779166103bcaff9089c01af82b2d610a40aaa94bba13542297009a584d13d1533c959da3c0998c89819edc511a12c88e9d9c818f902bfe3a8277f8776d9f1d320b00638c2c2b1e2703b4b5438aa16bb2fb4cee35b1195a9ebf9248b89e4d813954fdc6737a312b5c19bb6d32cfb90c8e4721c2da07c161915606366eb2dcd0a739b38b8307cf5b4ba30a6e5b1aa06f517a1b687e92f0c60b12b91b6818f8170a36bbee4d9c7c959abee5488e642bee7f6659a04d2fec72cffae6b3d0cd0ac18703a6bf1e15b80b1b2f49a2f1e069d73bd24fbf59c364b9271fdca0f64cee11f3953b84a138142c102c4bb87908421ca817cb416c0b2aa821fab2436f81379581032d8203be113b92e4dcfeccc3f4be408c7de25b1d9d8583c9f99338683153df2da7020a943ba38c7c974cd810b09d8886cab8dcb6eb672fea27f47317615beaa3b5e9ed79a41d3748e78785cab034b6406a12b011420cd39972e93ede81d2c833d49bf608017318979a2e1333ac4037be28e93eb0e9d629bcf0a19e87", 0x1000}, {&(0x7f0000002700)="172df84e7520531f6c3ac8b3cdbbb954ace1c92e9be19c4990e4e011256be4b84f87218f76abfb85a6a9283d2cfc832b9eed93e3a066f5739104903ea5fcaef145", 0x41}], 0x3) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) 23:25:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0x17, 0x0, 0x0, @u32=0x4}]}, 0x1c}}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = creat(&(0x7f0000000200)='./file0\x00', 0x3c) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000015c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_STATS(r4, &(0x7f0000001680)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x1c, r5, 0x200, 0x70bd2d, 0x0, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000010) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r5, 0x100, 0x70bd25, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x6}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000) sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r5, 0x8, 0x70bd2b, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc4}, 0x40000) 23:25:42 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) [ 1362.039587] FAULT_INJECTION: forcing a failure. 23:25:43 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080), 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) [ 1362.039587] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1362.041187] CPU: 0 PID: 8449 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1362.042061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1362.048861] Call Trace: [ 1362.049212] dump_stack+0x107/0x167 [ 1362.049704] should_fail.cold+0x5/0xa [ 1362.050216] _copy_from_user+0x2e/0x1b0 [ 1362.050756] __copy_msghdr_from_user+0x91/0x4b0 [ 1362.051362] ? __ia32_sys_shutdown+0x80/0x80 [ 1362.051963] ? perf_trace_lock+0xac/0x490 [ 1362.052529] ? __lockdep_reset_lock+0x180/0x180 [ 1362.053149] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1362.054890] FAULT_INJECTION: forcing a failure. [ 1362.054890] name failslab, interval 1, probability 0, space 0, times 0 [ 1362.060634] ? find_held_lock+0x2c/0x110 [ 1362.060649] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1362.060665] ? lock_chain_count+0x20/0x20 [ 1362.060682] ? __is_insn_slot_addr+0x123/0x290 [ 1362.060696] ? lock_downgrade+0x6d0/0x6d0 [ 1362.060718] io_recvmsg+0xae8/0xd70 [ 1362.065248] ? 0xffffffffa0000000 [ 1362.065688] ? io_sendmsg+0x830/0x830 [ 1362.066176] ? mark_lock+0xf5/0x2df0 [ 1362.066646] ? mark_lock+0xf5/0x2df0 [ 1362.067113] ? lock_chain_count+0x20/0x20 [ 1362.067635] ? lock_chain_count+0x20/0x20 [ 1362.068158] ? register_lock_class+0xbb/0x17b0 [ 1362.068745] ? __lockdep_reset_lock+0x180/0x180 [ 1362.069336] ? is_dynamic_key+0x1e0/0x1e0 [ 1362.069849] ? lock_acquire+0x197/0x470 [ 1362.070369] io_issue_sqe+0x3bd6/0x77b0 [ 1362.070868] ? lock_chain_count+0x20/0x20 [ 1362.071395] ? perf_trace_lock+0xac/0x490 [ 1362.071904] ? io_connect+0x610/0x610 [ 1362.072406] ? __lockdep_reset_lock+0x180/0x180 [ 1362.072987] ? lock_acquire+0x197/0x470 [ 1362.073496] ? find_held_lock+0x2c/0x110 [ 1362.074009] __io_queue_sqe+0x90/0x9d0 [ 1362.074505] ? rwlock_bug.part.0+0x90/0x90 [ 1362.075033] ? io_issue_sqe+0x77b0/0x77b0 [ 1362.075557] ? do_raw_spin_unlock+0x4f/0x220 [ 1362.076107] ? _raw_spin_unlock+0x1a/0x30 [ 1362.076645] ? io_drain_req+0x603/0xb20 [ 1362.077137] io_submit_sqes+0x44aa/0x8610 [ 1362.077665] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1362.078273] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1362.078869] ? find_held_lock+0x2c/0x110 [ 1362.079369] ? io_submit_sqes+0x8610/0x8610 [ 1362.079902] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1362.080530] ? wait_for_completion_io+0x270/0x270 [ 1362.081138] ? rcu_read_lock_any_held+0x75/0xa0 [ 1362.081725] ? vfs_write+0x354/0xb10 [ 1362.082194] ? fput_many+0x2f/0x1a0 [ 1362.082652] ? ksys_write+0x1a9/0x260 [ 1362.083131] ? __ia32_sys_read+0xb0/0xb0 [ 1362.083643] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1362.084316] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1362.084951] do_syscall_64+0x33/0x40 [ 1362.085429] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1362.086069] RIP: 0033:0x7fa048f33b19 [ 1362.086540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1362.088829] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1362.089779] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1362.090675] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1362.091566] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1362.092469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1362.093359] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1362.094284] CPU: 1 PID: 8451 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1362.095163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1362.096188] Call Trace: [ 1362.096534] dump_stack+0x107/0x167 [ 1362.096988] should_fail.cold+0x5/0xa [ 1362.097461] ? create_object.isra.0+0x3a/0xa20 [ 1362.098036] should_failslab+0x5/0x20 [ 1362.098511] kmem_cache_alloc+0x5b/0x310 [ 1362.099015] ? mark_held_locks+0x9e/0xe0 [ 1362.099521] create_object.isra.0+0x3a/0xa20 [ 1362.100065] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1362.100757] kmem_cache_alloc_bulk+0x168/0x320 [ 1362.101370] io_submit_sqes+0x6fe6/0x8610 [ 1362.101934] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1362.102587] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1362.103230] ? find_held_lock+0x2c/0x110 [ 1362.103779] ? io_submit_sqes+0x8610/0x8610 [ 1362.108388] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1362.109032] ? wait_for_completion_io+0x270/0x270 [ 1362.109668] ? rcu_read_lock_any_held+0x75/0xa0 [ 1362.110268] ? vfs_write+0x354/0xb10 [ 1362.110766] ? fput_many+0x2f/0x1a0 [ 1362.111256] ? ksys_write+0x1a9/0x260 [ 1362.111766] ? __ia32_sys_read+0xb0/0xb0 [ 1362.112322] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1362.113013] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1362.113698] do_syscall_64+0x33/0x40 [ 1362.114197] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1362.114874] RIP: 0033:0x7f33fff70b19 [ 1362.115371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1362.117810] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1362.118816] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1362.119765] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1362.120720] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1362.121667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1362.122610] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:25:43 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:25:43 executing program 4: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) dup2(r1, r0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x30, r4, 0x121, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x1c, 0x0, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", "", "", "", ""]}, 0x1c}}, 0x4000080) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r7, 0x1, 0x6, @dev}, 0x10) r8 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) perf_event_open(&(0x7f0000000500)={0x6, 0x80, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x22}, 0x0, 0x0, r8, 0x0) 23:25:43 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080), 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:25:43 executing program 0: ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, 0x0) r0 = syz_io_uring_setup(0x7f02, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) openat(0xffffffffffffff9c, 0x0, 0x30d00, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000180)=@sco}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r2, 0x0, 0x3) creat(&(0x7f0000000540)='./file0\x00', 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0, 0x2) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x20000000) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000004c0)=ANY=[]) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, &(0x7f0000000540)) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000300), &(0x7f0000000380), 0x2, 0x3) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x541, 0x1}, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_setup(0x6d7a, &(0x7f00000003c0)={0x0, 0x4f48, 0x8, 0x1, 0x150, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000200)) ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, &(0x7f00000002c0)={0x1, 0x4997, 0x80000001, 0x1, 0xf0000000}) io_uring_enter(r0, 0x7e66, 0x9016, 0x0, &(0x7f0000000340)={[0xec16]}, 0x8) 23:25:43 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) [ 1362.298659] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8474 comm=syz-executor.1 23:25:43 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:25:43 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:25:43 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:25:43 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) [ 1362.673607] FAULT_INJECTION: forcing a failure. [ 1362.673607] name failslab, interval 1, probability 0, space 0, times 0 [ 1362.675127] CPU: 0 PID: 8490 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1362.675954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1362.676981] Call Trace: [ 1362.677309] dump_stack+0x107/0x167 [ 1362.677755] should_fail.cold+0x5/0xa [ 1362.678223] ? io_setup_async_msg+0xda/0x2d0 [ 1362.678763] should_failslab+0x5/0x20 [ 1362.679227] __kmalloc+0x72/0x390 [ 1362.679655] io_setup_async_msg+0xda/0x2d0 [ 1362.680170] io_recvmsg+0xc26/0xd70 [ 1362.680636] ? io_sendmsg+0x830/0x830 [ 1362.681109] ? mark_lock+0xf5/0x2df0 [ 1362.681568] ? mark_lock+0xf5/0x2df0 [ 1362.682036] ? register_lock_class+0xbb/0x17b0 [ 1362.682600] ? __lockdep_reset_lock+0x180/0x180 [ 1362.683176] ? is_dynamic_key+0x1e0/0x1e0 [ 1362.683684] ? lock_acquire+0x197/0x470 [ 1362.684183] io_issue_sqe+0x3bd6/0x77b0 [ 1362.684691] ? lock_chain_count+0x20/0x20 [ 1362.685199] ? perf_trace_lock+0xac/0x490 [ 1362.685712] ? io_connect+0x610/0x610 [ 1362.686181] ? __lockdep_reset_lock+0x180/0x180 [ 1362.686755] ? lock_acquire+0x197/0x470 [ 1362.687241] ? find_held_lock+0x2c/0x110 [ 1362.687748] __io_queue_sqe+0x90/0x9d0 [ 1362.688225] ? rwlock_bug.part.0+0x90/0x90 [ 1362.688757] ? io_issue_sqe+0x77b0/0x77b0 [ 1362.689264] ? do_raw_spin_unlock+0x4f/0x220 [ 1362.689801] ? _raw_spin_unlock+0x1a/0x30 [ 1362.690307] ? io_drain_req+0x603/0xb20 [ 1362.690799] io_submit_sqes+0x44aa/0x8610 [ 1362.691330] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1362.691939] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1362.692546] ? find_held_lock+0x2c/0x110 [ 1362.693046] ? io_submit_sqes+0x8610/0x8610 [ 1362.693583] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1362.694179] ? wait_for_completion_io+0x270/0x270 [ 1362.694773] ? rcu_read_lock_any_held+0x75/0xa0 [ 1362.695343] ? vfs_write+0x354/0xb10 [ 1362.695805] ? fput_many+0x2f/0x1a0 [ 1362.696263] ? ksys_write+0x1a9/0x260 [ 1362.696737] ? __ia32_sys_read+0xb0/0xb0 [ 1362.697237] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1362.697877] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1362.698512] do_syscall_64+0x33/0x40 [ 1362.698969] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1362.699596] RIP: 0033:0x7fa048f33b19 [ 1362.700052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1362.702321] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1362.703254] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1362.704125] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1362.705022] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1362.705895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1362.706769] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1362.916290] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8495 comm=syz-executor.1 23:25:58 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:25:58 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000080)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:25:58 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r4}}, 0x8) dup3(r0, 0xffffffffffffffff, 0x0) r5 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r5, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r7 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = openat(r7, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r6, r8, 0x0, 0x100000001) r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r9, 0x0, 0x80000001) 23:25:58 executing program 1: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 23:25:58 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) 23:25:58 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet(0x2, 0x1, 0x10) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x105400, 0x0) setsockopt$inet_buf(r3, 0x0, 0x25, &(0x7f0000000080)="0b4e71b7586ca487b680d85ede3ef314875fb1ecf6c8358f8ae5e4c2b9a51653e243cace77439f51ab813150e75599776c3fd6e3b03eaa9ec8792592947e3eaa7a4779dc7e13aafe1bbf2ab96415a1ff60733ab3acb832b6aeeea5dda93e8ac92bd959ffbe7f4e7a339e2c0ba5d19d0a38b31434a501d76d9a52771f2feff17113fb5ba2d15eab94162045fe88600f15bd91f3e3e932e00bb5d05c5309ecb0ca6f3709f68fc20d1ab2c4abb528f4db", 0xaf) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) dup(r2) unshare(0x48020200) unshare(0x1c000400) unshare(0x0) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r1, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x88, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x4010) unshare(0x20100) 23:25:58 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) 23:25:58 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000019c0)={0x28, 0x1a, 0xc21, 0x0, 0x0, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @u32}, @typed={0xa, 0x8e, 0x0, 0x0, @str='\x01\x01!P\x1cM'}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000040)=0x6) [ 1377.892231] FAULT_INJECTION: forcing a failure. [ 1377.892231] name failslab, interval 1, probability 0, space 0, times 0 [ 1377.895491] CPU: 1 PID: 8510 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1377.897369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1377.899364] Call Trace: [ 1377.899987] dump_stack+0x107/0x167 [ 1377.900875] should_fail.cold+0x5/0xa [ 1377.901957] ? create_object.isra.0+0x3a/0xa20 [ 1377.903065] ? create_object.isra.0+0x3a/0xa20 [ 1377.904183] should_failslab+0x5/0x20 [ 1377.905165] kmem_cache_alloc+0x5b/0x310 [ 1377.906129] create_object.isra.0+0x3a/0xa20 [ 1377.907167] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1377.908371] __kmalloc+0x16e/0x390 [ 1377.909061] io_setup_async_msg+0xda/0x2d0 [ 1377.909592] io_recvmsg+0xc26/0xd70 [ 1377.910052] ? io_sendmsg+0x830/0x830 [ 1377.910539] ? mark_lock+0xf5/0x2df0 [ 1377.911008] ? mark_lock+0xf5/0x2df0 [ 1377.911484] ? register_lock_class+0xbb/0x17b0 [ 1377.912064] ? __lockdep_reset_lock+0x180/0x180 [ 1377.912649] ? is_dynamic_key+0x1e0/0x1e0 [ 1377.913545] ? lock_acquire+0x197/0x470 [ 1377.914500] io_issue_sqe+0x3bd6/0x77b0 [ 1377.915460] ? lock_chain_count+0x20/0x20 [ 1377.916444] ? perf_trace_lock+0xac/0x490 [ 1377.917591] ? io_connect+0x610/0x610 [ 1377.918687] ? __lockdep_reset_lock+0x180/0x180 [ 1377.920036] ? lock_acquire+0x197/0x470 [ 1377.921195] ? find_held_lock+0x2c/0x110 [ 1377.922371] __io_queue_sqe+0x90/0x9d0 [ 1377.923490] ? rwlock_bug.part.0+0x90/0x90 [ 1377.924710] ? io_issue_sqe+0x77b0/0x77b0 [ 1377.925918] ? do_raw_spin_unlock+0x4f/0x220 [ 1377.927189] ? _raw_spin_unlock+0x1a/0x30 [ 1377.928380] ? io_drain_req+0x603/0xb20 [ 1377.929599] io_submit_sqes+0x44aa/0x8610 [ 1377.930813] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1377.932249] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1377.933651] ? find_held_lock+0x2c/0x110 [ 1377.934824] ? io_submit_sqes+0x8610/0x8610 [ 1377.936073] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1377.937481] ? wait_for_completion_io+0x270/0x270 [ 1377.938872] ? rcu_read_lock_any_held+0x75/0xa0 [ 1377.940211] ? vfs_write+0x354/0xb10 [ 1377.941293] ? fput_many+0x2f/0x1a0 [ 1377.942341] ? ksys_write+0x1a9/0x260 [ 1377.943438] ? __ia32_sys_read+0xb0/0xb0 [ 1377.944609] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1377.946140] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1377.947628] do_syscall_64+0x33/0x40 [ 1377.948698] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1377.950191] RIP: 0033:0x7fa048f33b19 [ 1377.951283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1377.956649] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1377.958864] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1377.960937] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1377.963005] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1377.965083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1377.967154] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:25:58 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000080)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1378.028912] FAULT_INJECTION: forcing a failure. [ 1378.028912] name failslab, interval 1, probability 0, space 0, times 0 [ 1378.031152] CPU: 0 PID: 8512 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1378.032181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1378.033429] Call Trace: [ 1378.033834] dump_stack+0x107/0x167 [ 1378.034382] should_fail.cold+0x5/0xa [ 1378.034966] ? create_object.isra.0+0x3a/0xa20 [ 1378.035661] should_failslab+0x5/0x20 [ 1378.036229] kmem_cache_alloc+0x5b/0x310 [ 1378.036850] ? mark_held_locks+0x9e/0xe0 [ 1378.037460] create_object.isra.0+0x3a/0xa20 [ 1378.038118] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1378.038870] kmem_cache_alloc_bulk+0x168/0x320 [ 1378.039540] perf: interrupt took too long (35644 > 31743), lowering kernel.perf_event_max_sample_rate to 5000 [ 1378.040989] io_submit_sqes+0x6fe6/0x8610 [ 1378.041033] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.042712] perf: interrupt took too long (35644 > 31743), lowering kernel.perf_event_max_sample_rate to 5000 [ 1378.042966] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.042987] ? find_held_lock+0x2c/0x110 [ 1378.047187] ? io_submit_sqes+0x8610/0x8610 [ 1378.047842] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1378.048541] ? wait_for_completion_io+0x270/0x270 [ 1378.049263] ? rcu_read_lock_any_held+0x75/0xa0 [ 1378.049955] ? vfs_write+0x354/0xb10 [ 1378.050467] ? fput_many+0x2f/0x1a0 [ 1378.050936] ? ksys_write+0x1a9/0x260 [ 1378.051426] ? __ia32_sys_read+0xb0/0xb0 [ 1378.051952] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1378.052618] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1378.053293] do_syscall_64+0x33/0x40 [ 1378.053783] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1378.054456] RIP: 0033:0x7f33fff70b19 [ 1378.054949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1378.059113] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1378.061450] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1378.063643] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1378.065900] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1378.068118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1378.070358] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:25:59 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 23:25:59 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:25:59 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000080)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1378.246157] FAULT_INJECTION: forcing a failure. [ 1378.246157] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1378.250035] CPU: 0 PID: 8526 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1378.252161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1378.254797] Call Trace: [ 1378.255629] dump_stack+0x107/0x167 [ 1378.256775] should_fail.cold+0x5/0xa [ 1378.257989] _copy_from_user+0x2e/0x1b0 [ 1378.259260] __copy_msghdr_from_user+0x91/0x4b0 [ 1378.260720] ? __ia32_sys_shutdown+0x80/0x80 [ 1378.262105] ? unwind_next_frame+0x13ef/0x1a90 [ 1378.263709] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1378.265572] ? 0xffffffffa0000000 [ 1378.266797] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1378.268356] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1378.270206] ? create_prof_cpu_mask+0x20/0x20 [ 1378.271770] ? arch_stack_walk+0x99/0xf0 [ 1378.273199] io_recvmsg+0xae8/0xd70 [ 1378.274466] ? kfree+0xd7/0x340 [ 1378.275609] ? lock_chain_count+0x20/0x20 [ 1378.277062] ? io_sendmsg+0x830/0x830 [ 1378.278386] ? kfree+0xd7/0x340 [ 1378.279525] ? mark_lock+0xf5/0x2df0 [ 1378.280815] ? slab_free_freelist_hook+0xa9/0x180 [ 1378.282503] ? mark_lock+0xf5/0x2df0 [ 1378.283816] ? lock_chain_count+0x20/0x20 [ 1378.285287] ? lock_chain_count+0x20/0x20 [ 1378.286731] ? __lock_acquire+0xbb1/0x5b00 [ 1378.288211] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1378.290048] io_issue_sqe+0x3bd6/0x77b0 [ 1378.291435] ? perf_trace_lock+0xac/0x490 [ 1378.292895] ? io_connect+0x610/0x610 [ 1378.294224] ? __lockdep_reset_lock+0x180/0x180 [ 1378.295835] ? lock_acquire+0x197/0x470 [ 1378.297229] ? find_held_lock+0x2c/0x110 [ 1378.298650] __io_queue_sqe+0x90/0x9d0 [ 1378.300004] ? rwlock_bug.part.0+0x90/0x90 [ 1378.301477] ? io_issue_sqe+0x77b0/0x77b0 [ 1378.302911] ? do_raw_spin_unlock+0x4f/0x220 [ 1378.304431] ? _raw_spin_unlock+0x1a/0x30 [ 1378.305890] ? io_drain_req+0x603/0xb20 [ 1378.307271] io_submit_sqes+0x44aa/0x8610 [ 1378.308745] ? __do_sys_io_uring_enter+0x6b2/0x1890 23:25:59 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1378.310488] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.312400] ? find_held_lock+0x2c/0x110 [ 1378.313820] ? io_submit_sqes+0x8610/0x8610 [ 1378.315308] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1378.316982] ? wait_for_completion_io+0x270/0x270 [ 1378.318502] ? rcu_read_lock_any_held+0x75/0xa0 23:25:59 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6) [ 1378.319964] ? vfs_write+0x354/0xb10 [ 1378.321360] ? fput_many+0x2f/0x1a0 [ 1378.322607] ? ksys_write+0x1a9/0x260 [ 1378.323929] ? __ia32_sys_read+0xb0/0xb0 [ 1378.325348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1378.327148] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1378.328907] do_syscall_64+0x33/0x40 [ 1378.330165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1378.331914] RIP: 0033:0x7fa048f33b19 [ 1378.333177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1378.339470] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1378.342120] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1378.344583] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1378.347050] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1378.349374] FAULT_INJECTION: forcing a failure. [ 1378.349374] name failslab, interval 1, probability 0, space 0, times 0 [ 1378.349520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1378.349529] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1378.354702] CPU: 1 PID: 8537 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1378.355767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1378.358539] Call Trace: [ 1378.359153] dump_stack+0x107/0x167 [ 1378.359682] should_fail.cold+0x5/0xa [ 1378.369504] ? create_object.isra.0+0x3a/0xa20 [ 1378.370208] should_failslab+0x5/0x20 [ 1378.370688] kmem_cache_alloc+0x5b/0x310 [ 1378.371205] ? mark_held_locks+0x9e/0xe0 [ 1378.371715] create_object.isra.0+0x3a/0xa20 [ 1378.372264] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1378.372916] kmem_cache_alloc_bulk+0x168/0x320 [ 1378.373500] io_submit_sqes+0x6fe6/0x8610 [ 1378.374049] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.374673] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.375285] ? find_held_lock+0x2c/0x110 [ 1378.375795] ? io_submit_sqes+0x8610/0x8610 [ 1378.376349] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1378.376996] ? wait_for_completion_io+0x270/0x270 [ 1378.377621] ? rcu_read_lock_any_held+0x75/0xa0 [ 1378.378208] ? vfs_write+0x354/0xb10 [ 1378.378678] ? fput_many+0x2f/0x1a0 [ 1378.379139] ? ksys_write+0x1a9/0x260 [ 1378.379621] ? __ia32_sys_read+0xb0/0xb0 [ 1378.380135] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1378.380795] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1378.381515] do_syscall_64+0x33/0x40 [ 1378.381989] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1378.382644] RIP: 0033:0x7f33fff70b19 [ 1378.383116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1378.385546] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1378.386510] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1378.387400] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1378.388294] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1378.389206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1378.390104] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:25:59 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:25:59 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:25:59 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 23:25:59 executing program 4: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_create(0x6, &(0x7f0000000180)={0x0, 0x3b, 0x2, @thr={&(0x7f00000004c0)="d4b3f6223ed086ac1fb6a8a2b46b6bd737103e330d030434c3fccaf2965bb346d4ede9b796afe6d3b82a0148d02138d3820f157c2bfa22a7526f19ce501ec4740e28bccb914bdc518dd659de84b83c8573d84637743c7d6f4c73509d146dd6f41fe197f006758b9c29535f3a9f0d635afb3ebf4edd30a475ec5e4b4ed057c3a9b47a92e4bf255501faea8f32f626639045d84f4d09400325ba18ec8b7c8fa921d9b99d481f3baf3b0754f492b2f3171a29e51fda7de0f9fe98bc8e6acb86b717471a550cb255e83617bb3aeb2aab0f96ea813f84dcf2252e4cc74fa2bb3dc21f7bf563d579cd33e01915ebacb9986efce3c0b5ef7feae300ad8ee67f2ac509b6158ce5bcbe211fbe045fb34fa8dab4643bcca42ef7cecd1092f73125b097f136e25e33bd4a042dce0c0e8db835b3533f3fdaf9b13228d88600f4aa4f721e3399dc64c38a44086e94d1d1d23ff80e9a6a896c53b72f69c6654ad9bbec84a7f1609755d861ba196407545ba406c10a6945cbf1297465df7132024d75174cb8996c9a0fdb0ff850672d864b670f4c7108a556918eb43986521e75807282327e807737fbb3edc4b90a38a8fe574b14f1aa423c545ca7f8482e55c051201042d8dd6898a4a716da4f95b3a98d447831858dc3bece92c5068df702655b703221cd26ff7587abda167d2cf59229882919d02aaf5d4dd3dc61a1e090fdc270c36f3900146f082ec497adf530567d7006f9de8af5f8a9ec866f685ed8ef7be0afcf9db2ec153b9a8211dd3f858456c54acd572fff72f3f3a19094dc2f466d2f4973759c9ef0a2b40eca339b9a98e4bb4ad4eaa95f775e2ea1d6c95f85816a4fe4e57c196e1d7f8e9287b516e51bf37b6f58ef7e2971d588e564be4d27031f4e3a6175513e33b5a8bf234cb2295c03954638858c1b7bb08c07091bf7b99c9f19b72d10e616ce125c1fff15d8e0f5cf5ff73a6f03f3507e332729412956abf99b6cb8eae6ca24d444631d84e557a9208cbf1da532d8a757f285477ec48211f5db14d0f42f413e51b352ea5c8ff1edf58e6759845d6cd7c4d5b41a1aa3e70d7eb405b9c2f10369fa96f21710dce8e4f15522b787542afa8fe2aca491ac8eece4e83b8db0f6d1104db69fdc589e759429660b5adf349d6d54c07774360b8b4cd3f980878f77abf4d5c86c6fc475f6453219e9e1e2717f5fa69134f8ad3449297e63e610dda1beeb5d1aecc2f58764e434b9f7be99e0553ac2ae856155c6a8dc4d182b0749256087a493d2e9918d5a3690d783eeb5b490182c66dae8fcd3b21d075308646c1e68803f3ad10f78afc98b6edf12c6c77b6f8321ca8c89c57a22b9b0bbe39e2cd09a4828dfed418e487db24fff5d762230b1bb4d48aa428eb6e7a41f37d877b612cce88366ebd5aeac4acd79042786d89a86d3cc05edd83d7a04726077c1e5d9fc95688ab2996e24524be565c9c8f663052e58c6a28f3a45659c39040197fb94f0eccfa2a5bcfb3a45551b305c19c11a73b4a0a313bd2dd35a04d1055b88d881dfaa25192fd6f5a12c9db5d5fc1251b13fd4f8c7b22a0e505472b9b5f68923e1f7e0888d6a29e1eede8ac699855cc59ad39968d8e48a5521ce77dfc5e489957186f690d544c063a0da4affa297e583364898537b462467c6c1d3c866d94bf88a53a532cd3b310e84976b97d95127f20dcb96c6aee0109a6ffd3134da53c48ee03599ef11b452419fab9615352013d31c55416fd10d43ac8fb54c9c008a60d2c7606366630d6cf7f5b712eb3a656f5e03d28d7c758a7007cd6749eae63131386cef699930eb0502b01e70d3d157b230e9cd4c139bb2dcda977bfd4481d182b3dc2e29029d29bf131f9d0fbdc5c31e3d2d6c9743c227ec3bc0bc574af6452d0ef05cb20654f5fe19bcc547fa5f6cb40c36eeb66ffacd4af198883a1c69dab5d543b5a8cf8ebaca3aea3839630ed8ad10770cf16f6a3a0eba8e7dca6eafd5120cbb6ce3e61e78c0e2f49762a046d03f69ca0ef34a504cb9f76e2c271df8231e75fae13d6e1ce7b5e9dcbd0606e24fbb2d6a0ab24bc40134de42cdc1eafabf610593ccb7f3e19ba20621d3e266eed2115d6f356f5b9e9715a7084888e42e61275df97ddce603a4f7d539e9ecdd7484781587587990cd3ef569caa8d5193e42cadc7c6c52ccb6469ae9b797f2b8c9f8f7f9b3db728b63bc75cb7dd3d7208eb5f5df01831574f288f36a23152e4d44de48a5e48de9774b486c4dc907422ef49e3bd550fa551aaaaefc9ae80b89d04f1ecb06a976307e0c41ce3b93c137a87120528e08cb564121933b6f43e46e9fe632d119da720d6e711df410a087713d65a6d3410064db9315273648ffe398fbcbc8962d80700d86fadba5943df86867fccea9c14874340d7927415a240be1fc1a0a74d0b4cfda052046f6063e4f77bcfc6b729c244b9240b6eee322bccc945b6f5784fcd82c3490d86cf0c4d498b3a74a786782e365c545a05efab58253472a7b14e45ea691d1582c270cbe970db252b6bf7c03692d8b47cbfe4c7901363fae6b6535d8a8123201adc7e00ae6e8cbcd0b8d86d72e4ccb843fb5fe157613e80d41a288123442f3e782363482206fb22ed7a5b1100547f44d85b83f6105dbf27c9464fc3fa7de77cba41ab5ca0231f57002805637f51210606a11437f59049409ff24513b5b55dff1f3fe6ed3ea4128ef7169e5ad470474ab98313014adaf44370184e401ae97a89eba0163f604572e8f41f9d6878a3376617cf8f4625985f2c8d4b1dadfafffe32edac418dae25e274bd7d0dfb8855d9e68bfea81e13e77b38595a97ceaa915bbfd7bc4a9719f873b433082634068bc135308994fe45b3639f97889e13291d7af1691595668e2aa713f4d9a89df40e3ffee3fe210e87b9e1394a171ede70d1c795048ffdd8f47c220396ecc6ac8a45f06149c4fcd02dec94eba9f1cebf50c9ea8691b545c065dfef8166e6900828f1129f68b7a0b6e6c0d4c26b250bb39697ed8c28b7a220a09daf530bf5e4079abf9ab2e113f036c61f5e9bf69fa790a13679d731cdfddc152312423bef50352bf71c9d27ae66891e8188e6dceba0eca3b307cc0f3047ffa1bf0dd39d53c5934fb03b2524cb79c4b018e277dad0cff7ffebab282a24b348823912d64e92740e3ab054005c216335cbe51fd0e7da8e9b92a93cc1086b4fa2168afb4182c68ea7c4e85a9d025b10da9553883070bc7afe4b175420d2eae2d8cddc49e36c8214b2aa6c5e4293ed3b47a74c4a78b4ac26a3eae1ae9203536e84e38f25a10ff140e1132a05d2f3e2c229a5bdb1d9090f3c943f5d9f0df808d13a19b91719832079fcf5bd2e349c8160adf5aa529732b53c8a6136169561e9838a37c1e5f03e52f532466f5c5a4c0d8f4234049896096f436e88bdefb58f5f249ea552dc2f44df0d2a857deecdc281bf553d43b3e66c647073895b3594b08af6989019a4766127fcb1311307d0178336584d60d6c719dd27b001272cf566c02819e7df6fe2afe0444f4920e1a1c94e6ca8e8cb89a2d893a639b388af7340330e91d9ee7406f77635631be9e3e6441b6c8a8d0ade7b59d106a9914f62364d288a7110083c7c400e24f3a1727d6bf0623118612d08c73e8a301fa298af4bfed56ad97d89c0f7e5c2a7af09c4d82a90ab61727c5eb78efb97bfeb827ed9dd8f4e79ec222971e4e12f43431ff092cf878cf726fd8d58be922133930a70ae975a31e7fec89cbe5770eb532088a1350a9382e81b4418fb20175d2166041e0450ea39e673be66182f82d01bcdb4892f298a7c2f527b3a3e7621139e6df47ff48073085215352cc52adcfc6c99749beaae5c5141dd5964ec0fab6cdb93492eaf2097c9a3e6f5fcb3e2bd0de4b27fabda0e0966f6fe39366b66824780f585c2f8137fc71a71dbfb1db58228d8d220d025c711b6cc2d2362d540e2a852d91623a5f3268c1b1e398aee7bcf2f644659dc648701b6ed4a8a0270175d1ff624df4c9aa790a3aab34174035759a2886ac006a8fb6d620b36ce8d6aa8d2746e4a483685d095d05d87fd67a04a458a4f84d3dd1bdc2890190f4faa59e2a15c2d9e5a742175ba7a55c5033760c530b6d3de0f58c3427485799f3b03057303979f3e022743385df217db9a79b9fb21584e448019e10833bc638c31704f113ecf645b2b538717225bb6490b9243c1969b00841b12a48101e3b657bf87b407d00976dddf9b214c87dfeb799f3f651a62909f12029588eb2e270be7eb8e82cd52007c7d605f51596d3e05ac410565b0358f7206637480caa52f1c57c58fe17a19f29c522d6664d642184f5c36d7d93668ef5983fc1e03bd865cd4587f10520858e6df757d86c1db5739d0d519f9e52ff7a15f4f45c0fe63f60d5c838ecb26dbeb0fdc4bf36f89e93e7bf3e5253284621f07d77a243c2cc9fc026aea82dbd30a1b5c23d0c4461358f4b30139077c26a9f0d64fcf10d7d021d7fb82c6e20c0e9f4f60d68676ae94b227ef6ee718fc0aeb35ab469902ea51d3e3cf64843a41f8b592d143c0c369e76046bda885b5b35520408202844bbe231ea42982b3c66440e5f2da3e0b04b9ba0eb2f9d27ee47def34f3232a0f7f0495b4df7feb2f929a6f7c679406a32006e6732514aaca4e03be15ad7dde31069f78ebd59c8080e67f7b86c3c3ed667657f503d3074441849ababe76869c10fe0804c13793e598c112d774933472a2b29b3eab873a33da4532f31f063d995f214794db425e280a1b855067777896d5024de46e3b108f388e9c80a904c3d20d2c19269b9ffa992757fa73770a61e0edadca3f43460710a4657147a2298fa28dad38dd151fd20d8b3b879383b9e70b2f1bbb8f70c582bed44ae5636841d7db968d1faa021423263d648394dd6f93e59ecf88cae7b4414761fbea9c4e4fd266279ddf361ff05fcce8201f96068c6e206cf87d23ed9909ee95fb372971acd6b83d63c80c2e943c990d81e9e0e2cc82613c36b24cf3b6f75b75995c9580d4b5d886bd110f2a2f88a0ec4a9d14fcd511c8f9848da6ab478bd59c132a411221d457f8892ae906e7895f03d938a28ab7fd546bac2f549c91231d84d8263d4a15325675383b866cc293122f58d7f0551f72bb09ae8291020947fa690f713595f6e98f0a599308899d576844c87016aaaba125ff7380ff78b3df46dfff2130ec6653f5dd0ba187b5a02a6f8fb4c779a09908f510047f14245ee0b7178510b79b25193650e00a2f758e22163daf61c15e682e13cf0616f8d87e18184b6ff8f5a3e5371e09cafc42b6ea1f2bda3ddee4a7aa63b32a7da1283ad30188c46456b986dcdc3d3134d89efbd92bc0d0a1f9d678e2735d2eec088a241df313b2098cd5168e031b6416889630c31b7b85c79202286228769be0a47155e7c81e569f9fbd657ed7a614a7b7ac5ac4ca4f9bf0641033ec6fdf6cb23329ac00c9f84371c86d95bde20cc37031e4340c7c42a02f3792a4de1bd5868c2eaeab816d5d602306edadc2eda3b199176e669e99c8d0e88b080969d44ff5624ea6db90d1a8ecef732e9d2137b214077852371c997817e2d6a5c410e8f6a8784a4d0eefd404a4b2b7d67fde32582657a94a567276fac2acd5882f13cbfe489ed4785a960d5a94da301ac6123a2b3fe83ca298c3174f6035e37ff005c624bbd40a3f98ce0ab3915b85811e374cf160634ac6381cd09cc45bf7da737dd7fb48fcc459648e87f01bc605521840be19ea3e961aae57342088359e6a34aa6391eafcd1704a721a7d777053e0420ac840046b26c47", &(0x7f0000000100)="03e6625a639d3af349e81db953554a3603ad329d5cd0a94ad4324be61bdd899c78a2d52ab3a282f2e3385cd259b2b57f1ebfcc4b8775ab6a292979b58de34225997fd47f3b2cf8be7384"}}, &(0x7f0000000240)) timer_delete(0x0) timer_create(0x3, &(0x7f00000003c0)={0x0, 0x1000002e, 0x2, @thr={&(0x7f0000000380)="046d91aabe8b59babf80879a918c2766328ef52030c386efa3c0656393ae2ee7a4b47e9bdde8e8b7c1a281b4dedccef9736d11a8c1303a6714e9969009d05b", &(0x7f00000004c0)="7ae662e921d48f4f924675059336348f18fd2b1bfb69dbe80402f0dd936eb90d84d6c60c1942ceb8a9813193e6941b55cfffa85565946e85b2904d2f4b55bbfa173209483d68863c55ac8834944119f1c1fe23b58d6dae0562abdf5b482d3f97a3c6ed0825b36a39424721099792a397536b185819b1d66895469d69bef92d75d35087540aea5bfa5b6688b47aa974ecc3922ab460f3de490000000000"}}, &(0x7f0000000340)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000040)={{r1, r2+60000000}, {r3, r4+10000000}}, &(0x7f0000000300)) timer_settime(r0, 0x1, &(0x7f00000002c0)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000300)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x73, 0x0, 0x0, 0x5e, 0x4802, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r5, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="2cd3ee69c73312140000001600010d00"/27], 0x14}}, 0x0) read(r6, &(0x7f0000000080)=""/65, 0x41) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1378.580901] FAULT_INJECTION: forcing a failure. [ 1378.580901] name failslab, interval 1, probability 0, space 0, times 0 [ 1378.582403] CPU: 1 PID: 8545 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1378.583260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1378.584289] Call Trace: [ 1378.584625] dump_stack+0x107/0x167 [ 1378.585189] should_fail.cold+0x5/0xa [ 1378.585669] ? io_setup_async_msg+0xda/0x2d0 [ 1378.586278] should_failslab+0x5/0x20 [ 1378.586753] __kmalloc+0x72/0x390 [ 1378.587189] io_setup_async_msg+0xda/0x2d0 [ 1378.587713] io_recvmsg+0xc26/0xd70 [ 1378.588169] ? io_sendmsg+0x830/0x830 [ 1378.588642] ? kfree+0xd7/0x340 [ 1378.589164] ? mark_lock+0xf5/0x2df0 [ 1378.589631] ? slab_free_freelist_hook+0xa9/0x180 [ 1378.590306] ? mark_lock+0xf5/0x2df0 [ 1378.590910] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1378.591600] io_issue_sqe+0x3bd6/0x77b0 [ 1378.592108] ? perf_trace_lock+0xac/0x490 [ 1378.592626] ? io_connect+0x610/0x610 [ 1378.593164] ? __lockdep_reset_lock+0x180/0x180 [ 1378.593755] ? lock_acquire+0x197/0x470 [ 1378.594264] ? find_held_lock+0x2c/0x110 [ 1378.594789] __io_queue_sqe+0x90/0x9d0 [ 1378.595280] ? rwlock_bug.part.0+0x90/0x90 [ 1378.595809] ? io_issue_sqe+0x77b0/0x77b0 [ 1378.596330] ? do_raw_spin_unlock+0x4f/0x220 [ 1378.596914] ? _raw_spin_unlock+0x1a/0x30 [ 1378.597442] ? io_drain_req+0x603/0xb20 [ 1378.598014] io_submit_sqes+0x44aa/0x8610 [ 1378.598557] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.599180] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1378.599786] ? find_held_lock+0x2c/0x110 [ 1378.600300] ? io_submit_sqes+0x8610/0x8610 [ 1378.600858] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1378.601535] ? wait_for_completion_io+0x270/0x270 [ 1378.602191] ? rcu_read_lock_any_held+0x75/0xa0 [ 1378.602774] ? vfs_write+0x354/0xb10 [ 1378.603241] ? fput_many+0x2f/0x1a0 [ 1378.603697] ? ksys_write+0x1a9/0x260 [ 1378.604175] ? __ia32_sys_read+0xb0/0xb0 [ 1378.604689] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1378.605366] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1378.606015] do_syscall_64+0x33/0x40 [ 1378.606482] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1378.607130] RIP: 0033:0x7fa048f33b19 [ 1378.607598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1378.610030] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1378.610986] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1378.611880] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1378.612774] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1378.613778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1378.614670] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:26:16 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) 23:26:16 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:16 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x0, 0x2000}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0xfffffffd, 0x0, 0x0, 0x383, 0x0, r1}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_virt_wifi\x00', &(0x7f0000000540)=@ethtool_per_queue_op={0x4b, 0x4469f7ad515fd4, [0x1, 0x81, 0x11, 0x80, 0x9, 0x100, 0x62e, 0x4, 0x8, 0x200, 0x5, 0x4, 0x4, 0x8, 0x7ff, 0x9, 0x1, 0x9, 0x2, 0x3f, 0x20, 0xa772, 0x4, 0x2, 0x6, 0x3ab3, 0x9c, 0x9, 0xe55, 0x1, 0x4, 0x5c7554cf, 0x8001, 0xff, 0x1, 0x2, 0x400, 0x3, 0x9, 0x3, 0x0, 0x0, 0x1, 0xa, 0x2, 0x8, 0x7, 0x2, 0xa3, 0x400, 0x3, 0x40, 0x7, 0x5, 0x1, 0xffff, 0x9, 0x7, 0x6, 0x6, 0x6, 0x1, 0x8001, 0x9, 0x80000000, 0x2, 0x3, 0x5, 0x4, 0x1d8, 0x1f, 0x9, 0x80000000, 0x0, 0xffff, 0x3f, 0x2, 0x80, 0x5, 0x7ff, 0x65, 0x80000, 0xabe8, 0x7b, 0x10000, 0x8, 0xa3, 0xf9bb, 0x3, 0x0, 0x2, 0x1, 0x40, 0x2, 0x7fffffff, 0x2, 0x1, 0x5, 0x4e, 0xa2, 0xb12, 0x5ed, 0x8000, 0xffff, 0x6f86fb49, 0x800, 0x8, 0x841, 0xffab, 0x722c, 0x1ff, 0x8000, 0x20, 0x101, 0x0, 0xff, 0x10001, 0x3ff, 0x4, 0x8, 0x7fffffff, 0x9, 0x8, 0x6, 0xc88, 0x5, 0x6, 0x45c], "81f46a070938db842b3f3151cf4fa88ace0565d101495f35a71d468d490f66a072fdc1806924714d0142237b0e87f6d6642e63894c6f6df432f09045d50d09161534b97c0e70eab2d1d30facf2442a0f989829d96a60850f1cbe3b2973761c229d467855c964fdcb7c87a6a9440a2cfacc9ecf61b2ae15b8d154afe164dfcf109c"}}) 23:26:16 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:16 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000800)) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f00000000c0)='./file0\x00') openat(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) setxattr$security_selinux(&(0x7f0000000100)='./file0\x00', &(0x7f00000004c0), &(0x7f0000000880)='system_u:object_r:qemu_device_t:s0\x00', 0x23, 0x0) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x541000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000200)=ANY=[@ANYBLOB="0100e8003a99f1b126228f7ea44e6a93c2821c0100d289a2930040", @ANYRES32=r3, @ANYBLOB="02000000000000002e2f66696c653000"]) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) setresuid(0xffffffffffffffff, r1, r4) getresuid(&(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)=0x0) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x1, 0x6, &(0x7f0000000580)=[{&(0x7f0000000380)="ed4ad93b5aaae49af38fde6afc333e0144dc4aa320abbdc1faf26403676ad525efd7de810a84ffd606bcbe08991ea03f21092bf38757bd4c53288f4cdfbc81fb0b57a9aaab5c8469630ca61998866f59a199211dccbf8069b226c2e805bec90f0475eb58ec50ceed0a411b57df1c7aa9f9aeba99fc951ec0e9b8954edc889284bb13bfc8859192c3609b90cb", 0x8c, 0x2}, {&(0x7f0000000780)="050a568f8e32866e4e0731eb912f92145997386002727d6af90bb337f4a8d7852d3ac8f32e5a98326947117ece7f46e47caaf80bc386e694708a5b2faee8fd9caf8523da024ad1559b5a273834cd93cd25a2cf512b6e709888e8cde7aab0e77ad80c23a30f445cfd18e3ca243e1e48c16b", 0x71, 0x44}, {&(0x7f0000000440)="a27c2253a6c27cd4", 0x8, 0x8}, {&(0x7f0000000480)="5fa3da4a1b13cfcea058a79d187d15b0360682769cb4e91f25eb1d41bcd3ee538802879268392ec106974f8905c3f32c3880739845eea8", 0x37, 0xfffffffffffffffc}, {&(0x7f0000000500)="bc5e75fd3963", 0x6, 0x6}, {&(0x7f0000000540)="80bedf7c5517b281edd9548d", 0xc, 0x1}], 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='mask=^MAY_WRITE,fowner=', @ANYRESDEC=r1, @ANYBLOB="2c726e6f810900646d5f752c7569643c0000", @ANYRESDEC=r5, @ANYBLOB=',\x00']) 23:26:16 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:26:16 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 23:26:16 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0x0, 0x0, r0, &(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x400, 0x1000, 0x1}, 0x7) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x0, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {}, {}, {0x0}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0}, {0x0}, {0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0}, {}, {}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0}, {}, {0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {}, {0x0}, {0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0}, {0x0, 0x0}, {}, {r6, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}], 0x0, "46dacd8396fe92"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, r5}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0}, {}, {0x0, 0x0}, {}, {0x0}, {r4, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {r6}, {0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {r2, 0x0}, {}, {}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {}, {}, {}, {}, {}, {0x0}, {0x0}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {r3}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {0x0}, {}, {}, {0x0}, {0x0, 0x0}, {}, {}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0}, {}, {0x0, 0x0}, {}, {}, {}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0}, {0x0}, {}, {0x0}, {0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {}, {0x0}, {0x0, 0x0}, {}, {r2, r5}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000003440)={0x1, [{r357, r99}, {r33, r363}, {r250}, {0x0, r305}, {r202, r172}, {r349, r233}, {r339, r221}, {0x0, r166}, {r168, r128}, {r246, r300}, {r274, r142}, {r120, r125}, {r90, r175}, {r158, r29}, {0x0, r337}, {r56, r31}, {r370, r293}, {r235, r363}, {r358, r190}, {0x0, r286}, {r13, r359}, {r311, r60}, {0x0, r179}, {r167}, {r52, r77}, {r165, r218}, {r39, r155}, {r290, r364}, {0x0, r295}, {r143, r53}, {r148, r376}, {r185, r164}, {r356, r340}, {r261, r54}, {r263, r375}, {r136, r226}, {r309, r55}, {r116, r51}, {r224, r193}, {r35, r21}, {0x0, r63}, {r152, r104}, {r312}, {r276}, {0x0, r203}, {r220, r37}, {r191, r278}, {r272, r192}, {r62, r11}, {r82, r192}, {r270, r198}, {r127, r60}, {r22, r137}, {r234, r355}, {r222, r281}, {r219, r381}, {r265, r236}, {r75, r115}, {r67, r328}, {r103}, {r368, r314}, {r346, r19}, {r255, r254}, {r16, r112}, {r40, r23}, {r216, r381}, {}, {r280, r248}, {r238, r91}, {r147, r32}, {r20, r286}, {r127, r49}, {r338, r286}, {r331, r228}, {r82, r111}, {r135, r318}, {}, {r98, r262}, {0x0, r277}, {r338, r159}, {r223, r340}, {r113, r81}, {0x0, r260}, {r368, r63}, {r85, r175}, {r133, r308}, {r319, r256}, {r327, r264}, {r299, r89}, {r214, r86}, {r30, r29}, {r34, r83}, {r288, r102}, {r171, r229}, {r285}, {r323, r330}, {r110, r297}, {r206, r66}, {r349, r328}, {r372, r271}, {r169, r293}, {r279, r60}, {r235, r140}, {r269, r268}, {r253, r296}, {r127, r242}, {r362, r9}, {r123, r237}, {r316, r149}, {r303, r189}, {r124, r251}, {r294, r332}, {r133, r92}, {0x0, r80}, {r205, r259}, {r234, r196}, {0x0, r181}, {r339}, {r279, r183}, {r42, r377}, {r138, r163}, {r43, r64}, {r311, r367}, {r180, r365}, {r194, r342}, {r94, r79}, {r59}, {r50, r12}, {0x0, r313}, {r65, r134}, {r380, r209}, {r10, r245}, {r199, r195}, {r210, r266}, {r101, r61}, {r28, r240}, {r304, r129}, {r270, r18}, {r360, r211}, {r231}, {r239, r287}, {r243, r315}, {r119, r178}, {0x0, r187}, {r116, r131}, {r74, r321}, {r188, r344}, {r177, r108}, {0x0, r282}, {r327, r283}, {r374, r289}, {0x0, r46}, {r298, r354}, {r161}, {r121, r27}, {r343, r57}, {r24, r251}, {r122, r212}, {r114}, {r334}, {r250, r146}, {r341, r381}, {r307, r72}, {r30}, {r145, r233}, {r247, r78}, {r335, r17}, {r24, r317}, {r215, r7}, {r249, r186}, {r378}, {r171, r126}, {r290, r310}, {r235, r361}, {r154, r266}, {r258, r337}, {r161, r153}, {r38, r109}, {r373, r348}, {r150, r217}, {r45, r291}, {r214, r350}, {r98, r160}, {r173}, {r345, r118}, {r48, r351}, {r252}, {r232}, {r352}, {r15, r369}, {r292, r111}, {r366}, {r41, r201}, {0x0, r332}, {r26, r130}, {r200, r36}, {0x0, r95}, {r177, r37}, {r157, r70}, {r301, r208}, {0x0, r60}, {r182, r183}, {r139, r278}, {r71, r257}, {0x0, r118}, {r120, r93}, {0x0, r84}, {r184, r225}, {r14, r332}, {r306, r227}, {r105, r353}, {r267, r320}, {r322, r164}, {r162, r348}, {0x0, r326}, {r347, r132}, {r170, r296}, {r8}, {r87, r47}, {r210, r302}, {r184, r11}, {r329, r107}, {r165, r130}, {r69}, {r188, r58}, {r117, r283}, {r96, r314}, {r100, r175}, {r244, r296}, {r272}, {0x0, r207}, {r48, r204}, {r299, r197}, {r258, r76}, {r174, r213}, {r230, r88}, {r173, r144}, {r269, r333}, {r253, r189}, {r141, r179}, {r241, r175}, {r253, r336}, {r255, r73}, {r284, r305}, {0x0, r97}, {r151, r282}, {0x0, r275}, {r279, r176}, {r356, r325}, {r371, r97}, {r42, r44}, {r273, r68}, {r106, r156}, {r323, r379}, {r324, r317}], 0x40, "f6f715dad7f973"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x0, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f0000001440)={0x0, [{}, {}, {}, {}, {r383}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r382}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r25}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r250}], 0x1, "ab5822bdf580c2"}) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000002440)={r384, 0x2}) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000001400)) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)) write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xfdef) perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, &(0x7f0000000280)=0xfffffffffffffffa, r0, &(0x7f00000002c0)=0x95, 0x2, 0x0) lseek(r0, 0x0, 0x3) [ 1395.471612] FAULT_INJECTION: forcing a failure. [ 1395.471612] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.473155] CPU: 1 PID: 8565 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1395.474012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.475040] Call Trace: [ 1395.475377] dump_stack+0x107/0x167 [ 1395.475832] should_fail.cold+0x5/0xa [ 1395.476312] ? create_object.isra.0+0x3a/0xa20 [ 1395.476883] should_failslab+0x5/0x20 [ 1395.477358] kmem_cache_alloc+0x5b/0x310 [ 1395.477883] create_object.isra.0+0x3a/0xa20 [ 1395.478433] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1395.479068] __kmalloc+0x16e/0x390 [ 1395.479519] io_setup_async_msg+0xda/0x2d0 [ 1395.480052] io_recvmsg+0xc26/0xd70 [ 1395.480514] ? io_sendmsg+0x830/0x830 [ 1395.480993] ? kfree+0xd7/0x340 [ 1395.481416] ? mark_lock+0xf5/0x2df0 [ 1395.481898] ? slab_free_freelist_hook+0xa9/0x180 [ 1395.482503] ? mark_lock+0xf5/0x2df0 [ 1395.482993] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1395.483660] io_issue_sqe+0x3bd6/0x77b0 [ 1395.484170] ? perf_trace_lock+0xac/0x490 [ 1395.484692] ? io_connect+0x610/0x610 [ 1395.485172] ? __lockdep_reset_lock+0x180/0x180 [ 1395.485776] ? lock_acquire+0x197/0x470 [ 1395.486274] ? find_held_lock+0x2c/0x110 [ 1395.486791] __io_queue_sqe+0x90/0x9d0 [ 1395.487281] ? rwlock_bug.part.0+0x90/0x90 [ 1395.487814] ? io_issue_sqe+0x77b0/0x77b0 [ 1395.488334] ? do_raw_spin_unlock+0x4f/0x220 [ 1395.488885] ? _raw_spin_unlock+0x1a/0x30 [ 1395.489404] ? io_drain_req+0x603/0xb20 [ 1395.489922] io_submit_sqes+0x44aa/0x8610 [ 1395.490465] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.491088] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.491694] ? find_held_lock+0x2c/0x110 [ 1395.492209] ? io_submit_sqes+0x8610/0x8610 [ 1395.492759] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1395.493369] ? wait_for_completion_io+0x270/0x270 [ 1395.493989] ? rcu_read_lock_any_held+0x75/0xa0 [ 1395.494576] ? vfs_write+0x354/0xb10 [ 1395.495044] ? fput_many+0x2f/0x1a0 [ 1395.495142] FAULT_INJECTION: forcing a failure. [ 1395.495142] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.495502] ? ksys_write+0x1a9/0x260 [ 1395.495515] ? __ia32_sys_read+0xb0/0xb0 [ 1395.495532] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.498478] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.499129] do_syscall_64+0x33/0x40 [ 1395.499597] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.500245] RIP: 0033:0x7fa048f33b19 [ 1395.500711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.503026] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1395.503983] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1395.504877] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1395.505786] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1395.506679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1395.507574] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1395.508490] CPU: 0 PID: 8563 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1395.509332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.510356] Call Trace: [ 1395.510678] dump_stack+0x107/0x167 [ 1395.511124] should_fail.cold+0x5/0xa [ 1395.511590] ? create_object.isra.0+0x3a/0xa20 [ 1395.512152] should_failslab+0x5/0x20 [ 1395.512617] kmem_cache_alloc+0x5b/0x310 [ 1395.513112] ? mark_held_locks+0x9e/0xe0 [ 1395.513661] create_object.isra.0+0x3a/0xa20 [ 1395.514197] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1395.514823] kmem_cache_alloc_bulk+0x168/0x320 [ 1395.515385] io_submit_sqes+0x6fe6/0x8610 [ 1395.515916] ? __do_sys_io_uring_enter+0x6b2/0x1890 23:26:16 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) [ 1395.516524] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.526080] ? find_held_lock+0x2c/0x110 [ 1395.526583] ? io_submit_sqes+0x8610/0x8610 [ 1395.527115] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1395.527706] ? wait_for_completion_io+0x270/0x270 [ 1395.528295] ? rcu_read_lock_any_held+0x75/0xa0 [ 1395.528859] ? vfs_write+0x354/0xb10 [ 1395.529313] ? fput_many+0x2f/0x1a0 [ 1395.529776] ? ksys_write+0x1a9/0x260 [ 1395.530240] ? __ia32_sys_read+0xb0/0xb0 [ 1395.530737] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.531374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.532002] do_syscall_64+0x33/0x40 [ 1395.532454] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.533077] RIP: 0033:0x7f33fff70b19 [ 1395.533537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.535778] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1395.536703] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1395.537625] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1395.538494] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1395.539362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1395.540229] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:26:16 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:16 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 23:26:16 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000240)={@remote, 0x7f}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'sit0\x00', &(0x7f0000000540)={'sit0\x00', 0x0, 0x2f, 0x67, 0x0, 0x6c, 0x10, @empty, @rand_addr=' \x01\x00', 0x8000, 0x1, 0x80}}) r2 = dup2(r0, r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, @perf_bp={&(0x7f00000002c0), 0x6}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, r2, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000040)={'gretap0\x00', &(0x7f0000000000)={'gre0\x00', r1, 0x80, 0x8, 0xfffffff8, 0x200, {{0x7, 0x4, 0x0, 0x6, 0x1c, 0x65, 0x0, 0x5, 0x2f, 0x0, @broadcast, @empty, {[@generic={0x44, 0x7, "c47c28436e"}]}}}}}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000400)=ANY=[@ANYBLOB="6fd1968e122bd60233010000000100000018ea9bba2594d193c6689a2db66f538632bef0e4e250f3f5bb7a48cf2b01f3252fc17908e6723bfa3d8304c5a2dcf15eb0a9babc8b173e2100702b5965f639525fe24572183e352af75d81bd1d4357108ece43db34a3490f6b3f930cb1223310f72fd37cfa47de76ef19bf51933f30fc40d88f75604fc3ec097d7294b69c45526c0a3d2a14f1d3cffed557478c3b19b3b4b454ab54d982ea9c718b791a87088f4c3ada294282691b7991c5bb0da6d0c730816d65ec17437edcfa83ff6ee395092bafd07f25f6906e7cbc9ff6a680303bde840a482fcd9085199626bf98b346", @ANYRES32=r3, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="0200000000000000"]) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f0000000080)=0xc0) fsetxattr$security_ima(r2, &(0x7f0000000100), &(0x7f0000000140)=ANY=[@ANYBLOB="180f3281"], 0x3, 0x2) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r7, 0xffffffffffffffff, 0x0) ioctl$HIDIOCINITREPORT(r6, 0x4805, 0x0) r8 = dup2(r7, r7) ioctl$HIDIOCINITREPORT(r8, 0x550c, 0x20000000) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) [ 1395.646142] FAULT_INJECTION: forcing a failure. [ 1395.646142] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1395.648095] CPU: 0 PID: 8579 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1395.648924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.649998] Call Trace: [ 1395.650328] dump_stack+0x107/0x167 [ 1395.650774] should_fail.cold+0x5/0xa [ 1395.651247] _copy_from_user+0x2e/0x1b0 [ 1395.651739] __copy_msghdr_from_user+0x91/0x4b0 [ 1395.652306] ? __ia32_sys_shutdown+0x80/0x80 [ 1395.652850] ? unwind_next_frame+0x13ef/0x1a90 [ 1395.653407] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.654068] ? 0xffffffffa0000000 [ 1395.654503] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1395.655053] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1395.655709] ? create_prof_cpu_mask+0x20/0x20 [ 1395.656257] ? arch_stack_walk+0x99/0xf0 [ 1395.656765] io_recvmsg+0xae8/0xd70 [ 1395.657212] ? kfree+0xd7/0x340 [ 1395.657638] ? lock_chain_count+0x20/0x20 [ 1395.658146] ? io_sendmsg+0x830/0x830 [ 1395.658614] ? kfree+0xd7/0x340 [ 1395.659024] ? mark_lock+0xf5/0x2df0 [ 1395.659479] ? slab_free_freelist_hook+0xa9/0x180 [ 1395.660069] ? mark_lock+0xf5/0x2df0 [ 1395.660527] ? lock_chain_count+0x20/0x20 [ 1395.661037] ? lock_chain_count+0x20/0x20 [ 1395.661577] ? __lock_acquire+0xbb1/0x5b00 [ 1395.662112] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1395.662765] io_issue_sqe+0x3bd6/0x77b0 [ 1395.663264] ? perf_trace_lock+0xac/0x490 [ 1395.663773] ? io_connect+0x610/0x610 [ 1395.664242] ? __lockdep_reset_lock+0x180/0x180 [ 1395.664817] ? lock_acquire+0x197/0x470 [ 1395.665319] ? find_held_lock+0x2c/0x110 [ 1395.665846] __io_queue_sqe+0x90/0x9d0 [ 1395.666323] ? rwlock_bug.part.0+0x90/0x90 [ 1395.666843] ? io_issue_sqe+0x77b0/0x77b0 [ 1395.667351] ? do_raw_spin_unlock+0x4f/0x220 [ 1395.667890] ? _raw_spin_unlock+0x1a/0x30 [ 1395.668398] ? io_drain_req+0x603/0xb20 [ 1395.668892] io_submit_sqes+0x44aa/0x8610 [ 1395.669422] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.670051] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.670645] ? find_held_lock+0x2c/0x110 [ 1395.671147] ? io_submit_sqes+0x8610/0x8610 [ 1395.671689] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1395.672285] ? wait_for_completion_io+0x270/0x270 [ 1395.672878] ? rcu_read_lock_any_held+0x75/0xa0 [ 1395.673449] ? vfs_write+0x354/0xb10 [ 1395.673924] ? fput_many+0x2f/0x1a0 [ 1395.674372] ? ksys_write+0x1a9/0x260 [ 1395.674845] ? __ia32_sys_read+0xb0/0xb0 [ 1395.675346] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.675988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.676623] do_syscall_64+0x33/0x40 [ 1395.677079] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.677723] RIP: 0033:0x7fa048f33b19 [ 1395.678178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.680425] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1395.681359] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1395.682246] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1395.683119] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1395.683992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 23:26:16 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1395.684866] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:26:16 executing program 1: semtimedop(0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000000280), 0xc}, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x0) r1 = syz_open_dev$evdev(&(0x7f00000002c0), 0x0, 0x8802) r2 = fcntl$dupfd(r1, 0x0, r0) writev(r2, &(0x7f0000000140)=[{&(0x7f0000000300)="0040abe02400030021206cda3b5e5672b89aeddb2a535fbd", 0x7e0}], 0x1) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x4) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000002, 0x4010, r3, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000980), 0xa6f) r6 = accept4$unix(r3, 0x0, &(0x7f0000000040), 0x800) clock_gettime(0x0, &(0x7f0000000ac0)={0x0, 0x0}) recvmmsg$unix(r6, &(0x7f0000000a00)=[{{&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000100)=""/12, 0xc}, {&(0x7f0000000180)=""/55, 0x37}, {&(0x7f0000000440)=""/198, 0xc6}, {&(0x7f00000001c0)=""/89, 0x59}, {&(0x7f0000000340)=""/144, 0x90}, {&(0x7f0000000540)=""/180, 0xb4}, {&(0x7f0000000240)=""/27, 0x1b}], 0x7}}, {{&(0x7f0000000680), 0x6e, &(0x7f0000000840)=[{&(0x7f0000000700)=""/105, 0x69}, {&(0x7f0000000780)=""/146, 0x92}], 0x2, &(0x7f0000000880)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}}, {{&(0x7f0000000900), 0x6e, &(0x7f0000000980), 0x0, &(0x7f00000009c0)}}], 0x3, 0x40002041, &(0x7f0000000b00)={r7, r8+60000000}) ioctl$CDROM_SELECT_SPEED(r4, 0x1269, 0x20000000) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f00000009c0)=0x8) 23:26:16 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) 23:26:16 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:16 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1395.782342] FAULT_INJECTION: forcing a failure. [ 1395.782342] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.783854] CPU: 1 PID: 8589 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1395.784701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1395.785746] Call Trace: [ 1395.786081] dump_stack+0x107/0x167 [ 1395.786537] should_fail.cold+0x5/0xa [ 1395.787016] ? create_object.isra.0+0x3a/0xa20 [ 1395.787587] should_failslab+0x5/0x20 [ 1395.788064] kmem_cache_alloc+0x5b/0x310 [ 1395.788571] ? mark_held_locks+0x9e/0xe0 [ 1395.789085] create_object.isra.0+0x3a/0xa20 [ 1395.789646] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1395.790283] kmem_cache_alloc_bulk+0x168/0x320 [ 1395.790861] io_submit_sqes+0x6fe6/0x8610 [ 1395.791403] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.792032] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1395.792641] ? find_held_lock+0x2c/0x110 [ 1395.793161] ? io_submit_sqes+0x8610/0x8610 [ 1395.793722] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1395.794331] ? wait_for_completion_io+0x270/0x270 [ 1395.794943] ? rcu_read_lock_any_held+0x75/0xa0 [ 1395.795523] ? vfs_write+0x354/0xb10 [ 1395.795992] ? fput_many+0x2f/0x1a0 [ 1395.796451] ? ksys_write+0x1a9/0x260 [ 1395.796929] ? __ia32_sys_read+0xb0/0xb0 [ 1395.797439] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1395.798116] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1395.798766] do_syscall_64+0x33/0x40 [ 1395.799232] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1395.799874] RIP: 0033:0x7f33fff70b19 [ 1395.800341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1395.802660] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1395.803616] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1395.804511] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1395.805404] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1395.806309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1395.807202] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:26:16 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:31 executing program 0: syz_open_procfs(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000700), 0x4}, 0x0, 0x2000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f00000000c0)=0x328) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x283, &(0x7f0000000000)=0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x29, 0x4c, 0x3f, 0x0, 0x100000000, 0x3, 0x6, 0x7aff, 0x165, 0x40, 0x208, 0x3, 0x0, 0x38, 0x1, 0x7e, 0x3, 0x1000}, [{0x4, 0x10001, 0x10000, 0x10000, 0x1f, 0x7fff, 0xfffffffffffffff8, 0x6}], "cca29b071fed19a20aba572c40752b6ab42320bf79a81721141da47d18212e20323585e2ec5fec6382c772718641279872b3c322e79cd5b7613456303cb44c95ce6333e413ef58ec00ac6a4124f8cdeb9de80ee420b498779707970ac036900ee01cf8a74a9af7aed625df3aab5f8a4e41420c05c2bcc5f1e9d712156f4fdc8fcf070eba369b1a1a7cb2a17e6b3f56e0e6413dbda2d383eec8099b527421e28a98cca7e73af5f776ead82251103059edc6ec2e8f3f8c92a387188d23ee9ca0931627236e65ccd756d6d36b48a3351b79319fb35ad25308ea8da341dc886434b1bb", ['\x00', '\x00', '\x00']}, 0x459) io_submit(r2, 0x1, &(0x7f00000015c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0xffff) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffc, 0x0, 0x0, @buffer={0x0, 0x1000, &(0x7f0000001e00)=""/4096}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000180)={@remote}, &(0x7f00000001c0)=0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x20, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x4}]}, 0x20}}, 0x0) fallocate(r4, 0x8, 0x8, 0x9) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) 23:26:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0xca}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) r2 = signalfd(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000007f00000018000000", @ANYBLOB="ff9d23b4c397315269b614da96295d7a529a98df0068cecc3c3dd0ca878f4f4d23fee3f9cf089332fbaad75e412fc82a477b5058"]) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x0, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x0, "46dacd8396fe92"}) ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0xd0009411, &(0x7f000004cc80)={{0x0, 0x2, 0xfffffffffffffff9, 0x6d, 0xa6, 0x1ff, 0x4e4, 0xe49f, 0x4, 0x7fffffff, 0x5, 0x2, 0xe6b, 0x0, 0x20}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004dc80)) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) lseek(r1, 0x0, 0x2) r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x128) copy_file_range(r6, 0x0, r1, 0x0, 0x200f5ef, 0x0) 23:26:31 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:26:31 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:31 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:31 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) 23:26:31 executing program 1: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r0 = syz_io_uring_setup(0x4, &(0x7f0000000480), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)) pipe2(&(0x7f00000000c0), 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/cgroups\x00', 0x0, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000002c0), 0xe83, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r2, 0x0, 0x9bbb) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f0000000140)=@abs, 0x6e, &(0x7f0000000a40)=[{&(0x7f00000001c0)=""/252, 0xfc}, {&(0x7f00000007c0)=""/201, 0xc9}, {&(0x7f0000000600)=""/169, 0xa9}, {&(0x7f0000000900)=""/100, 0x64}, {&(0x7f00000006c0)=""/249, 0xf9}, {&(0x7f0000000c80)=""/202, 0xca}, {&(0x7f0000000500)=""/173, 0xad}, {&(0x7f00000009c0)=""/123, 0x7b}, {&(0x7f0000000080)=""/35, 0x23}], 0x9, &(0x7f0000000b00)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}, 0x40000000) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x3}, 0x8001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0xff30, 0x3, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f0000000bc0)={{0x1, 0x1, 0x18, r0, @in_args={0x4}}, './file0\x00'}) io_uring_enter(r5, 0x5355, 0x547e, 0x0, &(0x7f0000000c00)={[0xd4]}, 0x8) 23:26:31 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) [ 1410.596066] FAULT_INJECTION: forcing a failure. [ 1410.596066] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.597672] CPU: 1 PID: 8615 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1410.598581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.599694] Call Trace: [ 1410.600049] dump_stack+0x107/0x167 [ 1410.600531] should_fail.cold+0x5/0xa [ 1410.601040] ? io_setup_async_msg+0xda/0x2d0 [ 1410.601623] should_failslab+0x5/0x20 [ 1410.602143] __kmalloc+0x72/0x390 [ 1410.602608] io_setup_async_msg+0xda/0x2d0 [ 1410.603165] io_recvmsg+0xc26/0xd70 [ 1410.603652] ? io_sendmsg+0x830/0x830 [ 1410.604156] ? kfree+0xd7/0x340 [ 1410.604600] ? mark_lock+0xf5/0x2df0 [ 1410.605093] ? slab_free_freelist_hook+0xa9/0x180 [ 1410.605732] ? mark_lock+0xf5/0x2df0 [ 1410.606277] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1410.606983] io_issue_sqe+0x3bd6/0x77b0 [ 1410.607524] ? perf_trace_lock+0xac/0x490 [ 1410.608076] ? io_connect+0x610/0x610 [ 1410.608582] ? __lockdep_reset_lock+0x180/0x180 [ 1410.609203] ? lock_acquire+0x197/0x470 [ 1410.609727] ? find_held_lock+0x2c/0x110 [ 1410.610299] __io_queue_sqe+0x90/0x9d0 [ 1410.610815] ? rwlock_bug.part.0+0x90/0x90 [ 1410.611378] ? io_issue_sqe+0x77b0/0x77b0 [ 1410.611927] ? do_raw_spin_unlock+0x4f/0x220 [ 1410.612510] ? _raw_spin_unlock+0x1a/0x30 [ 1410.613059] ? io_drain_req+0x603/0xb20 [ 1410.613594] io_submit_sqes+0x44aa/0x8610 [ 1410.614204] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1410.614887] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1410.615531] ? find_held_lock+0x2c/0x110 [ 1410.616076] ? io_submit_sqes+0x8610/0x8610 [ 1410.616656] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1410.617299] ? wait_for_completion_io+0x270/0x270 [ 1410.617943] ? rcu_read_lock_any_held+0x75/0xa0 [ 1410.618574] ? vfs_write+0x354/0xb10 [ 1410.619070] ? fput_many+0x2f/0x1a0 [ 1410.619554] ? ksys_write+0x1a9/0x260 [ 1410.620058] ? __ia32_sys_read+0xb0/0xb0 [ 1410.620599] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.621290] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.621977] do_syscall_64+0x33/0x40 [ 1410.622481] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.623159] RIP: 0033:0x7fa048f33b19 [ 1410.623650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.626065] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1410.627327] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1410.628263] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 23:26:31 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1410.629199] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1410.630160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1410.631100] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1410.638591] FAULT_INJECTION: forcing a failure. [ 1410.638591] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.640109] CPU: 1 PID: 8618 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1410.641002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.642097] Call Trace: [ 1410.642463] dump_stack+0x107/0x167 [ 1410.642947] should_fail.cold+0x5/0xa [ 1410.643453] ? create_object.isra.0+0x3a/0xa20 [ 1410.644064] should_failslab+0x5/0x20 [ 1410.644600] kmem_cache_alloc+0x5b/0x310 [ 1410.645140] ? mark_held_locks+0x9e/0xe0 [ 1410.645682] create_object.isra.0+0x3a/0xa20 [ 1410.646280] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1410.646956] kmem_cache_alloc_bulk+0x168/0x320 [ 1410.647565] io_submit_sqes+0x6fe6/0x8610 [ 1410.648139] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1410.648795] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1410.649436] ? find_held_lock+0x2c/0x110 [ 1410.649979] ? io_submit_sqes+0x8610/0x8610 [ 1410.650582] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1410.651222] ? wait_for_completion_io+0x270/0x270 [ 1410.651863] ? rcu_read_lock_any_held+0x75/0xa0 [ 1410.652476] ? vfs_write+0x354/0xb10 [ 1410.652971] ? fput_many+0x2f/0x1a0 [ 1410.653462] ? ksys_write+0x1a9/0x260 [ 1410.653967] ? __ia32_sys_read+0xb0/0xb0 [ 1410.654532] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.655223] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.655906] do_syscall_64+0x33/0x40 [ 1410.656398] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.657075] RIP: 0033:0x7f33fff70b19 [ 1410.657567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.660005] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1410.661005] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1410.661941] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1410.662896] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1410.663831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1410.664768] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:26:31 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) read(0xffffffffffffffff, &(0x7f0000002880)=""/196, 0xc4) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x3) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x20000881) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') r3 = openat$cgroup_devices(r2, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0) read(r3, &(0x7f0000000340)=""/113, 0x71) pread64(r2, &(0x7f0000002100)=""/4083, 0xff3, 0x20000000000000) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r4, 0x0, 0x0, 0x1000002) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r4, 0x0) 23:26:31 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:31 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:31 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x41000, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3876, &(0x7f0000003480)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/cpuinfo\x00', 0x0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) timer_create(0x3, &(0x7f0000000240)={0x0, 0x3d, 0x1, @tid=0xffffffffffffffff}, &(0x7f00000003c0)) r5 = socket$inet(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000440)=[r4, r3, r5], 0x3}, 0x0) syz_open_procfs(0x0, &(0x7f0000000400)='oom_score\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000000c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x2007, @fd_index=0x9, 0xffffffffffffffe0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/221, 0xdd}, {&(0x7f0000000300)=""/179, 0xb3}], 0x2, 0x3, 0x2}, 0x2) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r7, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:31 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:31 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:32 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) 23:26:32 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) 23:26:32 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1411.108575] FAULT_INJECTION: forcing a failure. [ 1411.108575] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1411.110234] CPU: 1 PID: 8644 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1411.111133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1411.112216] Call Trace: [ 1411.112571] dump_stack+0x107/0x167 [ 1411.113057] should_fail.cold+0x5/0xa [ 1411.113568] _copy_from_user+0x2e/0x1b0 [ 1411.114117] __copy_msghdr_from_user+0x91/0x4b0 [ 1411.114737] ? __ia32_sys_shutdown+0x80/0x80 [ 1411.115319] ? perf_trace_lock+0xac/0x490 [ 1411.115867] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1411.116584] ? __lockdep_reset_lock+0x180/0x180 [ 1411.117206] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1411.117795] ? find_held_lock+0x2c/0x110 [ 1411.118354] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1411.119058] ? lock_chain_count+0x20/0x20 [ 1411.119609] ? __is_insn_slot_addr+0x123/0x290 [ 1411.120216] ? lock_chain_count+0x20/0x20 [ 1411.120772] io_recvmsg+0xae8/0xd70 [ 1411.121254] ? 0xffffffffa0000000 [ 1411.121717] ? io_sendmsg+0x830/0x830 [ 1411.122253] ? mark_lock+0xf5/0x2df0 [ 1411.122752] ? mark_lock+0xf5/0x2df0 [ 1411.123250] ? lock_chain_count+0x20/0x20 [ 1411.123798] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1411.124490] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1411.125205] ? lock_chain_count+0x20/0x20 [ 1411.125757] ? register_lock_class+0xbb/0x17b0 [ 1411.126379] ? __lockdep_reset_lock+0x180/0x180 [ 1411.127001] ? is_dynamic_key+0x1e0/0x1e0 [ 1411.127552] ? lock_acquire+0x197/0x470 [ 1411.128097] io_issue_sqe+0x3bd6/0x77b0 [ 1411.128637] ? lock_chain_count+0x20/0x20 [ 1411.129188] ? perf_trace_lock+0xac/0x490 [ 1411.129738] ? io_connect+0x610/0x610 [ 1411.130272] ? __lockdep_reset_lock+0x180/0x180 [ 1411.130897] ? lock_acquire+0x197/0x470 [ 1411.131426] ? find_held_lock+0x2c/0x110 [ 1411.131978] __io_queue_sqe+0x90/0x9d0 [ 1411.132498] ? rwlock_bug.part.0+0x90/0x90 [ 1411.133062] ? io_issue_sqe+0x77b0/0x77b0 [ 1411.133611] ? do_raw_spin_unlock+0x4f/0x220 [ 1411.134213] ? _raw_spin_unlock+0x1a/0x30 [ 1411.134763] ? io_drain_req+0x603/0xb20 [ 1411.135300] io_submit_sqes+0x44aa/0x8610 [ 1411.135880] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1411.136541] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1411.137187] ? find_held_lock+0x2c/0x110 [ 1411.137731] ? io_submit_sqes+0x8610/0x8610 [ 1411.138333] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1411.138977] ? wait_for_completion_io+0x270/0x270 [ 1411.139618] ? rcu_read_lock_any_held+0x75/0xa0 [ 1411.140237] ? vfs_write+0x354/0xb10 [ 1411.140731] ? fput_many+0x2f/0x1a0 [ 1411.141218] ? ksys_write+0x1a9/0x260 [ 1411.141724] ? __ia32_sys_read+0xb0/0xb0 [ 1411.142289] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1411.142983] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1411.143666] do_syscall_64+0x33/0x40 [ 1411.144160] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1411.144836] RIP: 0033:0x7f33fff70b19 [ 1411.145334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1411.147756] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1411.148764] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1411.149704] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1411.150656] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1411.151593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1411.152530] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1411.153333] FAULT_INJECTION: forcing a failure. [ 1411.153333] name failslab, interval 1, probability 0, space 0, times 0 [ 1411.156099] CPU: 0 PID: 8648 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1411.156982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1411.157983] Call Trace: [ 1411.158330] dump_stack+0x107/0x167 [ 1411.158775] should_fail.cold+0x5/0xa [ 1411.159248] ? create_object.isra.0+0x3a/0xa20 [ 1411.159805] should_failslab+0x5/0x20 [ 1411.160269] kmem_cache_alloc+0x5b/0x310 [ 1411.160766] create_object.isra.0+0x3a/0xa20 [ 1411.161299] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1411.161921] __kmalloc+0x16e/0x390 [ 1411.162385] io_setup_async_msg+0xda/0x2d0 [ 1411.162902] io_recvmsg+0xc26/0xd70 [ 1411.163354] ? io_sendmsg+0x830/0x830 [ 1411.163820] ? kfree+0xd7/0x340 [ 1411.164229] ? mark_lock+0xf5/0x2df0 [ 1411.164683] ? slab_free_freelist_hook+0xa9/0x180 [ 1411.165271] ? mark_lock+0xf5/0x2df0 [ 1411.165749] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1411.166418] io_issue_sqe+0x3bd6/0x77b0 [ 1411.166915] ? perf_trace_lock+0xac/0x490 [ 1411.167422] ? io_connect+0x610/0x610 [ 1411.167890] ? __lockdep_reset_lock+0x180/0x180 [ 1411.168466] ? lock_acquire+0x197/0x470 [ 1411.168951] ? find_held_lock+0x2c/0x110 [ 1411.169458] __io_queue_sqe+0x90/0x9d0 [ 1411.169935] ? rwlock_bug.part.0+0x90/0x90 [ 1411.170468] ? io_issue_sqe+0x77b0/0x77b0 [ 1411.170975] ? do_raw_spin_unlock+0x4f/0x220 [ 1411.171518] ? _raw_spin_unlock+0x1a/0x30 [ 1411.172024] ? io_drain_req+0x603/0xb20 [ 1411.172516] io_submit_sqes+0x44aa/0x8610 [ 1411.173046] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1411.173656] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1411.174280] ? find_held_lock+0x2c/0x110 [ 1411.174785] ? io_submit_sqes+0x8610/0x8610 [ 1411.175321] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1411.175918] ? wait_for_completion_io+0x270/0x270 [ 1411.176512] ? rcu_read_lock_any_held+0x75/0xa0 [ 1411.177085] ? vfs_write+0x354/0xb10 [ 1411.177542] ? fput_many+0x2f/0x1a0 [ 1411.177989] ? ksys_write+0x1a9/0x260 [ 1411.178479] ? __ia32_sys_read+0xb0/0xb0 [ 1411.178980] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1411.179626] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1411.180269] do_syscall_64+0x33/0x40 [ 1411.180728] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1411.181359] RIP: 0033:0x7fa048f33b19 [ 1411.181815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1411.184093] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1411.185028] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1411.185901] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1411.186789] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1411.187667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1411.188546] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:26:46 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(0x0, 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:46 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 23:26:46 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:26:46 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) 23:26:46 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:26:46 executing program 4: r0 = open$dir(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) lseek(r0, 0x0, 0x3) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000080), &(0x7f0000000400)=ANY=[@ANYBLOB="00fb2a0314e90a77b4c4c697061c639f3d04022023a20e174c9bf604aec562ff9112ef2d"], 0x2a, 0x2) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a91ce6ccb5e3206389", 0x27) fallocate(r2, 0x2, 0x2, 0x6985) getsockopt$ARPT_SO_GET_INFO(r1, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x0, [0xfffff4b7, 0xb6, 0x401]}, &(0x7f00000001c0)=0x44) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef) ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000440)={{0x134, 0x1}, 0x100, './file1\x00'}) timerfd_create(0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYRES16=r3, @ANYBLOB="000229bd7000ffdbdf25370000000c009900010400006a00000008009f000700000005001801110000000800a10004000000"], 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x8}, 0x10003) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_SEND={0x1a, 0x3, 0x0, r1, 0x0, &(0x7f0000000580)="4f1913a58083af3f2be871be24d806fb7eefa5edcf9578215dadfce07ea8183c6885a820d326905bf380abc880493307449ff429e448fbf291dd466624fd95255072b1066b2c472a646cae0334534bfc3d8368fc9a7fe46c39983ce53b1fb68f2ab17d42ed08a99dc4da1efa2b6eabdfd6190468a3143060d7818fad6a3d57872e43814fa815794d620d36a4b57219838204bc415427a7a61c895ed8ea2fd90e88973030ed9e9aabf0164623", 0xac, 0x40000, 0x1}, 0x8000) open_tree(r0, &(0x7f0000000100)='./file1\x00', 0x100) timerfd_create(0x0, 0x0) unshare(0x48020200) 23:26:46 executing program 1: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:46 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="eb6cda4400036021582fbd75ac8e7fe6f873f09363ce9b4160c742e027ff59fe779b23b962e633bdc0422d00"/54]) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r1, r0, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e21, 0xa8b, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}, 0x1c) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x101000, 0x0) [ 1425.531723] FAULT_INJECTION: forcing a failure. [ 1425.531723] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.533278] CPU: 1 PID: 8668 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1425.534126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1425.535228] Call Trace: [ 1425.535587] dump_stack+0x107/0x167 [ 1425.536050] should_fail.cold+0x5/0xa [ 1425.536526] ? io_setup_async_msg+0xda/0x2d0 [ 1425.537076] should_failslab+0x5/0x20 [ 1425.537548] __kmalloc+0x72/0x390 [ 1425.537983] io_setup_async_msg+0xda/0x2d0 [ 1425.538508] io_recvmsg+0xc26/0xd70 [ 1425.539010] ? io_sendmsg+0x830/0x830 [ 1425.539496] ? mark_lock+0xf5/0x2df0 [ 1425.539990] ? mark_lock+0xf5/0x2df0 [ 1425.540464] ? register_lock_class+0xbb/0x17b0 [ 1425.541035] ? __lockdep_reset_lock+0x180/0x180 [ 1425.541633] ? is_dynamic_key+0x1e0/0x1e0 [ 1425.542187] ? lock_acquire+0x197/0x470 [ 1425.542756] io_issue_sqe+0x3bd6/0x77b0 [ 1425.543262] ? lock_chain_count+0x20/0x20 [ 1425.543520] FAULT_INJECTION: forcing a failure. [ 1425.543520] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1425.543782] ? perf_trace_lock+0xac/0x490 [ 1425.545695] ? io_connect+0x610/0x610 [ 1425.546198] ? __lockdep_reset_lock+0x180/0x180 [ 1425.550838] ? lock_acquire+0x197/0x470 [ 1425.551334] ? find_held_lock+0x2c/0x110 [ 1425.551894] __io_queue_sqe+0x90/0x9d0 [ 1425.552385] ? rwlock_bug.part.0+0x90/0x90 [ 1425.552947] ? io_issue_sqe+0x77b0/0x77b0 [ 1425.553463] ? do_raw_spin_unlock+0x4f/0x220 [ 1425.554015] ? _raw_spin_unlock+0x1a/0x30 [ 1425.554531] ? io_drain_req+0x603/0xb20 [ 1425.555068] io_submit_sqes+0x44aa/0x8610 [ 1425.555610] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1425.556279] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1425.556909] ? find_held_lock+0x2c/0x110 [ 1425.557419] ? io_submit_sqes+0x8610/0x8610 [ 1425.557967] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1425.558573] ? wait_for_completion_io+0x270/0x270 [ 1425.559257] ? rcu_read_lock_any_held+0x75/0xa0 [ 1425.559869] ? vfs_write+0x354/0xb10 [ 1425.560336] ? fput_many+0x2f/0x1a0 [ 1425.560793] ? ksys_write+0x1a9/0x260 [ 1425.561269] ? __ia32_sys_read+0xb0/0xb0 [ 1425.561823] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1425.562484] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1425.563191] do_syscall_64+0x33/0x40 [ 1425.563659] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1425.564300] RIP: 0033:0x7f33fff70b19 [ 1425.564764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1425.567177] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1425.568129] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1425.569052] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1425.569973] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1425.570887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1425.571777] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1425.572688] CPU: 0 PID: 8670 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1425.573566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1425.574603] Call Trace: [ 1425.574934] dump_stack+0x107/0x167 [ 1425.575379] should_fail.cold+0x5/0xa [ 1425.575849] _copy_from_user+0x2e/0x1b0 [ 1425.576339] __copy_msghdr_from_user+0x91/0x4b0 [ 1425.576954] ? __ia32_sys_shutdown+0x80/0x80 [ 1425.577496] ? unwind_next_frame+0x13ef/0x1a90 [ 1425.578077] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1425.578734] ? 0xffffffffa0000000 [ 1425.579163] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1425.579726] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1425.580407] ? create_prof_cpu_mask+0x20/0x20 [ 1425.580979] ? arch_stack_walk+0x99/0xf0 [ 1425.581482] io_recvmsg+0xae8/0xd70 [ 1425.581924] ? kfree+0xd7/0x340 [ 1425.582327] ? lock_chain_count+0x20/0x20 [ 1425.582845] ? io_sendmsg+0x830/0x830 [ 1425.583309] ? kfree+0xd7/0x340 [ 1425.583733] ? mark_lock+0xf5/0x2df0 [ 1425.584218] ? slab_free_freelist_hook+0xa9/0x180 [ 1425.584832] ? mark_lock+0xf5/0x2df0 [ 1425.585286] ? lock_chain_count+0x20/0x20 [ 1425.585793] ? lock_chain_count+0x20/0x20 [ 1425.586297] ? __lock_acquire+0xbb1/0x5b00 [ 1425.586884] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1425.587533] io_issue_sqe+0x3bd6/0x77b0 [ 1425.588056] ? perf_trace_lock+0xac/0x490 [ 1425.588560] ? io_connect+0x610/0x610 [ 1425.589024] ? __lockdep_reset_lock+0x180/0x180 [ 1425.589593] ? lock_acquire+0x197/0x470 [ 1425.590074] ? find_held_lock+0x2c/0x110 [ 1425.590575] __io_queue_sqe+0x90/0x9d0 [ 1425.591071] ? rwlock_bug.part.0+0x90/0x90 [ 1425.591590] ? io_issue_sqe+0x77b0/0x77b0 [ 1425.592096] ? do_raw_spin_unlock+0x4f/0x220 [ 1425.592628] ? _raw_spin_unlock+0x1a/0x30 [ 1425.593130] ? io_drain_req+0x603/0xb20 [ 1425.593619] io_submit_sqes+0x44aa/0x8610 [ 1425.594157] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1425.594809] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1425.595395] ? find_held_lock+0x2c/0x110 [ 1425.595892] ? io_submit_sqes+0x8610/0x8610 [ 1425.596421] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1425.597057] ? wait_for_completion_io+0x270/0x270 [ 1425.597654] ? rcu_read_lock_any_held+0x75/0xa0 [ 1425.598235] ? vfs_write+0x354/0xb10 [ 1425.598700] ? fput_many+0x2f/0x1a0 [ 1425.599143] ? ksys_write+0x1a9/0x260 [ 1425.599606] ? __ia32_sys_read+0xb0/0xb0 [ 1425.600107] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1425.600756] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1425.601418] do_syscall_64+0x33/0x40 [ 1425.601901] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1425.602521] RIP: 0033:0x7fa048f33b19 [ 1425.602985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1425.605286] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1425.606207] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1425.607082] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1425.607994] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1425.608890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1425.609753] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:26:46 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(0x0, 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:26:46 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1440.650395] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1440.655206] FAULT_INJECTION: forcing a failure. [ 1440.655206] name failslab, interval 1, probability 0, space 0, times 0 [ 1440.656752] CPU: 1 PID: 8690 Comm: syz-executor.2 Not tainted 5.10.228 #1 23:27:01 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0) utime(&(0x7f00000002c0)='./file0\x00', 0x0) 23:27:01 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:27:01 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) 23:27:01 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(0x0, 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:27:01 executing program 1: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000009c0)=ANY=[@ANYBLOB="98000000200039040000000000000000020000000dc0c23671f1a964651e4d52c3dc9432e6af519d60c901a7ea83dce8f6a9c36adbbf7c23348ed7953cc124f0f2e2f1324bf1187b4e1f5a7bf5116e03f38056144e579e46004fbfb9ae99572129d57aa41a4c792b56978ebd2e72f57ca14145d7bcd879afed4e97abd691d56cf2d815f272170c0011000000000000000000bb3e3c7562af739c74b82fd57e7bd51e163e9c2394948632056b9357f234b64631cba457c59e6d0eae9098c89e3c7aa8b1cbc03bd674263161cff69945516e14595dfad881c353d7fb9bbdc2fb19f3306b4f29f5ac8dddb92ee4fe33f6e190dffd186aa055b9a9547a834f1d619073f3ccf4b3acda5d78a8cff254a2de72f20938d689ca4044fab0a3ee36278183e00f05d56ee58c70cc78f1fe11e55c898d61e09dd9ec4bdefd952f33df697d06ffd93de78dd16ff6fabb99fb6b42eb449d317ff0f62c982878d984496c08a7a672102affbb245b18bb39d4a7b9a75298857b75fa243b23c8cf9643bb00000000005fcbeb7fd89947c9213bca5dc0b85ccc521acda794895462c77f5ff370f89a2e870f5d485e58951dd7d1e27236dc52ce2c5ad9c73e0a61401a4a516c41604d7981f0c5d28db9d69e06008070a1c8a29ab4b046f86a311abc00000000000000000000000021d58c77edb293cc9578f585bdd701f9ee2106436f5fcf55fe6240095b6b3d472798f8f9275542afa54cb35bead6ff06f9faacfe22aecf3a338b66d6b6d7493b8154647492b7504ee04560f3f09be3740b31fc8e83b0d8d71b009490cc8c05463d87a3dc636dd21e096d9d81c6d82e6476e7d92eac37b40eabf6c87bcf97f4e81c20d6cbc305948014b499ce164cd61e37a219f9e9d6192534a1e19508041dee4e6388131d075a48f73d985675042259c55328516aa0d7714a86cb42c54b353075a75bd6c97f07e67799bb3c4acdf717de323a07b094965969ea17dedd4e913cc697ce6454df791c397f653bc1d2408fe440061011d098bba54b0d10a129c468dc1c556c655499d5a8d997d7ba122c42209860f8dd4e3f2993f60563fbb3017e10130ba23b7a165e98be854f41773afda6d73adb0f00d1a977cbdb5c3cb7e00897420f0df622573b78bd6c04d38822dc8a2c0a34984c28fe9b13010e182ad77a6d7186202d8177d60129be4d487ab48759eabcb23ff4fc1a149c01dff17dca8148be0262812a00000000000000"], 0x98}}, 0x0) close_range(r1, r0, 0x0) fcntl$addseals(r1, 0x409, 0x8) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000440)=0x7, 0x4) syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x3, 0x8, &(0x7f0000000140)="ef3003e7d4d5730dd9bc0d2116cbd2ec2d4cef0397c67262d0882d05da47c1147ab3a8e1b3dfac797791d00529f0be39c7c3024d4751fcbfb4d3ec4b7b6dc1", 0x3f, 0xc, 0x1}, 0x9) dup2(0xffffffffffffffff, 0xffffffffffffffff) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0) r3 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, r2) add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r2) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) request_key(&(0x7f00000002c0)='id_legacy\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)='\x00', r3) futimesat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={{0x77359400}, {0x0, 0x2710}}) r4 = add_key(&(0x7f0000000200)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000540)="18726d0eed55eaa57fc580dc3a0b12e0a5ee08da294ac8119c4c73f93694f2a935d17a81959d084839f846dca8739131e4a9c45c6509af44529537eae3b5a4793a9a0aacfd7a75f2b566b874939829b82a35d20d1985a92c5d7ba971251e89286f64438db33a7f05fb0d1707fd3fa27a56032a79c1d09558fbbfcb2e5f36d3e7e1c749ad35c2064fa087cf6359507a36eb69853e0cdd920cbb7586aedf5a2e5a9a1a6b8d11c08a14918b01d07c92179dfae1ef58835b5fa4be28fbd3b3eac1c9f3cf74fbe25748c55d23902439133eecfafb2e0f", 0xd4, 0xfffffffffffffffa) add_key(0x0, 0x0, 0x0, 0x0, r4) add_key$keyring(&(0x7f0000000100), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa) unshare(0x48020200) 23:27:01 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:27:01 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) 23:27:01 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xdffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) sendmsg$TIPC_CMD_SET_LINK_TOL(r3, 0x0, 0x80) fallocate(r3, 0x0, 0x10001, 0x100) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x20000000, @remote}, 0x1c) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) r4 = socket$packet(0x11, 0x2, 0x300) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000200)={r6, 0x1, 0x6, @link_local}, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="687ec0b54fffdd686805f6e2e399ee4ccb96a906cefd6df85cbe1a8c7996", 0x1e}], 0x1, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @multicast1, @private=0xa010100}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xffff8001}}], 0x38}, 0x0) [ 1440.657603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1440.664170] Call Trace: [ 1440.664504] dump_stack+0x107/0x167 [ 1440.664958] should_fail.cold+0x5/0xa [ 1440.665433] ? create_object.isra.0+0x3a/0xa20 [ 1440.675573] should_failslab+0x5/0x20 [ 1440.676048] kmem_cache_alloc+0x5b/0x310 [ 1440.676680] create_object.isra.0+0x3a/0xa20 [ 1440.677223] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1440.677853] __kmalloc+0x16e/0x390 [ 1440.678301] io_setup_async_msg+0xda/0x2d0 [ 1440.678826] io_recvmsg+0xc26/0xd70 [ 1440.683314] ? io_sendmsg+0x830/0x830 [ 1440.683800] ? mark_lock+0xf5/0x2df0 [ 1440.684264] ? mark_lock+0xf5/0x2df0 [ 1440.684737] ? register_lock_class+0xbb/0x17b0 [ 1440.685305] ? __lockdep_reset_lock+0x180/0x180 [ 1440.685888] ? is_dynamic_key+0x1e0/0x1e0 [ 1440.686405] ? lock_acquire+0x197/0x470 [ 1440.686916] io_issue_sqe+0x3bd6/0x77b0 [ 1440.687441] ? lock_chain_count+0x20/0x20 [ 1440.687962] ? perf_trace_lock+0xac/0x490 [ 1440.688487] ? io_connect+0x610/0x610 [ 1440.688963] ? __lockdep_reset_lock+0x180/0x180 [ 1440.689551] ? lock_acquire+0x197/0x470 [ 1440.690047] ? find_held_lock+0x2c/0x110 [ 1440.690563] __io_queue_sqe+0x90/0x9d0 [ 1440.691049] ? rwlock_bug.part.0+0x90/0x90 [ 1440.691598] ? io_issue_sqe+0x77b0/0x77b0 [ 1440.692115] ? do_raw_spin_unlock+0x4f/0x220 [ 1440.692671] ? _raw_spin_unlock+0x1a/0x30 [ 1440.693187] ? io_drain_req+0x603/0xb20 [ 1440.693688] io_submit_sqes+0x44aa/0x8610 [ 1440.694227] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1440.694847] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1440.697119] device syz_tun entered promiscuous mode [ 1440.699474] ? find_held_lock+0x2c/0x110 [ 1440.699490] ? io_submit_sqes+0x8610/0x8610 [ 1440.699510] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1440.699525] ? wait_for_completion_io+0x270/0x270 [ 1440.699540] ? rcu_read_lock_any_held+0x75/0xa0 [ 1440.699552] ? vfs_write+0x354/0xb10 [ 1440.699564] ? fput_many+0x2f/0x1a0 [ 1440.699580] ? ksys_write+0x1a9/0x260 [ 1440.704326] ? __ia32_sys_read+0xb0/0xb0 [ 1440.704843] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1440.705500] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1440.706145] do_syscall_64+0x33/0x40 [ 1440.706610] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1440.707261] RIP: 0033:0x7f33fff70b19 [ 1440.707728] device syz_tun left promiscuous mode [ 1440.707737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1440.707747] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1440.711575] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1440.712466] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1440.713356] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1440.714243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1440.715135] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1440.731350] FAULT_INJECTION: forcing a failure. [ 1440.731350] name failslab, interval 1, probability 0, space 0, times 0 [ 1440.732783] CPU: 0 PID: 8691 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1440.733618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1440.734632] Call Trace: [ 1440.734963] dump_stack+0x107/0x167 [ 1440.735427] should_fail.cold+0x5/0xa [ 1440.735898] ? io_setup_async_msg+0xda/0x2d0 [ 1440.736438] should_failslab+0x5/0x20 [ 1440.736906] __kmalloc+0x72/0x390 [ 1440.737337] io_setup_async_msg+0xda/0x2d0 [ 1440.737855] io_recvmsg+0xc26/0xd70 [ 1440.738306] ? io_sendmsg+0x830/0x830 [ 1440.738774] ? kfree+0xd7/0x340 [ 1440.739210] ? mark_lock+0xf5/0x2df0 [ 1440.739677] ? slab_free_freelist_hook+0xa9/0x180 [ 1440.740269] ? mark_lock+0xf5/0x2df0 [ 1440.740748] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1440.741399] io_issue_sqe+0x3bd6/0x77b0 [ 1440.741896] ? perf_trace_lock+0xac/0x490 [ 1440.742405] ? io_connect+0x610/0x610 [ 1440.742873] ? __lockdep_reset_lock+0x180/0x180 [ 1440.747482] ? lock_acquire+0x197/0x470 [ 1440.747965] ? find_held_lock+0x2c/0x110 [ 1440.748465] __io_queue_sqe+0x90/0x9d0 [ 1440.748939] ? rwlock_bug.part.0+0x90/0x90 [ 1440.749454] ? io_issue_sqe+0x77b0/0x77b0 [ 1440.749961] ? do_raw_spin_unlock+0x4f/0x220 [ 1440.750500] ? _raw_spin_unlock+0x1a/0x30 [ 1440.751003] ? io_drain_req+0x603/0xb20 [ 1440.751513] io_submit_sqes+0x44aa/0x8610 [ 1440.752041] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1440.752650] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1440.753240] ? find_held_lock+0x2c/0x110 [ 1440.753738] ? io_submit_sqes+0x8610/0x8610 [ 1440.754271] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1440.754860] ? wait_for_completion_io+0x270/0x270 [ 1440.755469] ? rcu_read_lock_any_held+0x75/0xa0 [ 1440.756040] ? vfs_write+0x354/0xb10 [ 1440.756496] ? fput_many+0x2f/0x1a0 [ 1440.756942] ? ksys_write+0x1a9/0x260 [ 1440.757407] ? __ia32_sys_read+0xb0/0xb0 [ 1440.757905] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1440.758542] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1440.759180] do_syscall_64+0x33/0x40 [ 1440.759643] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1440.760268] RIP: 0033:0x7fa048f33b19 [ 1440.760723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1440.762972] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1440.763919] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1440.764787] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1440.765654] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1440.766521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1440.767405] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1440.786212] device syz_tun entered promiscuous mode [ 1440.790835] device syz_tun left promiscuous mode 23:27:01 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x3, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0xffff) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000200)) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00') readv(r2, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1) r3 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/4\x00') r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2200, 0x145) openat(r4, &(0x7f0000000140)='./file0\x00', 0x101002, 0x62) getdents(r4, &(0x7f0000000380)=""/78, 0x4e) bind$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @short}, 0xb) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000180)={'L+', 0x7fffffff}, 0x16, 0x2) getdents64(r3, &(0x7f0000000400)=""/172, 0xac) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x173000, 0x0) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) write$binfmt_elf64(r5, &(0x7f0000002700)=ANY=[@ANYBLOB="7f454c46057e093f000004000000000000003e0004000000dd00000000000000400000000000000004020000000000000000800008003800010001009e0001000a000070050000001ccd000000000000feb5000000000000000000000000000042ffffffffffffff0900000000000000fdffffffffffffffcbd4d85b2dd07f2949b14c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002b8c13bcf07cc58042d11820f9f784173afbce3e2dd231c23c305f28a1b089cdcba497cc38ebbc57371b51a5d78dc4c9574f8a97c37bd9688e88cc364de9c677f9c84cd46a8719c0d5b5574b9ac93a8d30a68399b52f2b3992772f3707c7e56b52775227d56dd17167d3ac89"], 0x883) mount$bind(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x17810, 0x0) unshare(0x48020200) 23:27:01 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:27:01 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{0x0}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:27:01 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) [ 1440.898880] FAULT_INJECTION: forcing a failure. [ 1440.898880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1440.900549] CPU: 0 PID: 8713 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1440.901382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1440.902393] Call Trace: [ 1440.902722] dump_stack+0x107/0x167 [ 1440.903182] should_fail.cold+0x5/0xa [ 1440.903663] _copy_from_user+0x2e/0x1b0 [ 1440.904161] __copy_msghdr_from_user+0x91/0x4b0 [ 1440.904733] ? __ia32_sys_shutdown+0x80/0x80 [ 1440.905281] ? unwind_next_frame+0x13ef/0x1a90 [ 1440.905839] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1440.906494] ? 0xffffffffa0000000 [ 1440.906927] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1440.907498] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1440.908154] ? create_prof_cpu_mask+0x20/0x20 [ 1440.908699] ? arch_stack_walk+0x99/0xf0 [ 1440.909203] io_recvmsg+0xae8/0xd70 [ 1440.909646] ? kfree+0xd7/0x340 [ 1440.910050] ? lock_chain_count+0x20/0x20 [ 1440.910555] ? io_sendmsg+0x830/0x830 [ 1440.911026] ? kfree+0xd7/0x340 [ 1440.911450] ? mark_lock+0xf5/0x2df0 [ 1440.911903] ? slab_free_freelist_hook+0xa9/0x180 [ 1440.912490] ? mark_lock+0xf5/0x2df0 [ 1440.912943] ? lock_chain_count+0x20/0x20 [ 1440.913449] ? lock_chain_count+0x20/0x20 [ 1440.913959] ? __lock_acquire+0xbb1/0x5b00 [ 1440.914486] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1440.915134] io_issue_sqe+0x3bd6/0x77b0 [ 1440.915653] ? perf_trace_lock+0xac/0x490 [ 1440.916159] ? io_connect+0x610/0x610 [ 1440.916625] ? __lockdep_reset_lock+0x180/0x180 [ 1440.917197] ? lock_acquire+0x197/0x470 [ 1440.917680] ? find_held_lock+0x2c/0x110 [ 1440.918182] __io_queue_sqe+0x90/0x9d0 [ 1440.918658] ? rwlock_bug.part.0+0x90/0x90 [ 1440.919181] ? io_issue_sqe+0x77b0/0x77b0 [ 1440.919695] ? do_raw_spin_unlock+0x4f/0x220 [ 1440.920231] ? _raw_spin_unlock+0x1a/0x30 [ 1440.920738] ? io_drain_req+0x603/0xb20 [ 1440.921228] io_submit_sqes+0x44aa/0x8610 [ 1440.921756] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1440.922361] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1440.922952] ? find_held_lock+0x2c/0x110 [ 1440.923489] ? io_submit_sqes+0x8610/0x8610 [ 1440.924031] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1440.924622] ? wait_for_completion_io+0x270/0x270 [ 1440.925214] ? rcu_read_lock_any_held+0x75/0xa0 [ 1440.925780] ? vfs_write+0x354/0xb10 [ 1440.926242] ? fput_many+0x2f/0x1a0 [ 1440.926687] ? ksys_write+0x1a9/0x260 [ 1440.927157] ? __ia32_sys_read+0xb0/0xb0 [ 1440.927674] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1440.928312] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1440.928942] do_syscall_64+0x33/0x40 [ 1440.929395] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1440.930018] RIP: 0033:0x7f33fff70b19 [ 1440.930472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1440.932723] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1440.933657] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 23:27:01 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000500)='ramfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000020000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f00000001c0)="201900d07642da921fd6ff11430c6c6b8c0ac5060048065e24ecf3bb8ce311427a", 0x21, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000180)=ANY=[]) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000200)='./file0\x00', 0x0) [ 1440.934523] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1440.935411] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1440.936279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1440.937146] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:27:01 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{0x0}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1441.015085] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 23:27:02 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 23:27:02 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:27:02 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/cpuinfo\x00', 0x0, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r1, 0xc038943b, &(0x7f0000000400)={0x6, 0x10, '\x00', 0x1, &(0x7f0000000240)=[0x0, 0x0]}) close_range(r1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) syz_io_uring_setup(0x1680, &(0x7f00000000c0)={0x0, 0x3326, 0x0, 0x0, 0x214, 0x0, r0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000140)=0x0) r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_submit(r2, r5, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r6, 0x80, &(0x7f0000000180)=@l2={0x1f, 0x51aa, @none, 0x400, 0x2}}, 0x5a3) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x7fff, 0x2, 0x6, 0x8, 0x3, 0x1}, {0x7f, 0x0, 0x0, 0x0, 0x0, 0x4}], ['\x00', '\x00']}) lseek(0xffffffffffffffff, 0x0, 0x1) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14) r8 = epoll_create(0x0) fdatasync(r8) connect$802154_dgram(r7, &(0x7f0000000080)={0x24, @long}, 0x14) sendmmsg$sock(r7, &(0x7f00000021c0)=[{{0x0, 0x0, 0x0}}], 0x324, 0x0) [ 1441.216291] FAULT_INJECTION: forcing a failure. [ 1441.216291] name failslab, interval 1, probability 0, space 0, times 0 [ 1441.218413] CPU: 1 PID: 8726 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1441.223514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1441.224810] Call Trace: [ 1441.225193] dump_stack+0x107/0x167 [ 1441.225817] should_fail.cold+0x5/0xa [ 1441.226343] ? io_setup_async_msg+0xda/0x2d0 [ 1441.227134] should_failslab+0x5/0x20 [ 1441.228286] __kmalloc+0x72/0x390 [ 1441.228792] io_setup_async_msg+0xda/0x2d0 [ 1441.229368] io_recvmsg+0xc26/0xd70 [ 1441.230098] ? io_sendmsg+0x830/0x830 [ 1441.230572] ? kfree+0xd7/0x340 [ 1441.231198] ? mark_lock+0xf5/0x2df0 [ 1441.232540] ? slab_free_freelist_hook+0xa9/0x180 [ 1441.233257] ? mark_lock+0xf5/0x2df0 [ 1441.233973] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1441.234701] io_issue_sqe+0x3bd6/0x77b0 [ 1441.239968] ? perf_trace_lock+0xac/0x490 [ 1441.240714] ? io_connect+0x610/0x610 [ 1441.241242] ? __lockdep_reset_lock+0x180/0x180 [ 1441.242040] ? lock_acquire+0x197/0x470 [ 1441.242602] ? find_held_lock+0x2c/0x110 [ 1441.243782] __io_queue_sqe+0x90/0x9d0 [ 1441.244505] ? rwlock_bug.part.0+0x90/0x90 [ 1441.245150] ? io_issue_sqe+0x77b0/0x77b0 [ 1441.245945] ? do_raw_spin_unlock+0x4f/0x220 [ 1441.246492] ? _raw_spin_unlock+0x1a/0x30 [ 1441.248035] ? io_drain_req+0x603/0xb20 [ 1441.248604] io_submit_sqes+0x44aa/0x8610 [ 1441.249351] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1441.250082] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1441.250993] ? find_held_lock+0x2c/0x110 [ 1441.255939] ? io_submit_sqes+0x8610/0x8610 [ 1441.256666] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1441.257319] ? wait_for_completion_io+0x270/0x270 [ 1441.258220] ? rcu_read_lock_any_held+0x75/0xa0 [ 1441.258988] ? vfs_write+0x354/0xb10 [ 1441.264288] ? fput_many+0x2f/0x1a0 [ 1441.264813] ? ksys_write+0x1a9/0x260 [ 1441.265337] ? __ia32_sys_read+0xb0/0xb0 [ 1441.266061] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1441.266959] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1441.267682] do_syscall_64+0x33/0x40 [ 1441.269765] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1441.270409] RIP: 0033:0x7f33fff70b19 [ 1441.270871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1441.281169] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1441.282118] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1441.283000] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1441.283899] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1441.284782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1441.285671] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:27:17 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 23:27:17 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:27:17 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) 23:27:17 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xa) r1 = fcntl$dupfd(r0, 0x0, r0) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbff, 0x5022c004}, 0xc) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000020b8f72be91d324ba0174e00210c000000000000000002000000080000000000000020000c002f70726f632f7379732f6e65742f69707634a7fc52cd77d22f7463079b34ebd9a45efc5adf308db8865fcd96bcf09850f6fbec579d0a5fe7adc88f258f3b5c105ad52d69ea83bf541465fb802788a92dccb3a384b23c6aade0915e870a99317ea04a25ec"], 0x3c}}, 0x0) 23:27:17 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) 23:27:17 executing program 1: r0 = perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f0000000140)) r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) fcntl$setflags(r0, 0x2, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)) request_key(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, r1) request_key(&(0x7f0000000280)='cifs.idmap\x00', &(0x7f00000002c0)={'syz', 0x3}, &(0x7f0000000300)='keyring\x00', r1) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) add_key(&(0x7f00000001c0)='.request_key_auth\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0x0) unshare(0x48020200) 23:27:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)={0xc8, r1, 0x1, 0x1ffffffc, 0x0, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0x8}}}}, [@NL80211_ATTR_TX_RATES={0xa8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xa0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x20c0, 0x1000, 0x8350, 0x3, 0x3, 0x8]}}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x48, 0x30, 0x6, 0x5, 0x24, 0x36, 0xc, 0x3, 0x6, 0xc, 0x18, 0x16, 0x6c, 0x24, 0x2, 0x0, 0x1b, 0x60, 0x6, 0x6c, 0x5, 0xc, 0x6c, 0x6, 0x3, 0x12, 0xc, 0x24, 0x51, 0x60, 0xb]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9a36, 0x1, 0x6, 0x6, 0x3, 0x8, 0x800, 0x3]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5207, 0xaf5, 0x1, 0x3ff, 0x9, 0x1, 0x7ff, 0x1ff]}}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x1, 0x60, 0x1, 0xc, 0x24, 0x18, 0x9, 0x3, 0x24, 0xc, 0x3, 0x1, 0x6c, 0x3, 0x6c, 0x2, 0x24, 0x6c, 0x48, 0x60, 0xb, 0x24, 0x18, 0x5c, 0x1b]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x4, 0x1, 0x1ff, 0x8000, 0x800, 0x5]}}]}, @NL80211_BAND_5GHZ={0x4}]}]}, 0xc8}}, 0x8000) 23:27:17 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{0x0}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1456.820454] FAULT_INJECTION: forcing a failure. [ 1456.820454] name failslab, interval 1, probability 0, space 0, times 0 [ 1456.821889] CPU: 0 PID: 8747 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1456.822766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1456.823807] Call Trace: [ 1456.824140] dump_stack+0x107/0x167 [ 1456.824586] should_fail.cold+0x5/0xa [ 1456.825053] ? create_object.isra.0+0x3a/0xa20 [ 1456.825617] should_failslab+0x5/0x20 [ 1456.826082] kmem_cache_alloc+0x5b/0x310 [ 1456.826620] create_object.isra.0+0x3a/0xa20 [ 1456.827156] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1456.827786] __kmalloc+0x16e/0x390 [ 1456.828237] io_setup_async_msg+0xda/0x2d0 [ 1456.828755] io_recvmsg+0xc26/0xd70 [ 1456.829204] ? io_sendmsg+0x830/0x830 [ 1456.829670] ? kfree+0xd7/0x340 [ 1456.830080] ? mark_lock+0xf5/0x2df0 [ 1456.830575] ? slab_free_freelist_hook+0xa9/0x180 [ 1456.831169] ? mark_lock+0xf5/0x2df0 [ 1456.831673] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1456.832351] io_issue_sqe+0x3bd6/0x77b0 [ 1456.832850] ? perf_trace_lock+0xac/0x490 [ 1456.833379] ? io_connect+0x610/0x610 [ 1456.833877] ? __lockdep_reset_lock+0x180/0x180 [ 1456.834486] ? lock_acquire+0x197/0x470 [ 1456.834972] ? find_held_lock+0x2c/0x110 [ 1456.835481] __io_queue_sqe+0x90/0x9d0 [ 1456.835978] ? rwlock_bug.part.0+0x90/0x90 [ 1456.836498] ? io_issue_sqe+0x77b0/0x77b0 [ 1456.837003] ? do_raw_spin_unlock+0x4f/0x220 [ 1456.837547] ? _raw_spin_unlock+0x1a/0x30 [ 1456.838054] ? io_drain_req+0x603/0xb20 [ 1456.838552] io_submit_sqes+0x44aa/0x8610 [ 1456.839079] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1456.839687] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1456.840322] ? find_held_lock+0x2c/0x110 [ 1456.840865] ? io_submit_sqes+0x8610/0x8610 [ 1456.841436] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1456.842030] ? wait_for_completion_io+0x270/0x270 [ 1456.842623] ? rcu_read_lock_any_held+0x75/0xa0 [ 1456.843191] ? vfs_write+0x354/0xb10 [ 1456.843695] ? fput_many+0x2f/0x1a0 [ 1456.844163] ? ksys_write+0x1a9/0x260 [ 1456.844666] ? __ia32_sys_read+0xb0/0xb0 [ 1456.845165] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1456.845810] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1456.846441] do_syscall_64+0x33/0x40 [ 1456.846895] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1456.847521] RIP: 0033:0x7f33fff70b19 [ 1456.848009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1456.850342] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1456.851279] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1456.852169] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1456.853038] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1456.853909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1456.854786] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1456.865889] FAULT_INJECTION: forcing a failure. [ 1456.865889] name failslab, interval 1, probability 0, space 0, times 0 [ 1456.867470] CPU: 0 PID: 8745 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1456.868325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1456.869418] Call Trace: [ 1456.869745] dump_stack+0x107/0x167 [ 1456.870194] should_fail.cold+0x5/0xa [ 1456.870663] ? create_object.isra.0+0x3a/0xa20 [ 1456.871223] should_failslab+0x5/0x20 [ 1456.871690] kmem_cache_alloc+0x5b/0x310 [ 1456.872213] create_object.isra.0+0x3a/0xa20 [ 1456.872788] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1456.873446] __kmalloc+0x16e/0x390 [ 1456.873889] io_setup_async_msg+0xda/0x2d0 [ 1456.874410] io_recvmsg+0xc26/0xd70 [ 1456.874860] ? io_sendmsg+0x830/0x830 [ 1456.875327] ? kfree+0xd7/0x340 [ 1456.875794] ? mark_lock+0xf5/0x2df0 [ 1456.876257] ? slab_free_freelist_hook+0xa9/0x180 [ 1456.876882] ? mark_lock+0xf5/0x2df0 [ 1456.877361] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1456.878013] io_issue_sqe+0x3bd6/0x77b0 [ 1456.878537] ? perf_trace_lock+0xac/0x490 [ 1456.879060] ? io_connect+0x610/0x610 [ 1456.879562] ? __lockdep_reset_lock+0x180/0x180 [ 1456.880149] ? lock_acquire+0x197/0x470 [ 1456.880634] ? find_held_lock+0x2c/0x110 [ 1456.881139] __io_queue_sqe+0x90/0x9d0 [ 1456.881662] ? rwlock_bug.part.0+0x90/0x90 [ 1456.882186] ? io_issue_sqe+0x77b0/0x77b0 [ 1456.882720] ? do_raw_spin_unlock+0x4f/0x220 [ 1456.883257] ? _raw_spin_unlock+0x1a/0x30 [ 1456.883770] ? io_drain_req+0x603/0xb20 [ 1456.884267] io_submit_sqes+0x44aa/0x8610 [ 1456.884846] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1456.885461] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1456.886054] ? find_held_lock+0x2c/0x110 [ 1456.886561] ? io_submit_sqes+0x8610/0x8610 [ 1456.887096] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1456.887689] ? wait_for_completion_io+0x270/0x270 [ 1456.888293] ? rcu_read_lock_any_held+0x75/0xa0 [ 1456.888916] ? vfs_write+0x354/0xb10 [ 1456.889378] ? fput_many+0x2f/0x1a0 [ 1456.889829] ? ksys_write+0x1a9/0x260 [ 1456.890295] ? __ia32_sys_read+0xb0/0xb0 [ 1456.890795] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1456.891435] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1456.892080] do_syscall_64+0x33/0x40 [ 1456.892573] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1456.893211] RIP: 0033:0x7fa048f33b19 [ 1456.893702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1456.896011] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1456.896982] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1456.897857] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1456.898737] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1456.899657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1456.900586] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:27:17 executing program 0: ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) flock(0xffffffffffffffff, 0x0) read(0xffffffffffffffff, &(0x7f0000002880)=""/196, 0xc4) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x20000881) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000500)={{0x8000, 0x3}, 0x100, './file0\x00'}) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) write$sndseq(r3, &(0x7f0000000380)=[{0x5, 0xff, 0xe0, 0x0, @tick=0x1, {0x40, 0x72}, {0x7, 0x66}, @ext={0x78, &(0x7f0000000200)="6dbf492af2b9c7a13e90a23f37f924342585c8313986ecd2b648a37c621f5f5bba44d4f33a3de4afdedd5738b73358a6a2f860f9e273c914264fd5638d449ad80cda6a97d8ea036e91527f7bbbb343b98dec027b167afec291613937a2babc5fa32ef292b3427af4e605fc03807ea6711c3877ae36004a45"}}, {0x6, 0x5b, 0x49, 0x1, @tick, {0x1}, {0x9}, @quote={{0x6, 0x5}, 0x3ff, &(0x7f00000002c0)={0x7f, 0x1f, 0x4, 0x3, @tick=0x3, {0x1}, {0x5, 0x6}, @time=@time={0x9, 0x3}}}}, {0x78, 0x7f, 0x3, 0x0, @time={0x7, 0x7}, {0x7, 0x2}, {0x6, 0x5}, @raw8={"00019bac5c1694ecddbad872"}}, {0x3f, 0x1, 0x5, 0x3, @tick=0x3, {0x0, 0x2}, {0x1, 0x4}, @control={0x1, 0xffff7fff, 0x10001}}], 0x70) fallocate(r2, 0x0, 0x0, 0x1000002) r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x100000001) lseek(0xffffffffffffffff, 0x0, 0x3) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0) 23:27:17 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(0x0) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:27:17 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/cpuinfo\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f00000008c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, r3, 0x71, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xf}, 0x4}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000880)=@IORING_OP_RECVMSG={0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000840)={&(0x7f0000000080)=@phonet, 0x80, &(0x7f0000000740)=[{&(0x7f0000000100)=""/242, 0xf2}, {&(0x7f0000000380)=""/76, 0x4c}, {&(0x7f0000000440)=""/192, 0xc0}, {&(0x7f0000000500)=""/202, 0xca}, {&(0x7f0000000600)=""/52, 0x34}, {&(0x7f0000000640)=""/240, 0xf0}], 0x6, &(0x7f00000007c0)=""/72, 0x48}, 0x0, 0x41}, 0x80) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS(r5, 0x4c00, 0x0) r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000b00)='./file0\x00', 0x1900) setsockopt$inet6_tcp_int(r6, 0x6, 0x12, &(0x7f0000000b40)=0x4, 0x4) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000008, 0x8010, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0x0, 0x1, 0x1b, 0x0, "6407282788e8a8097e1b49c58f67c399b09842beec88d9d5675d3bc74739606adb17d503616a74a6a8bd32d84c6b011cac49171c37438d589dcc9b0e653102b9", "8fdb77f38a3f541aaeca89c742776cb185b1a27c7a8f5e4a9d2f4434ad2dbd9a"}) ioctl$LOOP_SET_STATUS(r5, 0x4c03, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x0, 0x0, 0x0, 0x0, "1c5f9161effc37aa8db584ac3cb21a54e4d247c2a984329ec95ddc2ada656a046257f4f19a97779a2771c541ace10afc038439450ab01531686d6b1d2e088b3a", "8242217ff0a5d3cab8015fbb90da56c181d9fd1bc0aa745cfca7675285369ee6"}) 23:27:17 executing program 1: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x8, 0x20, 0x81, 0x1, 0x0, 0x65, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0xf53, 0x1, @perf_config_ext={0x1, 0x7}, 0x19, 0x3, 0xf902, 0x7, 0x1, 0x80000000, 0xffff, 0x0, 0x3, 0x0, 0x7fffffff}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x2) fcntl$setlease(r0, 0x400, 0x1) r1 = signalfd(r0, &(0x7f00000000c0)={[0x342]}, 0x8) ioctl$CDROMEJECT(r1, 0x5309) fcntl$getflags(r0, 0x401) 23:27:17 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x86) 23:27:18 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(0x0) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:27:18 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$eventfd(r0, &(0x7f0000000140)=0xfff, 0x8) ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0) r3 = fsopen(&(0x7f00000004c0)='devpts\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000640)='.\\\xf0.,^\x00', &(0x7f0000000680), 0x0) openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x242802) fcntl$setstatus(r4, 0x4, 0x4000) mmap$perf(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000008, 0x10010, r2, 0x106) syz_emit_ethernet(0x103, &(0x7f00000002c0)=ANY=[@ANYBLOB="67856f93ef03aaaaaaaaaabb91002b008100330008050104099731f296efc77c2db7ea22fcdb65f7e81d54a63549f315e4b2dd0af59dea0d41a8bf855c71d77d33975eb4f9bdf14359d79585f8ac114aaae3530532089a16c847e3087d3f0fdb31d53450494d1e6f443b4871f3dfa4ee4e7bccced59fcd2ab006ec43a57c6789e9ba0dd6b91e003a241d6e545655a80b6ef54d1e1d100717a7652da7cdc5ffed2a89c08932b91b918634e2eaf954fc9c53d63e7dbf8b94e47c3f13463de034dab5a0f1344a3bade9ff3bd67214ffbea25380f762b680bf186ff20f7c6f766b60b265d03adc9a37b8b034a36ff77f67457722853d69f8d1a2e5287c5085d321a25a7ca4"], &(0x7f0000000180)={0x0, 0x2, [0x7a7, 0xbe8, 0x0, 0x9a2]}) acct(&(0x7f0000000040)='./file0\x00') unshare(0x4a060400) 23:27:32 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:27:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f00000001c0)="201900d07642da921fd6ff11430c6c6b8c0ac5060048065e24ecf3bb8ce311427ac446646b66cda5c391a00fbccd665cde721d7307fdcb6b969016edfcfc7632c1f3819bab23a38c40d2318820e65ef0262cc5dd8b5bc96f21bc84022b67785d6741984f29f705f842bd5a0870925cdb5d80eb689f80ea6ff07d3876a48c6519dad01907103c1df3928cb15b27437eb6e994", 0x92, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x803}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x4000000000002100}], 0x0, &(0x7f0000000180)=ANY=[]) perf_event_open(&(0x7f00000002c0)={0x4, 0x80, 0x7, 0x9, 0x0, 0x5, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000280)}, 0x1c224, 0x3ff, 0x5, 0x4, 0x0, 0x3, 0x6, 0x0, 0x1459, 0x0, 0x100}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)) 23:27:32 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 23:27:32 executing program 4: perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000007580), 0x4}, 0x20, 0x0, 0x0, 0x0, 0x81}, 0x0, 0x4, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f00000002c0)=""/225, 0xe1) r0 = getpid() syz_io_uring_setup(0x4d4f, &(0x7f0000000040)={0x0, 0x0, 0x1, 0xfffffffd, 0x142}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) fspick(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x1) getpgid(r0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000004, 0x10, 0xffffffffffffffff, 0x10000000) openat$ptp0(0xffffffffffffff9c, &(0x7f00000002c0), 0x539002, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000006b80)=ANY=[@ANYBLOB="8a0000c9e451e1731023f3cde4f1127a9bf046860b32988cea4f8343df43f16900b2ea31bf7f051b489219da9405ae4f2a"], 0x8) recvmmsg(r2, &(0x7f00000079c0)=[{{&(0x7f00000003c0)=@nfc_llcp, 0x80, &(0x7f0000000800)=[{&(0x7f0000000440)=""/108, 0x6c}, {&(0x7f0000000500)=""/203, 0xcb}, {&(0x7f0000000640)=""/103, 0x67}, {&(0x7f00000006c0)=""/157, 0x9d}, {&(0x7f0000000780)=""/122, 0x7a}], 0x5, &(0x7f0000000880)=""/4096, 0x1000}, 0x8000}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000001880)=""/27, 0x1b}, {&(0x7f00000018c0)=""/111, 0x6f}], 0x2, &(0x7f0000001980)=""/170, 0xaa}, 0xfffff800}, {{&(0x7f0000001a40)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001ac0)=""/205, 0xcd}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001bc0)=""/139, 0x8b}, {&(0x7f0000001c80)=""/4, 0x4}, {&(0x7f0000002e00)=""/207, 0xcf}], 0x5, &(0x7f0000002f00)=""/73, 0x49}, 0x200}, {{&(0x7f0000002f80)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000003180)=[{&(0x7f0000003000)=""/88, 0x58}, {&(0x7f0000001d40)=""/52, 0x34}, {&(0x7f0000003080)=""/243, 0xf3}], 0x3, &(0x7f00000031c0)=""/207, 0xcf}}, {{0x0, 0x0, &(0x7f00000045c0)=[{&(0x7f00000032c0)=""/220, 0xdc}, {&(0x7f00000033c0)=""/37, 0x25}, {&(0x7f0000003400)=""/4096, 0x1000}, {&(0x7f0000004400)=""/87, 0x57}, {&(0x7f0000004480)=""/64, 0x40}, {&(0x7f00000044c0)=""/250, 0xfa}], 0x6, &(0x7f0000004640)=""/10, 0xa}, 0x401}, {{&(0x7f0000004680)=@caif=@dgm, 0x80, &(0x7f0000007d80)=[{&(0x7f0000004700)=""/183, 0xb7}, {&(0x7f00000047c0)=""/208, 0xd0}, {&(0x7f00000048c0)=""/207, 0xcf}, {&(0x7f00000049c0)=""/4096, 0x1000}, {&(0x7f00000059c0)=""/4096, 0x1000}, {&(0x7f00000069c0)=""/1, 0x1}, {&(0x7f0000006a00)=""/42, 0x2a}, {&(0x7f0000006a40)=""/209, 0xd1}, {&(0x7f0000006b40)}, {&(0x7f0000007cc0)=""/97, 0x61}, {&(0x7f0000007d40)=""/60, 0x3c}], 0xb, &(0x7f0000006c40)}, 0x34111e00}, {{&(0x7f0000006c80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000006e00)=[{&(0x7f0000006d00)=""/31, 0x1f}, {&(0x7f0000006d40)=""/144, 0x90}], 0x2, &(0x7f0000006e40)=""/48, 0x30}, 0x5}, {{&(0x7f0000006e80)=@ax25={{}, [@remote, @netrom, @default, @bcast, @netrom, @bcast, @rose, @null]}, 0x80, &(0x7f0000007100)=[{&(0x7f0000006f00)=""/238, 0xee}, {&(0x7f0000007000)=""/239, 0xef}], 0x2, &(0x7f0000007140)=""/22, 0x16}, 0xded8}, {{&(0x7f0000007180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000007780)=[{&(0x7f0000007200)=""/148, 0x94}, {&(0x7f00000072c0)=""/248, 0xf8}, {&(0x7f00000073c0)=""/240, 0xf0}, {&(0x7f00000074c0)=""/173, 0xad}, {&(0x7f0000006c40)=""/8, 0x8}, {&(0x7f00000075c0)=""/211, 0xd3}, {&(0x7f00000076c0)=""/144, 0x90}], 0x7, &(0x7f0000007800)=""/249, 0xf9}, 0x936d}, {{0x0, 0x0, &(0x7f0000007940)=[{&(0x7f0000007900)=""/24, 0x18}], 0x1, &(0x7f0000007980)=""/3, 0x3}, 0xd3}], 0xa, 0x40000000, &(0x7f0000007c40)={0x77359400}) ioctl$sock_inet6_udp_SIOCINQ(r3, 0x541b, &(0x7f0000007c80)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000005, 0x10, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) setsockopt$inet6_opts(r4, 0x29, 0x36, &(0x7f0000006b40)=@fragment={0x88, 0x0, 0xff, 0x0, 0x0, 0x0, 0x64}, 0x8) 23:27:32 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(0x0) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:27:32 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) 23:27:32 executing program 1: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0x2e, 0x4, 0x70bd29, 0x25dfdbfc, {0x11}, [@typed={0x14, 0x8d, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1b}}}, @generic="66438af50e73bbd5a52cb7f226b5b6382351c296394cc5fcac9735e263b13a236745748f6555ab443d"]}, 0x54}, 0x1, 0x0, 0x0, 0x200400d0}, 0x4001) ioctl$SG_IO(r0, 0x127f, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, @buffer={0x300, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x40080, 0x0) r4 = ioctl$TUNGETDEVNETNS(r3, 0x54e3, 0x0) r5 = socket$inet(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) fcntl$dupfd(r4, 0x406, r5) ioctl$AUTOFS_IOC_PROTOVER(r3, 0x80049363, &(0x7f0000000180)) 23:27:32 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x86) [ 1471.744561] FAULT_INJECTION: forcing a failure. [ 1471.744561] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1471.746142] CPU: 0 PID: 8786 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1471.747011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1471.748092] Call Trace: [ 1471.752475] dump_stack+0x107/0x167 [ 1471.752965] should_fail.cold+0x5/0xa [ 1471.753474] _copy_from_user+0x2e/0x1b0 [ 1471.754006] __copy_msghdr_from_user+0x91/0x4b0 [ 1471.754609] ? __ia32_sys_shutdown+0x80/0x80 [ 1471.755192] ? unwind_next_frame+0x13ef/0x1a90 [ 1471.755790] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1471.756503] ? 0xffffffffa0000000 [ 1471.756967] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1471.757562] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1471.758271] ? create_prof_cpu_mask+0x20/0x20 [ 1471.758859] ? arch_stack_walk+0x99/0xf0 [ 1471.759415] io_recvmsg+0xae8/0xd70 [ 1471.759901] ? kfree+0xd7/0x340 [ 1471.760354] ? lock_chain_count+0x20/0x20 [ 1471.760909] ? io_sendmsg+0x830/0x830 [ 1471.761415] ? kfree+0xd7/0x340 [ 1471.761856] ? mark_lock+0xf5/0x2df0 [ 1471.762343] ? slab_free_freelist_hook+0xa9/0x180 [ 1471.765370] ? mark_lock+0xf5/0x2df0 [ 1471.765839] ? lock_chain_count+0x20/0x20 [ 1471.766346] ? lock_chain_count+0x20/0x20 [ 1471.766848] ? __lock_acquire+0xbb1/0x5b00 [ 1471.767376] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1471.768024] io_issue_sqe+0x3bd6/0x77b0 [ 1471.768537] ? perf_trace_lock+0xac/0x490 [ 1471.769042] ? io_connect+0x610/0x610 [ 1471.769506] ? __lockdep_reset_lock+0x180/0x180 [ 1471.770079] ? lock_acquire+0x197/0x470 [ 1471.770561] ? find_held_lock+0x2c/0x110 [ 1471.771065] __io_queue_sqe+0x90/0x9d0 [ 1471.771537] ? rwlock_bug.part.0+0x90/0x90 [ 1471.772051] ? io_issue_sqe+0x77b0/0x77b0 [ 1471.772566] ? do_raw_spin_unlock+0x4f/0x220 [ 1471.773101] ? _raw_spin_unlock+0x1a/0x30 [ 1471.773605] ? io_drain_req+0x603/0xb20 [ 1471.774093] io_submit_sqes+0x44aa/0x8610 [ 1471.774618] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1471.775224] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1471.775812] ? find_held_lock+0x2c/0x110 [ 1471.776318] ? io_submit_sqes+0x8610/0x8610 [ 1471.776856] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1471.777446] ? wait_for_completion_io+0x270/0x270 [ 1471.778034] ? rcu_read_lock_any_held+0x75/0xa0 [ 1471.778601] ? vfs_write+0x354/0xb10 [ 1471.779053] ? fput_many+0x2f/0x1a0 [ 1471.779496] ? ksys_write+0x1a9/0x260 [ 1471.779959] ? __ia32_sys_read+0xb0/0xb0 [ 1471.784666] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1471.785506] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1471.786476] do_syscall_64+0x33/0x40 [ 1471.786972] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1471.787779] RIP: 0033:0x7fa048f33b19 [ 1471.788356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1471.791203] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1471.792356] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1471.794009] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 23:27:32 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x86) [ 1471.796093] FAULT_INJECTION: forcing a failure. [ 1471.796093] name failslab, interval 1, probability 0, space 0, times 0 [ 1471.808510] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1471.808518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1471.808525] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1471.828744] CPU: 1 PID: 8800 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1471.829592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1471.830618] Call Trace: [ 1471.830948] dump_stack+0x107/0x167 [ 1471.831402] should_fail.cold+0x5/0xa [ 1471.831878] ? create_object.isra.0+0x3a/0xa20 [ 1471.832464] should_failslab+0x5/0x20 [ 1471.832937] kmem_cache_alloc+0x5b/0x310 [ 1471.833443] ? mark_held_locks+0x9e/0xe0 [ 1471.833952] create_object.isra.0+0x3a/0xa20 [ 1471.834498] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1471.835133] kmem_cache_alloc+0x159/0x310 [ 1471.835655] xas_alloc+0x336/0x440 [ 1471.836101] xas_create+0x34a/0x10d0 [ 1471.836584] ? kernel_text_address+0xf2/0x120 [ 1471.837143] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1471.837795] xas_store+0x8c/0x1c40 [ 1471.838249] __xa_store+0x164/0x2d0 [ 1471.838703] ? xa_delete_node+0x280/0x280 [ 1471.839225] ? trace_hardirqs_on+0x5b/0x180 [ 1471.839766] xa_store+0x31/0x50 [ 1471.840179] __io_uring_add_tctx_node+0x1cf/0x520 [ 1471.856848] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1471.857569] __do_sys_io_uring_enter+0x146f/0x1890 [ 1471.858230] ? find_held_lock+0x2c/0x110 [ 1471.858788] ? io_submit_sqes+0x8610/0x8610 [ 1471.859370] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1471.860027] ? wait_for_completion_io+0x270/0x270 [ 1471.860700] ? rcu_read_lock_any_held+0x75/0xa0 [ 1471.861321] ? vfs_write+0x354/0xb10 [ 1471.861831] ? fput_many+0x2f/0x1a0 [ 1471.862321] ? ksys_write+0x1a9/0x260 [ 1471.862848] ? __ia32_sys_read+0xb0/0xb0 [ 1471.863400] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1471.864113] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1471.864822] do_syscall_64+0x33/0x40 [ 1471.865331] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1471.866007] RIP: 0033:0x7f33fff70b19 [ 1471.866513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1471.868953] RSP: 002b:00007f33fd4c5188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1471.869974] RAX: ffffffffffffffda RBX: 00007f3400084020 RCX: 00007f33fff70b19 [ 1471.870923] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1471.871972] RBP: 00007f33fd4c51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1471.872946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1471.873889] R13: 00007ffdce05164f R14: 00007f33fd4c5300 R15: 0000000000022000 23:27:32 executing program 0: ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x6c, r1, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0x8, 0x3, r0}, @val={0xc, 0x99, {0xfff, 0x7d}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6_vti0\x00'}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}], @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x6c}}, 0x20000000) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000ffdddf25120000000c0099001f060000530000000a000600080211000000009c0500740002000000"], 0x34}, 0x1, 0x0, 0x0, 0x24040091}, 0x40000) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, 0x0, 0x8001) setsockopt(0xffffffffffffffff, 0x80000001, 0x0, &(0x7f0000000000)="d6547e36fc54c90660b7476ebee6fc625172f9fb41501b197b5f3f70983636a6339e1e85d66136c9ab9c4c4ac9f47e62e803b9ef933f94e7743dd3f042e684ce17f03e969718e964ee18366ffdfce76af1d45d6363a4174148eed0ed680f244413688cf5740d20bfec520e6a149e3680f24f23ef267afc48c0982fa7", 0x7c) r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x9]}, 0x8) ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000280)) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x41, 0xc21, 0x0, 0x0, {0xa}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(r5, 0x0, r5) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r5, @ANYRESDEC=r4, @ANYRES32]) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, &(0x7f0000000140), &(0x7f0000000180)=0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), &(0x7f0000000100), {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1471.918161] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65 sclass=netlink_route_socket pid=8805 comm=syz-executor.0 [ 1471.959697] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1471.961039] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1471.962040] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1471.963069] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 40 00 00 40 00 [ 1471.964133] print_req_error: 276 callbacks suppressed [ 1471.964148] blk_update_request: critical target error, dev sr0, sector 256 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1471.983697] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1471.984927] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1471.985825] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1471.986761] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 00 00 00 40 00 [ 1471.987706] blk_update_request: critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 23:27:32 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1472.018603] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.019967] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.020964] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.021978] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 80 00 00 40 00 [ 1472.023000] blk_update_request: critical target error, dev sr0, sector 512 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1472.054645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65 sclass=netlink_route_socket pid=8812 comm=syz-executor.0 [ 1472.060131] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.061364] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.062270] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.063207] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 c0 00 00 40 00 [ 1472.064170] blk_update_request: critical target error, dev sr0, sector 768 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1472.102782] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.104205] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.105208] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.106219] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 01 00 00 00 40 00 [ 1472.107243] blk_update_request: critical target error, dev sr0, sector 1024 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 23:27:33 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, 0x0, 0x86) 23:27:33 executing program 0: renameat(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) [ 1472.139811] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.141099] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.142010] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.142945] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 01 40 00 00 40 00 [ 1472.143881] blk_update_request: critical target error, dev sr0, sector 1280 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1472.173977] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.175190] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.176095] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.177160] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 01 80 00 00 40 00 [ 1472.178198] blk_update_request: critical target error, dev sr0, sector 1536 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1472.206747] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.208081] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.209096] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.210131] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 01 c0 00 00 40 00 [ 1472.211166] blk_update_request: critical target error, dev sr0, sector 1792 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1472.238318] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s 23:27:33 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) [ 1472.239672] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.244690] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.245711] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 02 00 00 00 40 00 [ 1472.246737] blk_update_request: critical target error, dev sr0, sector 2048 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 23:27:33 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1472.272679] FAULT_INJECTION: forcing a failure. [ 1472.272679] name failslab, interval 1, probability 0, space 0, times 0 [ 1472.274328] CPU: 0 PID: 8823 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1472.275221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1472.276297] Call Trace: [ 1472.276673] dump_stack+0x107/0x167 [ 1472.277168] should_fail.cold+0x5/0xa [ 1472.277671] ? io_setup_async_msg+0xda/0x2d0 [ 1472.278270] should_failslab+0x5/0x20 [ 1472.278773] __kmalloc+0x72/0x390 [ 1472.279242] io_setup_async_msg+0xda/0x2d0 [ 1472.279787] io_recvmsg+0xc26/0xd70 [ 1472.280286] ? io_sendmsg+0x830/0x830 [ 1472.280808] ? kfree+0xd7/0x340 [ 1472.281256] ? mark_lock+0xf5/0x2df0 [ 1472.281751] ? slab_free_freelist_hook+0xa9/0x180 [ 1472.282386] ? mark_lock+0xf5/0x2df0 [ 1472.282915] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1472.283624] io_issue_sqe+0x3bd6/0x77b0 [ 1472.284152] ? perf_trace_lock+0xac/0x490 [ 1472.284680] ? io_connect+0x610/0x610 [ 1472.285148] ? __lockdep_reset_lock+0x180/0x180 [ 1472.286304] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1472.288892] ? lock_acquire+0x197/0x470 [ 1472.288906] ? find_held_lock+0x2c/0x110 [ 1472.288931] __io_queue_sqe+0x90/0x9d0 [ 1472.288946] ? rwlock_bug.part.0+0x90/0x90 [ 1472.288961] ? io_issue_sqe+0x77b0/0x77b0 [ 1472.288973] ? do_raw_spin_unlock+0x4f/0x220 [ 1472.288989] ? _raw_spin_unlock+0x1a/0x30 [ 1472.289000] ? io_drain_req+0x603/0xb20 [ 1472.289019] io_submit_sqes+0x44aa/0x8610 [ 1472.289059] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1472.289071] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1472.289089] ? find_held_lock+0x2c/0x110 [ 1472.289108] ? io_submit_sqes+0x8610/0x8610 [ 1472.289132] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1472.289150] ? wait_for_completion_io+0x270/0x270 [ 1472.289169] ? rcu_read_lock_any_held+0x75/0xa0 [ 1472.289184] ? vfs_write+0x354/0xb10 [ 1472.289200] ? fput_many+0x2f/0x1a0 [ 1472.289215] ? ksys_write+0x1a9/0x260 [ 1472.289230] ? __ia32_sys_read+0xb0/0xb0 [ 1472.289248] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1472.289262] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1472.289279] do_syscall_64+0x33/0x40 [ 1472.289293] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1472.289303] RIP: 0033:0x7fa048f33b19 [ 1472.289318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1472.289325] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1472.289341] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1472.289350] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1472.289358] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1472.289366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1472.289375] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1472.317361] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1472.318344] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1472.319363] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 02 40 00 00 40 00 [ 1472.324420] blk_update_request: critical target error, dev sr0, sector 2304 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 23:27:33 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, 0x0, 0x86) [ 1476.988938] scsi_io_completion_action: 165 callbacks suppressed [ 1476.990833] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1476.993274] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1476.997811] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1476.999691] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 18 80 00 00 40 00 [ 1477.001820] print_req_error: 165 callbacks suppressed [ 1477.001833] blk_update_request: critical target error, dev sr0, sector 25088 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.041996] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.044710] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.046452] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.048260] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 13 40 00 00 40 00 [ 1477.050400] blk_update_request: critical target error, dev sr0, sector 19712 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.088909] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.090103] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.091010] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.091929] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 18 c0 00 00 40 00 [ 1477.092897] blk_update_request: critical target error, dev sr0, sector 25344 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.124962] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.126218] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.127122] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.128054] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 13 80 00 00 40 00 [ 1477.129031] blk_update_request: critical target error, dev sr0, sector 19968 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.164907] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.166129] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.167031] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.168014] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 19 00 00 00 40 00 [ 1477.169004] blk_update_request: critical target error, dev sr0, sector 25600 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.200907] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.202461] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.203394] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.204329] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 13 c0 00 00 40 00 [ 1477.205292] blk_update_request: critical target error, dev sr0, sector 20224 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1477.232953] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.234134] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.235030] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.235967] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 19 40 00 00 40 00 [ 1477.236913] blk_update_request: critical target error, dev sr0, sector 25856 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.272916] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.274105] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.275008] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.275926] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 14 00 00 00 40 00 [ 1477.276895] blk_update_request: critical target error, dev sr0, sector 20480 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.308955] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.310184] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.311095] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.312031] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 19 80 00 00 40 00 [ 1477.313072] blk_update_request: critical target error, dev sr0, sector 26112 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1477.344977] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1477.346166] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1477.347080] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1477.348046] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 14 40 00 00 40 00 [ 1477.349012] blk_update_request: critical target error, dev sr0, sector 20736 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.008817] scsi_io_completion_action: 144 callbacks suppressed [ 1482.008856] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.010815] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.011704] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.012625] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 2b c0 00 00 40 00 [ 1482.013604] print_req_error: 144 callbacks suppressed [ 1482.013616] blk_update_request: critical target error, dev sr0, sector 44800 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1482.044864] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.046033] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.046899] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.047838] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 26 80 00 00 40 00 [ 1482.048794] blk_update_request: critical target error, dev sr0, sector 39424 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.084851] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.086026] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.086886] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.087818] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 2c 00 00 00 40 00 [ 1482.088773] blk_update_request: critical target error, dev sr0, sector 45056 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.136852] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.138028] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.138887] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.139818] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 26 c0 00 00 40 00 [ 1482.140769] blk_update_request: critical target error, dev sr0, sector 39680 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.184799] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.185981] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.186839] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.187774] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 2c 40 00 00 40 00 [ 1482.188733] blk_update_request: critical target error, dev sr0, sector 45312 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.232979] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.234148] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.235045] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.235974] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 27 00 00 00 40 00 [ 1482.236901] blk_update_request: critical target error, dev sr0, sector 39936 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.276817] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.277991] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.278848] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.279824] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 2c 80 00 00 40 00 [ 1482.280781] blk_update_request: critical target error, dev sr0, sector 45568 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.316805] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.317981] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.318838] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.319773] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 27 40 00 00 40 00 [ 1482.320716] blk_update_request: critical target error, dev sr0, sector 40192 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.360825] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.362008] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.362868] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.363799] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 2c c0 00 00 40 00 [ 1482.364737] blk_update_request: critical target error, dev sr0, sector 45824 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1482.400807] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1482.401980] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1482.402837] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1482.403767] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 27 80 00 00 40 00 [ 1482.404689] blk_update_request: critical target error, dev sr0, sector 40448 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.021292] scsi_io_completion_action: 157 callbacks suppressed [ 1487.021337] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.023374] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.024285] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.025248] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 3b 40 00 00 40 00 [ 1487.026193] print_req_error: 157 callbacks suppressed [ 1487.026206] blk_update_request: critical target error, dev sr0, sector 60672 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.069529] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.070772] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.071687] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.072626] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 40 c0 00 00 40 00 [ 1487.073615] blk_update_request: critical target error, dev sr0, sector 66304 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.106469] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.107662] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.108578] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.109809] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 3b 80 00 00 40 00 [ 1487.110767] blk_update_request: critical target error, dev sr0, sector 60928 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.139199] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.140424] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.141358] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.142297] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 41 00 00 00 40 00 [ 1487.143246] blk_update_request: critical target error, dev sr0, sector 66560 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.170124] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.172988] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.175497] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.177154] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 3b c0 00 00 40 00 [ 1487.178110] blk_update_request: critical target error, dev sr0, sector 61184 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1487.209306] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.212043] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.214130] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.216293] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 41 40 00 00 40 00 [ 1487.218488] blk_update_request: critical target error, dev sr0, sector 66816 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.253312] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.256053] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.258162] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.260308] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 3c 00 00 00 40 00 [ 1487.262502] blk_update_request: critical target error, dev sr0, sector 61440 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.293307] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.296015] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.296918] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.297882] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 41 80 00 00 40 00 [ 1487.298836] blk_update_request: critical target error, dev sr0, sector 67072 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.325317] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.326512] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.327417] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.328360] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 3c 40 00 00 40 00 [ 1487.329853] blk_update_request: critical target error, dev sr0, sector 61696 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1487.361534] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1487.362742] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1487.363652] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1487.364588] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 41 c0 00 00 40 00 [ 1487.365565] blk_update_request: critical target error, dev sr0, sector 67328 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1492.041152] scsi_io_completion_action: 174 callbacks suppressed [ 1492.041192] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.043188] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.044120] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.045090] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 52 40 00 00 40 00 [ 1492.046032] print_req_error: 174 callbacks suppressed [ 1492.046045] blk_update_request: critical target error, dev sr0, sector 84224 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.093182] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.094353] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.095242] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.096160] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 57 c0 00 00 40 00 [ 1492.097101] blk_update_request: critical target error, dev sr0, sector 89856 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1492.133269] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.134547] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.135563] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.136547] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 52 80 00 00 40 00 [ 1492.137539] blk_update_request: critical target error, dev sr0, sector 84480 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.167609] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.168836] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.170507] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.171502] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 58 00 00 00 40 00 [ 1492.172486] blk_update_request: critical target error, dev sr0, sector 90112 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.209772] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.211138] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.212146] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.213206] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 52 c0 00 00 40 00 [ 1492.214280] blk_update_request: critical target error, dev sr0, sector 84736 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.242306] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.243601] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.244570] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.246454] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 58 40 00 00 40 00 [ 1492.247457] blk_update_request: critical target error, dev sr0, sector 90368 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.282471] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.283928] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.284965] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.286068] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 53 00 00 00 40 00 [ 1492.287175] blk_update_request: critical target error, dev sr0, sector 84992 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.311444] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.312719] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.313766] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.314896] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 58 80 00 00 40 00 [ 1492.315971] blk_update_request: critical target error, dev sr0, sector 90624 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.338483] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.339784] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.340754] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.341879] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 53 40 00 00 40 00 [ 1492.342914] blk_update_request: critical target error, dev sr0, sector 85248 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1492.365826] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1492.367074] sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] [ 1492.367986] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code [ 1492.368970] sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 58 c0 00 00 40 00 [ 1492.369999] blk_update_request: critical target error, dev sr0, sector 90880 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 23:28:09 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:09 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0xfffff014}, {0x6}]}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='freezer.self_freezing\x00', 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = creat(&(0x7f0000000200)='./file0\x00', 0x3c) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000015c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000001680)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x1c, r4, 0x200, 0x70bd2d, 0x0, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000010) sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r4, 0x100, 0x70bd25, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x6}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000) sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r4, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20004800}, 0x8000) ioctl$sock_proto_private(r1, 0x89e0, &(0x7f00000000c0)="dfcd1d7b418058ef708ecd834b749eec7a73278c76b85146304b61b8b8052340bea05aa4ab215440014a1b6eec7258d350379fc72f652f8243e65ab3b68eb69f40c278af1396dbd1ca21732335422fac38f9552ebda3cbde82926c4a21cdf76da19709d547ff859de13628283c90ff560f79f44500a6273facff3221b13d18c61e9f17e66f83efefac78ae57eb9a9a6660c0cc4bd4ef2b4976545aeec0979b9bc5f7a99c51ded55bd125c7f43c8becae8c2c2629ba00a7e627b2f42e7f51205752f4ef63bc99842976565ed17b69d8fa04c752f0d40b98fa45b478207ea41af5ba") r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sysvipc/shm\x00', 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0), r5) 23:28:09 executing program 0: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x101) ioctl$sock_bt_hci(0xffffffffffffffff, 0x0, 0x0) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) statx(r0, &(0x7f00000000c0)='./file0\x00', 0x400, 0x120, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {0xee01, r2}}, './file0\x00'}) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0xb9, 0x31, 0x0, 0x0, 0x2, 0x808, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_bp={0xfffffffffffffffe, 0xb}, 0x1100, 0x800, 0x3ff, 0x1, 0x6, 0x7f, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) ioctl$SG_IO(r0, 0x127f, &(0x7f00000003c0)={0xe00, 0x0, 0x0, 0xfe, @buffer={0x300, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 23:28:09 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0200000000000000"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:28:09 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) 23:28:09 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 23:28:09 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, 0x0, 0x86) 23:28:09 executing program 4: ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) flock(0xffffffffffffffff, 0x0) read(0xffffffffffffffff, &(0x7f0000002880)=""/196, 0xc4) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x20000881) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000500)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) write$sndseq(r3, &(0x7f0000000380)=[{0x5, 0xff, 0xe0, 0x0, @tick=0x1, {0x40, 0x72}, {0x7, 0x66}, @ext={0x78, &(0x7f0000000200)="6dbf492af2b9c7a13e90a23f37f924342585c8313986ecd2b648a37c621f5f5bba44d4f33a3de4afdedd5738b73358a6a2f860f9e273c914264fd5638d449ad80cda6a97d8ea036e91527f7bbbb343b98dec027b167afec291613937a2babc5fa32ef292b3427af4e605fc03807ea6711c3877ae36004a45"}}, {0x6, 0x5b, 0x49, 0x1, @tick, {0x1}, {0x9}, @quote={{0x6, 0x5}, 0x3ff, &(0x7f00000002c0)={0x7f, 0x1f, 0x4, 0x3, @tick=0x3, {0x1}, {0x5, 0x6}, @time=@time={0x9, 0x3}}}}, {0x78, 0x7f, 0x3, 0x0, @time={0x7, 0x7}, {0x7, 0x2}, {0x6, 0x5}, @raw8={"00019bac5c1694ecddbad872"}}, {0x3f, 0x1, 0x5, 0x3, @tick=0x3, {0x0, 0x2}, {0x1, 0x4}, @control={0x1, 0xffff7fff, 0x10001}}], 0x70) fallocate(r1, 0x0, 0x0, 0x1000002) r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x100000001) lseek(0xffffffffffffffff, 0x0, 0x3) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r1, 0x0) [ 1508.097680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.098541] print_req_error: 78 callbacks suppressed [ 1508.098554] blk_update_request: I/O error, dev sr0, sector 7 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.103065] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.103782] blk_update_request: I/O error, dev sr0, sector 263 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.107692] FAULT_INJECTION: forcing a failure. [ 1508.107692] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.109119] CPU: 1 PID: 8849 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1508.109993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.111015] Call Trace: [ 1508.111348] dump_stack+0x107/0x167 [ 1508.111801] should_fail.cold+0x5/0xa [ 1508.112277] ? io_setup_async_msg+0xda/0x2d0 [ 1508.112826] should_failslab+0x5/0x20 [ 1508.113298] __kmalloc+0x72/0x390 [ 1508.113769] io_setup_async_msg+0xda/0x2d0 [ 1508.114298] io_recvmsg+0xc26/0xd70 [ 1508.114756] ? io_sendmsg+0x830/0x830 [ 1508.115227] ? kfree+0xd7/0x340 [ 1508.115645] ? mark_lock+0xf5/0x2df0 [ 1508.116107] ? slab_free_freelist_hook+0xa9/0x180 [ 1508.116707] ? mark_lock+0xf5/0x2df0 [ 1508.117192] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1508.117884] io_issue_sqe+0x3bd6/0x77b0 [ 1508.118391] ? perf_trace_lock+0xac/0x490 [ 1508.118910] ? io_connect+0x610/0x610 [ 1508.119386] ? __lockdep_reset_lock+0x180/0x180 [ 1508.119969] ? lock_acquire+0x197/0x470 [ 1508.120464] ? find_held_lock+0x2c/0x110 [ 1508.120976] __io_queue_sqe+0x90/0x9d0 [ 1508.121460] ? rwlock_bug.part.0+0x90/0x90 [ 1508.122022] ? io_issue_sqe+0x77b0/0x77b0 [ 1508.122539] ? do_raw_spin_unlock+0x4f/0x220 [ 1508.123089] ? _raw_spin_unlock+0x1a/0x30 [ 1508.123605] ? io_drain_req+0x603/0xb20 [ 1508.124105] io_submit_sqes+0x44aa/0x8610 [ 1508.124644] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.125263] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.125900] ? find_held_lock+0x2c/0x110 [ 1508.126412] ? io_submit_sqes+0x8610/0x8610 [ 1508.126957] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.127566] ? wait_for_completion_io+0x270/0x270 [ 1508.128170] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.128748] ? vfs_write+0x354/0xb10 [ 1508.129213] ? fput_many+0x2f/0x1a0 [ 1508.129687] ? ksys_write+0x1a9/0x260 [ 1508.130178] ? __ia32_sys_read+0xb0/0xb0 [ 1508.130688] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.131341] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.131986] do_syscall_64+0x33/0x40 [ 1508.132449] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1508.133084] RIP: 0033:0x7f33fff70b19 [ 1508.133547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.135861] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.136810] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1508.137729] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1508.138621] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.139509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1508.140395] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1508.154763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.155649] blk_update_request: I/O error, dev sr0, sector 519 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.163320] FAULT_INJECTION: forcing a failure. [ 1508.163320] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.163683] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.166967] CPU: 0 PID: 8850 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1508.167684] blk_update_request: I/O error, dev sr0, sector 775 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.169604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.169609] Call Trace: [ 1508.169630] dump_stack+0x107/0x167 [ 1508.169647] should_fail.cold+0x5/0xa 23:28:09 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, 0x0, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1508.176523] ? create_object.isra.0+0x3a/0xa20 [ 1508.178344] should_failslab+0x5/0x20 [ 1508.179673] kmem_cache_alloc+0x5b/0x310 [ 1508.180443] create_object.isra.0+0x3a/0xa20 [ 1508.182074] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1508.183001] __kmalloc+0x16e/0x390 [ 1508.183636] io_setup_async_msg+0xda/0x2d0 [ 1508.184429] io_recvmsg+0xc26/0xd70 [ 1508.185130] ? io_sendmsg+0x830/0x830 [ 1508.185803] ? kfree+0xd7/0x340 [ 1508.186445] ? mark_lock+0xf5/0x2df0 [ 1508.187153] ? slab_free_freelist_hook+0xa9/0x180 [ 1508.188045] ? mark_lock+0xf5/0x2df0 [ 1508.188725] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1508.189703] io_issue_sqe+0x3bd6/0x77b0 [ 1508.190475] ? perf_trace_lock+0xac/0x490 [ 1508.191284] ? io_connect+0x610/0x610 [ 1508.191763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.191942] ? __lockdep_reset_lock+0x180/0x180 [ 1508.192014] ? lock_acquire+0x197/0x470 [ 1508.194413] blk_update_request: I/O error, dev sr0, sector 1031 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.195142] ? find_held_lock+0x2c/0x110 [ 1508.195168] __io_queue_sqe+0x90/0x9d0 [ 1508.199677] ? rwlock_bug.part.0+0x90/0x90 [ 1508.200486] ? io_issue_sqe+0x77b0/0x77b0 [ 1508.201272] ? do_raw_spin_unlock+0x4f/0x220 [ 1508.202091] ? _raw_spin_unlock+0x1a/0x30 [ 1508.202814] ? io_drain_req+0x603/0xb20 [ 1508.203576] io_submit_sqes+0x44aa/0x8610 [ 1508.204396] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.205331] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.206273] ? find_held_lock+0x2c/0x110 [ 1508.207014] ? io_submit_sqes+0x8610/0x8610 [ 1508.207711] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.208387] ? wait_for_completion_io+0x270/0x270 [ 1508.209070] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.209680] ? vfs_write+0x354/0xb10 [ 1508.210217] ? fput_many+0x2f/0x1a0 [ 1508.210690] ? ksys_write+0x1a9/0x260 [ 1508.211258] ? __ia32_sys_read+0xb0/0xb0 [ 1508.211787] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.212513] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.213237] do_syscall_64+0x33/0x40 [ 1508.213738] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1508.214699] RIP: 0033:0x7fa048f33b19 [ 1508.215398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.218744] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.220517] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1508.221713] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1508.223298] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.223692] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.224431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1508.224440] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1508.229774] blk_update_request: I/O error, dev sr0, sector 1287 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.233091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.234642] blk_update_request: I/O error, dev sr0, sector 1543 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.271584] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8851 comm=syz-executor.1 23:28:09 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x0) [ 1508.332295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.334373] blk_update_request: I/O error, dev sr0, sector 1799 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1508.346096] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8855 comm=syz-executor.1 23:28:09 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, 0x0, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1508.381139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.382149] blk_update_request: I/O error, dev sr0, sector 2055 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1508.402361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.403190] blk_update_request: I/O error, dev sr0, sector 2311 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 23:28:09 executing program 1: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0xc0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000280)=ANY=[@ANYBLOB="9690a334dd31e83fa655a1f7c303f4493d137506048aad446938714d9531fd0c9fbdb773f7417d34805476dfaf7766cd94a5ab1e975123bb891430115012ca298a36740b70daae486c81b9ab0d014df72b26f6bd65b0826924e284026469ec15d84210629896cb1f875b5f9700224b0e56b9fe324c4f99efcc3a58a115451ab8d084ee52e1c7e2449cae4ed2ac70a1de563209f4c454ff799ee761b4028af2bce684fdb4c1d73c11c9868735b0920cc2adcf0000a164eec807458e510eefc013f4a5", @ANYRES32=0xffffffffffffffff, @ANYRESHEX=r0]) openat(r3, &(0x7f00000000c0)='./file0\x00', 0x34880, 0x104) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r2, &(0x7f0000000240)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000001c40)={0x0, 0x3}, 0x4) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r7, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r8}) openat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x3c7802, 0x9b) bind$packet(r3, &(0x7f0000000100)={0x11, 0x19, r8, 0x1, 0x9, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14) sendfile(r2, r1, 0x0, 0x500000001) [ 1508.427107] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.430805] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.436643] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.441429] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.442393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.450119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.451053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.455554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.476920] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.482554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:09 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x0) [ 1508.488127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.488922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.489918] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.500123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:09 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) [ 1508.504778] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:09 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, 0x0, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:09 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) [ 1508.509140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.513593] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.518374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.520468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.523256] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.524319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.527793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.530684] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.534869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.538425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.541831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.552240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.553477] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.554575] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.563544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.570498] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.583374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.592169] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.593328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.595122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.596289] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.597284] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.600717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.604151] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.606410] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.609764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.612074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.615652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.619071] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.620124] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.623525] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.628768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.632900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.646465] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.649797] FAULT_INJECTION: forcing a failure. [ 1508.649797] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1508.653197] CPU: 1 PID: 8874 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1508.654164] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.655222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.655227] Call Trace: [ 1508.655245] dump_stack+0x107/0x167 [ 1508.655260] should_fail.cold+0x5/0xa [ 1508.655279] _copy_from_user+0x2e/0x1b0 [ 1508.655299] __copy_msghdr_from_user+0x91/0x4b0 [ 1508.661598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.662363] ? __ia32_sys_shutdown+0x80/0x80 [ 1508.662379] ? unwind_next_frame+0x13ef/0x1a90 [ 1508.662401] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1508.668246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.668827] ? 0xffffffffa0000000 [ 1508.668847] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1508.668860] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1508.668873] ? create_prof_cpu_mask+0x20/0x20 [ 1508.668885] ? arch_stack_walk+0x99/0xf0 [ 1508.668907] io_recvmsg+0xae8/0xd70 [ 1508.670214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.670727] ? kfree+0xd7/0x340 [ 1508.676622] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.678105] ? lock_chain_count+0x20/0x20 [ 1508.678118] ? io_sendmsg+0x830/0x830 [ 1508.678131] ? kfree+0xd7/0x340 [ 1508.678146] ? mark_lock+0xf5/0x2df0 [ 1508.678158] ? slab_free_freelist_hook+0xa9/0x180 [ 1508.678179] ? mark_lock+0xf5/0x2df0 [ 1508.681320] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.681361] ? lock_chain_count+0x20/0x20 [ 1508.689253] ? lock_chain_count+0x20/0x20 [ 1508.690541] ? __lock_acquire+0xbb1/0x5b00 [ 1508.691778] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1508.693305] io_issue_sqe+0x3bd6/0x77b0 [ 1508.694486] ? perf_trace_lock+0xac/0x490 [ 1508.695682] ? io_connect+0x610/0x610 [ 1508.696788] ? __lockdep_reset_lock+0x180/0x180 [ 1508.696854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.698153] ? lock_acquire+0x197/0x470 [ 1508.698165] ? find_held_lock+0x2c/0x110 [ 1508.698185] __io_queue_sqe+0x90/0x9d0 [ 1508.698197] ? rwlock_bug.part.0+0x90/0x90 [ 1508.698211] ? io_issue_sqe+0x77b0/0x77b0 [ 1508.698221] ? do_raw_spin_unlock+0x4f/0x220 [ 1508.698234] ? _raw_spin_unlock+0x1a/0x30 [ 1508.698244] ? io_drain_req+0x603/0xb20 [ 1508.698261] io_submit_sqes+0x44aa/0x8610 [ 1508.698295] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.702409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.702632] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.702648] ? find_held_lock+0x2c/0x110 [ 1508.702664] ? io_submit_sqes+0x8610/0x8610 [ 1508.705160] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.705941] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.705958] ? wait_for_completion_io+0x270/0x270 [ 1508.705973] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.705986] ? vfs_write+0x354/0xb10 [ 1508.705998] ? fput_many+0x2f/0x1a0 [ 1508.706011] ? ksys_write+0x1a9/0x260 [ 1508.706023] ? __ia32_sys_read+0xb0/0xb0 [ 1508.706045] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.709366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.710398] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.710412] do_syscall_64+0x33/0x40 [ 1508.710424] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1508.710433] RIP: 0033:0x7fa048f33b19 [ 1508.710444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.710451] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.710464] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1508.710477] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1508.714506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.715154] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.715161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1508.715168] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1508.737369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.739452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:09 executing program 1: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x0) [ 1508.749818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.754263] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.756553] FAULT_INJECTION: forcing a failure. [ 1508.756553] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.760149] CPU: 1 PID: 8878 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1508.762333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1508.764935] Call Trace: [ 1508.765763] dump_stack+0x107/0x167 [ 1508.766891] should_fail.cold+0x5/0xa [ 1508.768072] ? create_object.isra.0+0x3a/0xa20 [ 1508.769497] should_failslab+0x5/0x20 [ 1508.770692] kmem_cache_alloc+0x5b/0x310 [ 1508.771954] create_object.isra.0+0x3a/0xa20 [ 1508.773317] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1508.774965] __kmalloc+0x16e/0x390 [ 1508.776078] io_setup_async_msg+0xda/0x2d0 [ 1508.777397] io_recvmsg+0xc26/0xd70 [ 1508.778547] ? io_sendmsg+0x830/0x830 [ 1508.779731] ? kfree+0xd7/0x340 [ 1508.780761] ? mark_lock+0xf5/0x2df0 [ 1508.781940] ? slab_free_freelist_hook+0xa9/0x180 [ 1508.783446] ? mark_lock+0xf5/0x2df0 [ 1508.784626] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1508.786284] io_issue_sqe+0x3bd6/0x77b0 [ 1508.787537] ? perf_trace_lock+0xac/0x490 [ 1508.788827] ? io_connect+0x610/0x610 [ 1508.790024] ? __lockdep_reset_lock+0x180/0x180 [ 1508.791482] ? lock_acquire+0x197/0x470 [ 1508.792722] ? find_held_lock+0x2c/0x110 [ 1508.794012] __io_queue_sqe+0x90/0x9d0 [ 1508.795225] ? rwlock_bug.part.0+0x90/0x90 [ 1508.796548] ? io_issue_sqe+0x77b0/0x77b0 [ 1508.797854] ? do_raw_spin_unlock+0x4f/0x220 [ 1508.799228] ? _raw_spin_unlock+0x1a/0x30 [ 1508.800516] ? io_drain_req+0x603/0xb20 [ 1508.801774] io_submit_sqes+0x44aa/0x8610 [ 1508.803088] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.804647] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1508.806170] ? find_held_lock+0x2c/0x110 [ 1508.807437] ? io_submit_sqes+0x8610/0x8610 [ 1508.808789] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1508.810313] ? wait_for_completion_io+0x270/0x270 [ 1508.811819] ? rcu_read_lock_any_held+0x75/0xa0 [ 1508.813267] ? vfs_write+0x354/0xb10 [ 1508.814436] ? fput_many+0x2f/0x1a0 [ 1508.815568] ? ksys_write+0x1a9/0x260 [ 1508.816752] ? __ia32_sys_read+0xb0/0xb0 [ 1508.818031] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1508.819676] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1508.821290] do_syscall_64+0x33/0x40 [ 1508.822461] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1508.824071] RIP: 0033:0x7f33fff70b19 [ 1508.825232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1508.831084] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1508.833469] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1508.835727] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1508.837981] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1508.840220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1508.842477] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1508.849132] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.858118] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.864175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.869710] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.871600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.894231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:09 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x0) [ 1508.910277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.915165] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:09 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) [ 1508.936210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.945295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.955375] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.957385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.959952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.961856] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.963847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.965778] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.967755] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.969667] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.971502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.972428] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.973329] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.975296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.977187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.979130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.981067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.983037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.984963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.986856] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.988819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.990760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.992672] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.994594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.996491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1508.997896] FAULT_INJECTION: forcing a failure. [ 1508.997896] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1508.998460] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.000745] CPU: 0 PID: 8890 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1509.002622] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.004574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1509.004579] Call Trace: [ 1509.004597] dump_stack+0x107/0x167 [ 1509.004620] should_fail.cold+0x5/0xa [ 1509.009286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.009850] _copy_from_user+0x2e/0x1b0 [ 1509.009868] __copy_msghdr_from_user+0x91/0x4b0 [ 1509.011832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.012752] ? __ia32_sys_shutdown+0x80/0x80 [ 1509.012768] ? unwind_next_frame+0x13ef/0x1a90 [ 1509.012784] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1509.014495] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.015807] ? 0xffffffffa0000000 [ 1509.015826] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1509.015850] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1509.017505] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.018584] ? create_prof_cpu_mask+0x20/0x20 [ 1509.018596] ? arch_stack_walk+0x99/0xf0 [ 1509.018619] io_recvmsg+0xae8/0xd70 [ 1509.020517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.021881] ? kfree+0xd7/0x340 [ 1509.021897] ? lock_chain_count+0x20/0x20 [ 1509.021924] ? io_sendmsg+0x830/0x830 [ 1509.023229] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.024306] ? kfree+0xd7/0x340 [ 1509.024322] ? mark_lock+0xf5/0x2df0 [ 1509.024334] ? slab_free_freelist_hook+0xa9/0x180 [ 1509.024349] ? mark_lock+0xf5/0x2df0 [ 1509.026259] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.027606] ? lock_chain_count+0x20/0x20 [ 1509.027623] ? lock_chain_count+0x20/0x20 [ 1509.027639] ? __lock_acquire+0xbb1/0x5b00 [ 1509.029319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.030226] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1509.030249] io_issue_sqe+0x3bd6/0x77b0 [ 1509.031577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.032914] ? perf_trace_lock+0xac/0x490 [ 1509.032927] ? io_connect+0x610/0x610 [ 1509.032941] ? __lockdep_reset_lock+0x180/0x180 [ 1509.032959] ? lock_acquire+0x197/0x470 [ 1509.034348] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.035179] ? find_held_lock+0x2c/0x110 [ 1509.035201] __io_queue_sqe+0x90/0x9d0 [ 1509.035224] ? rwlock_bug.part.0+0x90/0x90 [ 1509.036661] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.037832] ? io_issue_sqe+0x77b0/0x77b0 [ 1509.037845] ? do_raw_spin_unlock+0x4f/0x220 [ 1509.037859] ? _raw_spin_unlock+0x1a/0x30 [ 1509.037885] ? io_drain_req+0x603/0xb20 [ 1509.039224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.039752] io_submit_sqes+0x44aa/0x8610 [ 1509.040769] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.041469] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1509.041483] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1509.042561] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.043367] ? find_held_lock+0x2c/0x110 [ 1509.043392] ? io_submit_sqes+0x8610/0x8610 [ 1509.044290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.045100] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1509.045116] ? wait_for_completion_io+0x270/0x270 [ 1509.046209] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.047333] ? rcu_read_lock_any_held+0x75/0xa0 [ 1509.047346] ? vfs_write+0x354/0xb10 [ 1509.047361] ? fput_many+0x2f/0x1a0 [ 1509.050442] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.051500] ? ksys_write+0x1a9/0x260 [ 1509.051514] ? __ia32_sys_read+0xb0/0xb0 [ 1509.051534] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1509.053294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.054160] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1509.054175] do_syscall_64+0x33/0x40 [ 1509.054190] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1509.056101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.057027] RIP: 0033:0x7fa048f33b19 [ 1509.057039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1509.057045] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1509.057063] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1509.058553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.059498] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1509.059506] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1509.059512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1509.059519] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1509.123627] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.125538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.126860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.128568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.130406] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.132264] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.133155] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.134888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.135776] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.137759] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.139730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.141665] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.143601] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.145365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.147860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.149859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.152292] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.153384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.155372] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.157316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.158715] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.160717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.162721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.164386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.166136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.167894] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.169595] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.171564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.172788] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.174702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.176602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.177721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.181330] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.183412] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.185113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.187325] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.188548] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.189865] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.191153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.192297] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.193510] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.194642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.195790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.196971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.198028] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.199090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.200816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.201885] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.203004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.204642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.206294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.207908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.209533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.211171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.212795] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.214431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.216070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.217696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.219420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.221054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.223636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.225515] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.228031] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.230467] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.233600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.235260] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.237062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.238874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.240884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.242777] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.244572] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.246393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.248180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.250036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.251821] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.256136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.257976] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.259756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.261564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.264430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.265454] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.267369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.268456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.270203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.272061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.273039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.274210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.276102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.277787] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.279542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.281245] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.282973] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.284698] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.285890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.287614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.289354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.291117] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.292847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.294599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.296011] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.297073] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.298794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.300499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.302205] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.303949] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.305679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.307262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.308996] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.310720] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.312308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.313328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.314445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.316286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.318222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.320207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.321966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.323670] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.325048] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.326145] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.327235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.329118] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.331078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.332861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.334795] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.336068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.337104] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.338327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.339483] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.341248] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.343125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.344890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.346666] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.347682] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.351406] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.352464] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.354009] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.357103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.362425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.363695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.364569] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.365693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.367333] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.369102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.370924] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.372763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.374915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.376696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.378652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.380411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.382193] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.384060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.386103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.387848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.389583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.391493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.393369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.395830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.397728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.399597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.401546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.403593] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.404893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.406654] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.408377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.410991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.412773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.414565] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.416327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.417312] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.419083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.420053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.421815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.422976] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.424652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.425829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.428951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.432586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.434514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.436393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.438152] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.439878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.441550] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.443361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.447419] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.449177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.451098] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.453044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.454764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.456431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.459649] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.461486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.463381] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.465239] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.467120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.469124] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.470875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.472758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.474531] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.476434] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.478167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.480122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.482225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.484224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.486136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.487874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.489656] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.490952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.491997] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.493411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.494458] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.495491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.496513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.497538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.499266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.501179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.503486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.505243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.507078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.508050] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.509092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.510226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.512188] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.514350] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.516102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.517840] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.519538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.520638] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.521673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.522838] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.523982] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.525133] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.527087] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.528858] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.530728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.532417] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.534186] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.535492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.536527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.537553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.538678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.539872] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.541502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.543247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.545068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.547333] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.549050] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.550879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.552335] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.553378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.554434] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.556110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.557883] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.560112] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.563228] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.564288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.565318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.566789] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.567845] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.569667] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.570818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.571853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.573081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.574383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.575408] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.576530] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.578183] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.579989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.582293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.584178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.586002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.587730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.589573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.591273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.593540] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.595393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.596610] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.598199] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.600088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.602064] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.603137] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.605001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.606804] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.608635] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.610340] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.611253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.613865] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.614919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.616642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.618570] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.620524] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.622435] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.624215] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.626093] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.627114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.628110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.630767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.631689] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.632730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.634617] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.635847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.637539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.638459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.640411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.641395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.643126] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.645633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.646671] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.648368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.649268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.650994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.651851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.653591] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.654602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.655733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.657608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.659980] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.661079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.666334] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.667535] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.669544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.670587] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.672425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.674223] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.675990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.677847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.679597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.681527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.682666] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.684666] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.686651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.688523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.689736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.691526] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.693406] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.695386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.697018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.698808] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.700487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.702241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.704002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.705761] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.707470] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.708600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.709742] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.710879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.712811] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.713814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.714853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.716694] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.717701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.718797] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.721074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.722917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.724711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.726418] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.728136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.729180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.730207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.731421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.732514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.734647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.735767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.736792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.738069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.739100] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.740967] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.742661] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.744287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.745991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.747663] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.749369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.751175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.752955] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.754647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.756314] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.758063] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.759761] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.761459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.762611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.763631] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.765792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.767629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.769395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.771176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.772939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.774234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.775756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.776714] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.777753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.778873] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.781034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.782798] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.784517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.785549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.786731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.788394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.790159] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.792081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.793091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.794633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.796484] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.798177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.799201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.800166] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.801111] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.802302] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.803213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.804882] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.806204] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.807081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.808009] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.809054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.809861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.810682] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.811486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.812309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.813115] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.813996] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.814760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.815553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.816344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.817170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.818002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.818766] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.819552] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.820342] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.821183] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.822356] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.823271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.824151] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.825174] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.826271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.827180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.828118] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.829036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.829993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.830851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.831869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.833654] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.834557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.835492] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.836390] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.837328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.838234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.840007] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.841002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.842762] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.843659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.844600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.845503] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.846454] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.847355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.848278] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.849278] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.851116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.852011] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.852837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.853763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.854875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.855780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.856592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.857461] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.858549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.859664] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.860508] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.861352] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.862310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.869544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.874994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.875884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.876871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.878135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.879321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.880316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.881179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.882267] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.883110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.883972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.884813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.885679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.886573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.890012] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.891110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.892178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.893263] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.902141] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.903101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.903972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.904792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.906089] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.907059] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.908261] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.909131] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.911039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.912101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.913224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.922073] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.923202] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.924201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.925583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.926754] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.927606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.928447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.929291] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.930580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.931740] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.933998] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.935041] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.936045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.937589] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.938562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.939868] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.940722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.941567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.942465] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.943310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.944148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.944985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.946016] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.947069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.948116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.949125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.958052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.966681] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.967695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.968659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.969757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.971525] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.972521] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.973478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.974387] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.975316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.976197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.977082] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.978101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.978985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.979897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.980786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.981848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.982861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.983877] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.984829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.985969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.986895] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.987896] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.988877] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.990553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.991559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.992583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.993572] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.995390] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.996397] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1509.998708] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.000966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.010885] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.012002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.012813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.013625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.014968] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.016147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.016952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.018062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.030074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.030891] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.031767] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.032595] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.033421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.038580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.039518] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.040470] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.041374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.047019] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.047864] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.048736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.049566] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.050541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.051497] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.052427] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.053286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.058786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.059662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.060542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.061411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.066754] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.067720] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.068611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.069487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.070436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.071307] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.072225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.074431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.077008] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.077911] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.078891] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.080254] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.081152] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.086655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.087558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.088399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.089371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.090362] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.091277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.092147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.092995] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.094009] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.095372] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.096247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.097227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.102620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.103516] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.104436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.105440] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.110548] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.111450] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.112293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.113267] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.118368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.119293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.120167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.121067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.122533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.123418] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.124277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.125226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.130752] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.131594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.132478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.133343] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.134267] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.135179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.135986] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.136925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.138317] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.139216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.140083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.140884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.141862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.142897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.143794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.144673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1510.145632] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 23:28:26 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 23:28:26 executing program 1: openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x404000, 0x0) r0 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000000, 0x20010, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x400000000000095, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x84) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x2, 0x25, 0x5, 0x2, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf0, 0x0, @perf_config_ext={0x5efb, 0x80000000}, 0x800, 0x1, 0x12f7, 0x7, 0x7, 0x3, 0x0, 0x0, 0x3ff, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000200)={r4, 0x1, 0x6, @link_local}, 0x10) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000180)={'sit0\x00', &(0x7f00000003c0)={'sit0\x00', r4, 0x4, 0x3, 0x80, 0x9, 0x1, @remote, @loopback, 0x8000, 0x720, 0x85, 0xb018}}) creat(&(0x7f0000000040)='./file1\x00', 0x60) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x20002, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8936, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x23}, 0x3f}) openat(0xffffffffffffffff, &(0x7f0000000440)='./file1\x00', 0x4100, 0x18a) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000000280)}, 0x0, 0x8abb4d2a8b028460}, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000140)='\x00', 0x0, 0xffffffffffffffff) 23:28:26 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x4a0801, 0xa0) close(r0) [ 1525.449215] FAULT_INJECTION: forcing a failure. [ 1525.449215] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1525.451026] CPU: 1 PID: 8894 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1525.451876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1525.452907] Call Trace: [ 1525.453248] dump_stack+0x107/0x167 [ 1525.453705] should_fail.cold+0x5/0xa [ 1525.454188] _copy_from_user+0x2e/0x1b0 [ 1525.455135] __copy_msghdr_from_user+0x91/0x4b0 [ 1525.456273] ? __ia32_sys_shutdown+0x80/0x80 [ 1525.457343] ? unwind_next_frame+0x13ef/0x1a90 [ 1525.458507] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1525.459803] ? 0xffffffffa0000000 [ 1525.460651] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1525.461744] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1525.462708] ? create_prof_cpu_mask+0x20/0x20 [ 1525.463270] ? arch_stack_walk+0x99/0xf0 [ 1525.463788] io_recvmsg+0xae8/0xd70 [ 1525.464245] ? kfree+0xd7/0x340 [ 1525.464662] ? lock_chain_count+0x20/0x20 [ 1525.465180] ? io_sendmsg+0x830/0x830 [ 1525.465657] ? kfree+0xd7/0x340 [ 1525.466075] ? mark_lock+0xf5/0x2df0 23:28:26 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 1) 23:28:26 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 23:28:26 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0200000000000000"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:28:26 executing program 0: perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000440)) r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x1}]}) keyctl$KEYCTL_MOVE(0x1e, r2, 0xfffffffffffffffc, r1, 0x0) add_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0x0) r3 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa) request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='\\&\\^+%))#7\x00', r3) request_key(&(0x7f0000000280)='rxrpc_s\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000300)='\x00', 0xfffffffffffffffc) r4 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000200)={0x0, "f038679de021f8c801000000000000009d1fa459d07100000000bc7ae631f7a54805ff070000000000093393d0e1c7391515c7ab7c8e0600", 0x27}, 0xffffff93, 0x0) add_key$keyring(&(0x7f0000000340), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4) add_key$user(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x2}, &(0x7f0000000880)="1c883ff67a9080ed3d28ec2ed42a6b2308435b60f8196abcb54d2d3c64bfb6605a792efd71b6d32412c4098b839ad55f5cbd16bbb8320a2ecc550ec38c17329b9115ab7c392436b40f7e676005992507920b5b108ea499e5e527a84d3a4a2d51c79230bae89fb3c59aa8aa176e88f6a774084faff9ffb2c4138be6a9441cd9a288ff6502eeb7897621e5a31157b5e8d2eea728adbdc12a33233db5ddb7148b1b20b9dc0cbfe939950246c2afcc225871b6225f433ca27dec4c7403759e2c4c9db792fc717bc1698b81b595062124507457893f83014cd5e5fb4b51ddaa00503264fe2cbe498856801f630c5a329aeee4c5748eeba69bc18ce64c1fc88129c1c39ba9e48ab13419a93e9c2d36ffd5f9743fffb11bbf4355c8fb894c7a79ef071554a67b3e16b83651fbb5d72ad4abe8b08b109e6119866b09e76f1c5fc66004a6f8de52461cf21cc49a51157666c63464a3e9b219f23e862df730156526a707bfc253517affe0d33f74c4c4dfa7cc30e478d31c26b273f6f0809d95b208594357dba1af00a3e9aa3fe53c297facd5e1843047fd8b418715bc80cc7e629dc8189168b5866e1c151af4efc1168bea585bc20ec46a7965a664c2ac1d3c370c7da2abab93900eaf95958e886924fecc4c8b45a2f093f385789d08ef126badf0f12e02df2b1a64aa91f9e9cf5edb64e20226bb2495212c3f973451e6f70c865d08f761b313cef739e3e0557cae2020f4c8522353153f3de7ebd6de50408e96742d38a87e2db3a70425d1a1701e406660d434ffc679c95508e5be7509df71d19322f50c2e75e44ea327f5ee7e3f232f21ee41d3848de7cd04f6b0c980127c08e2151750ede3df2daa732bc456e35fea9092cb10021db34a946a9d888ca100299f5d2c8b5ea6d08ddc859709b48929194cddb89f15f15c6732ad187695f3ffb596df71739adbc437b0773b243be72c83fcc3cfab9cc4c51512b5fa001b980e51d618aa23543f7f5319186bff6a5735abbf032416b3fa438a0d625aa81a6f13691aa5ee144508f282ab0eeebfed9324c262d9c41da908d8d826d4c41c27853b93796e1e467401a2e015792d3697a8a6d8a9b57aad8312560a9ab7d02dc98023be4c406509b55086bafe51775794e646b0bac4a28f32bdb1b5f4da0accecc2fcea66b00799fef33812dd5e66ddd81539a36b8206ba80bd608aea64b3db3a9e07a559e2b1dd7c691898021e9fee65ad487cdddb8957509fff9f71ff3b274ea25ed9d998a71fb67e5cc902cabc993e63ccd4d4880eb89cfc08e913488f7f78d0e9ef7a5084b17d6738795a4f71b3c7aa69667ccb44145c4df5b67637a53355504c532b048291feee3ec5f5e6f56ec4e078b51e07fc22f6706531c71008ec9c00093d04025b00b862fbe674b8a23fe443eec03efc2a1e5b42943309c0cb6e8c6bf5c28a7a6a2cd23076f5ed40c9b4dd3e1025ebd4302c0bdf7b0887793cd954d4dfb3554c6025411421069f30465997ee7ef00bd78608fa49430c329c5a676aff9337a2e9c781ba4c215b46edc3da2ac727deed8c6b2c2f1f1f77aa11b04cd5e49c96ac63e3b9ce4fb49a6dcbb9308a5abefc6eab0504f2bba60083d8fcf02ef344bdaa16840885044604c442a0ac458e08bead0e976e997fd364afc03fc578af345ff6ca943c2e804aab1008360ebf9c000addbb24083e65353c6f0a18f2c544b24c7c931b32f83c7b9f2aa2fbfb17b43bdde5f61485afb238d230936f8110c40a17134b925ac9c6fe41b75f19bc75c61a561bbda270f215ca2d948c2e3732e4f885a0b06fc4fa1f7a44ab45e40656b8eff1855a2607f0984589aae841e54cec90e63d95f8856b8b329420f378a630897f9fb77a631420849e2f68f9d960c8aa579995faebcb11eccbee1b215c47fa8ec2f6116607708a932547300b09ea5f665ba04c0cd3df2dd20035f1d74747f57cbd464c261166cc24594f523ef883b0ad190a3dd3b5bb547876a551fb3090d675a4ff824ca5b6c536ba3bdecf0f8d6e41796f6eb5a89662d192b0c3159e18dab152a0e1fd8415f98e0a3410c3e371acc7425aec8f98a07157fd385b0ff97e9f0ec0902706ea6cd1f7dbed9e65c9499d758e14758d16ca040b7c3b9cec2cade4dc99df9f21032e57d1af118947df928d5eb594a79f6f20d82a8e247d053ff6e29b4b7450e5c5cb12f0d6f07b50783957a30b1af508eb24f52f5e3b70a05705c5c4a1aeed3ab8eff6d0bdf9a428e015a73ac784a2127a1b761b6b13e70b38bea3b76a9695c019470ea51fd5afe690e8b3ef504c717c93daa101881288f9c0e729708b46757d38dfbfa8da88ae2db19c1cd52f1392ad4c527bee2bf97f99978f712f9e25e2c3dcb0049884a942ac629a906aad46e949ce6003e7910128a1aa3a55952067fcdae1d7b582493dc1736174fc7747fe04c5b75364ae2978ffcaf46dcb6bc3b006f2948a5c1857811157002872e4cb6aa6ac0e6f7018fba0303f120ed8a6333c230dfbaf4ad7702bfcdcb1a45c193c90a9335d31afa17dc019c0559e2e8e68934fcba8ad850e67fe2f96f8053a94e8c7086c17bd088d8f0092774c8fee9280f111098e9ad62e018ecedf2168cad0dcb4fa809481b5f4127459bde555dbc190e34144836c304049ffa016426ba39c3c0a460585136788eacb1b93ede6a1a3e0d6a797838372e68a33fbc9de0cd3b957c8dc6d02a46af13cfa7c27d4e1259b74e78df5c16dd71a1d93f259fa5f3ac8c8331fce8fed9cd0869fca9ef45c295260beadf0b958f3282fc20c328c0aa0b0366d73cfba0ea9b6b73a1509bb57f0babd9425152c8477bdfd7cb6f84da41be5750084bcade903d2bda97c41e8d69d16e34db74c62d4a52a53d9703fcd81505215a2f1cba35e80dc8733409af48b55afba1d8e2e4956c0bad68e84fd31016570e95523e86c1a058346c20e28149714fb250fcdf2d8e9b4e37a2e665cc0ea057da7f67e27d492a6526a9d7afa8d064463af7bd6fdafeb5365059cbc384f73b491563783b0655b96bf64c705e00d2407ee118def0bd097033d79661b94cd4489adbdd5df92bb79b2d121fbd353cfa4d175684502945cf87528ebe1235c3d7b1ced1f17f908103888432d049f2b179e16a45e5ef438159e92bca536865b87a74b7a9ed13b40ca5a597c3bb7bccc1ab57a2bf7abebacaf79b6843f6667c6a5d72c20cd4f427268a772a3b77d154d88bed4b90a58c4606cb281887b0055dedc78414b5dcc9785ac66bb372b7c7b1a7a221771b9127dd2a259e0c91a49a7a20ef0039daebee34681ad04ea32d658786bfd6d2921ef47b772c8335c04571a0e50867cdf65cbbcdc624901b084aa6e796b999039b9cb037ad61e69167e66792b9eea2081f459af332f5e8dd1261f5c11d67e021d25a5032b5eea69fdbe935dfde547b9efb519fa07c9d824933e0cdd6824bcd70a9ecfdf6d2d92a8b45ff0daf4bb9975ad2a62c5971612ec879d449e09b2193dacd0615b7c744178d142cd1ae196ba3a53aea563794c7d267d87c1c97341284a2c504668bec43d41e4af37819bd9ed6fd1f4d319ed501a6bf37fbb8d3ba8cb72a1075b4403df3fc18f37aad60fadc2879ded2a26544e08820828469e493b05caa1090abd50dea08feaf938af07241ad24ddf2de137e04c1097042f5262faffabc031d3d40fcaf96b0266e9cfa51d86e2e22aa5abf5a0769bf106819902e5ee9d5f2d1d171fb008745589f5ea3bfabceba6dbab96a7d857fbf14abe016eb7f399da9e8287f88af018635faa1d8e133cefeb73488d6f46646db0c0ccbc7295f943defe830cd3f07ebc9ec2a4689e5229397f001df6b300d3e41252daea67fb00fd2428006075836978f224597cee7c67aa93e45312c0d80b01dd9848ae27059ea84be19eb134104fbaa0e3a35597b8cbd5080130d82438770e63df838a5140aa63d717f76776e6c54257d4a217cab7c4b892b80063553b6783ee93d6d5eeadc367e6fbe1623cf2e1c4283eaea225f1867f6973444b88ab381ccaa2b505cabd9f46c9f8cad991b197d14ffd6bf6f83a261f781074463cb63c9c227f7c375864f140ed3bef0617a721fe17f15b60757b2639fa2cc5a2c4856b409fd1050f645e112da5b8597d3901b821153af161105fba91479982c808a68edb4b3ab722888b806510dabbff003879c07207dada0cf911d9a9aabb5f6e1cf12e4148301dd437e362f34a0498cdd16aea6379cc0689511b81f27ed8338fd4113a9e12816a536d7e84d039e87f71ab4109bf71f645936fbf8d5e64dba57a0d34e3f8acc00b7a5390d574d7e19d06b6e12b6e53ba7845ebb5588d3adc8f7e88d34ddf9b73accae3f57189f4147dd897b439c5bcaeb76ca8e817158b5f5baeb9195e4ce90822e34e3cb2d0afdb030fc5ed1ccc022451deb72d713b9d11b82aab1c8b500b8ba79ec3adc827d45477257c77ccd3cc568ce41aec8e2e17614354202a2a265e8fa59b7b46c74305ea168064145639d8810c347f305e0dd39a905e86115025448c545b0f0a7bc31b6e91930212914235095d3f0f6e6390b685b0a076d46ac6f4a1ddc0fb977107c6c2da0f779146b836326c189023893e9ee0ac7024cd5b34217a3abe7cebf6207405d1bd80ed759a482f0f7d8f5d6af718c757c5d519f1ca8c2d69da8db39e8ce170af95f8c9d3a59d155e5ea38c0fd692ce949ed99bf37d493d227345e9da818d9a5213e701c57238186228318e8956dc07d555e49891d20d6ad6bd0a5133f8b43c936bfe74b941f03f9fdbaf2445b40088003c86d450fc4f8c7591891b05883205889ef0ed7360f323565f637c3f812737aab38dff6660a9a24439a882d28a107a9e3635e45268d500b59722fab03a885072c1b880dff9efdd4bcad3c5fa57d7ac2b42f657614e913a848e822f838b3761ab47cf9e3410be6c61c2314f5c9e7fbc9d58c275eb5b22541659e634929dcc68865f7bb73118bd4697ca29bec842971c1aad2946e29626838a99780e3290a23d0e774c5b39af516bb89bfdf56d44b218c8903f968bf9a4673a62ec675c484740dfcb87270b1cd5bbe99641067f59da2a9c6608c4fe6d4a4fc6738ec6db5859c12a2624229fd8f4a26ccfa7b55fc33e5b788197ee5802c853fe457c97af98d459b7a1a0e26c6601fbb9f26b85991d959e8eb61db243a3b7c7d26146e1a83f65c28310713dcc0fd39fed3a55d5053496a5104268c6c5220e610fed22bf985eea6b29584f94313c70f7e403d3d5ca60168c5f38aed54ce11e40bb03f74401986990d7d65f82a86cd939d9483b4a5657e0ae8627be9c7201674a517cafbf7d7400c310bd82ec9c49ebc7f0919fae789787e2e9eb74d1f00999ca7a16fb88cb9bdc287ba0bf7a6b27227bde9aa3f4d14efe33d01089dd9d6eb9afabc709608523ca63b93f64aa5c809a822735fa5d6f220b2150565dcddf414f42d379b9cb451d39869bc03364f820e7840e435e85e6505d2a7eab1399bce808031ffb2c11ad788a96214e9a89b8e530322e8cf81b23910983efb06b73870a7b605a5d7f7a5b2beb2a3c6852112f8de1d93b184a216336dab7d56b1237b0042835c81ec8de2be13b6cfaf4dbf999d38de51e1a3e55b84c9b7ed628cc09d5217b0fd293281889cbe816c8e60dffd29c6e93d2451efdcd339df12ec7c4d2e29c8f2f983cc47bcc7e8e8a62142725fc1ba4ac84fafe824a8eee9ef946a2d454714aa05f138c4fe800e8faa4a26b54cbe0e6e5954edbf5dfa248086b71f820c8fd62a70960c9277f08afa97aa0afbe", 0x1000, r4) keyctl$revoke(0x3, r3) ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/182}) unshare(0x48020200) [ 1525.466601] ? slab_free_freelist_hook+0xa9/0x180 [ 1525.474614] ? mark_lock+0xf5/0x2df0 [ 1525.475082] ? lock_chain_count+0x20/0x20 [ 1525.475600] ? lock_chain_count+0x20/0x20 [ 1525.476115] ? __lock_acquire+0xbb1/0x5b00 [ 1525.476653] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1525.477316] io_issue_sqe+0x3bd6/0x77b0 [ 1525.477822] ? perf_trace_lock+0xac/0x490 [ 1525.478356] ? io_connect+0x610/0x610 [ 1525.478835] ? __lockdep_reset_lock+0x180/0x180 [ 1525.479420] ? lock_acquire+0x197/0x470 [ 1525.479914] ? find_held_lock+0x2c/0x110 [ 1525.480427] __io_queue_sqe+0x90/0x9d0 [ 1525.480911] ? rwlock_bug.part.0+0x90/0x90 [ 1525.481439] ? io_issue_sqe+0x77b0/0x77b0 [ 1525.481953] ? do_raw_spin_unlock+0x4f/0x220 [ 1525.482518] ? _raw_spin_unlock+0x1a/0x30 [ 1525.483032] ? io_drain_req+0x603/0xb20 [ 1525.483532] io_submit_sqes+0x44aa/0x8610 [ 1525.484070] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1525.484688] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1525.485290] ? find_held_lock+0x2c/0x110 [ 1525.485799] ? io_submit_sqes+0x8610/0x8610 [ 1525.486354] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1525.486961] ? wait_for_completion_io+0x270/0x270 [ 1525.487564] ? rcu_read_lock_any_held+0x75/0xa0 [ 1525.488144] ? vfs_write+0x354/0xb10 [ 1525.488609] ? fput_many+0x2f/0x1a0 [ 1525.489062] ? ksys_write+0x1a9/0x260 [ 1525.489537] ? __ia32_sys_read+0xb0/0xb0 [ 1525.490047] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1525.490720] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1525.491365] do_syscall_64+0x33/0x40 [ 1525.491829] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1525.492467] RIP: 0033:0x7f33fff70b19 [ 1525.492931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.495235] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1525.496184] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1525.497070] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1525.497957] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.498856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1525.499742] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:28:26 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1525.525516] FAULT_INJECTION: forcing a failure. [ 1525.525516] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.527043] CPU: 1 PID: 8901 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1525.527898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1525.528931] Call Trace: [ 1525.529268] dump_stack+0x107/0x167 [ 1525.529726] should_fail.cold+0x5/0xa [ 1525.530207] ? create_object.isra.0+0x3a/0xa20 [ 1525.530803] should_failslab+0x5/0x20 [ 1525.531280] kmem_cache_alloc+0x5b/0x310 [ 1525.531792] create_object.isra.0+0x3a/0xa20 [ 1525.532341] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1525.532983] __kmalloc+0x16e/0x390 [ 1525.533439] io_setup_async_msg+0xda/0x2d0 [ 1525.533972] io_recvmsg+0xc26/0xd70 [ 1525.534449] ? io_sendmsg+0x830/0x830 [ 1525.534928] ? kfree+0xd7/0x340 [ 1525.535349] ? mark_lock+0xf5/0x2df0 [ 1525.535818] ? slab_free_freelist_hook+0xa9/0x180 [ 1525.536423] ? mark_lock+0xf5/0x2df0 [ 1525.536915] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1525.537581] io_issue_sqe+0x3bd6/0x77b0 [ 1525.538089] ? perf_trace_lock+0xac/0x490 [ 1525.538627] ? io_connect+0x610/0x610 [ 1525.539107] ? __lockdep_reset_lock+0x180/0x180 [ 1525.539696] ? lock_acquire+0x197/0x470 [ 1525.540195] ? find_held_lock+0x2c/0x110 [ 1525.540713] __io_queue_sqe+0x90/0x9d0 [ 1525.541201] ? rwlock_bug.part.0+0x90/0x90 [ 1525.541734] ? io_issue_sqe+0x77b0/0x77b0 [ 1525.542252] ? do_raw_spin_unlock+0x4f/0x220 [ 1525.542820] ? _raw_spin_unlock+0x1a/0x30 [ 1525.543340] ? io_drain_req+0x603/0xb20 [ 1525.543846] io_submit_sqes+0x44aa/0x8610 [ 1525.544388] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1525.545012] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1525.545620] ? find_held_lock+0x2c/0x110 [ 1525.546134] ? io_submit_sqes+0x8610/0x8610 [ 1525.546700] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1525.547308] ? wait_for_completion_io+0x270/0x270 [ 1525.547916] ? rcu_read_lock_any_held+0x75/0xa0 [ 1525.548499] ? vfs_write+0x354/0xb10 [ 1525.548968] ? fput_many+0x2f/0x1a0 [ 1525.549427] ? ksys_write+0x1a9/0x260 [ 1525.549905] ? __ia32_sys_read+0xb0/0xb0 [ 1525.550431] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1525.551089] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1525.551737] do_syscall_64+0x33/0x40 [ 1525.552204] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1525.552846] RIP: 0033:0x7fa048f33b19 [ 1525.553314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.555632] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1525.556586] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1525.557479] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1525.558386] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.559283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1525.560174] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1525.565965] device syz_tun entered promiscuous mode [ 1525.572882] FAULT_INJECTION: forcing a failure. [ 1525.572882] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.574416] CPU: 1 PID: 8899 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1525.575272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1525.576299] Call Trace: [ 1525.576629] dump_stack+0x107/0x167 [ 1525.577084] should_fail.cold+0x5/0xa [ 1525.577563] ? getname_flags.part.0+0x50/0x4f0 [ 1525.578138] should_failslab+0x5/0x20 [ 1525.578635] kmem_cache_alloc+0x5b/0x310 [ 1525.579149] getname_flags.part.0+0x50/0x4f0 [ 1525.579710] getname_flags+0x9a/0xe0 [ 1525.580177] do_mkdirat+0x8f/0x2b0 [ 1525.580625] ? user_path_create+0xf0/0xf0 [ 1525.581149] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1525.581807] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1525.582479] do_syscall_64+0x33/0x40 [ 1525.582945] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1525.583587] RIP: 0033:0x7f3666038b19 [ 1525.584055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.586361] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1525.587317] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1525.588211] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1525.589102] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.589994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1525.590900] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1525.593853] device syz_tun left promiscuous mode [ 1525.604560] device syz_tun entered promiscuous mode [ 1525.607034] device syz_tun left promiscuous mode 23:28:26 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:26 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) r1 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder-control\x00', 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x8, 0xffffffff) setpgid(0x0, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) connect$unix(r2, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e20}, 0xffffffffffffff8b) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$binfmt_elf64(r3, &(0x7f0000000900)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x7, 0xad, 0x1, 0x3f, 0x2, 0x3, 0x3, 0x21d, 0x40, 0x34, 0x0, 0x9, 0x38, 0x1, 0x3, 0x3ff, 0xffff}, [{0x2, 0x5, 0xfffffffffffff800, 0x6, 0x100000000, 0x7, 0x9, 0xfffffffffffff800}], "a5b850d252e428fdccace9619c1c84c89a08497688d631a0806df38f0941f3549101a3d290dd0d2973055823ab597927e7591c814a50faec11efa8ab59be8431340875fc4cdbb71af20ef59f24317007a5be1e", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9cb) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) timer_create(0x2, &(0x7f0000000040)={0x0, 0x10, 0x2, @thr={&(0x7f00000001c0)="1f0358ec050a112ada239bf1759f4de67ce7abe51af06e6ea1b593f67a5a5db3602bc32f1b9b9521d49c508437dac1bc5c2bed2ed0639b1f678cae8cf2bd70fd22143c721c23f80d7996bf914cef1341fd1a44d6a08d3673cd20771d625315f92e06a0c6f74b85ae3b128d31169d49568bfe22dae2b6bbdd17c307f3b6e115a343b8b144caad", &(0x7f0000000280)="8635f4f23ebee2bf00f7bc54d4a76788d67ffeaf481995b69b603814acbcb53ba6152534db8738361cc3159a20c31ddbd022b296f7823aa38d7ce886d66073ec8b9d5f77ae718cc848e8b069cac00544980818d034dae2a4d45ee31a95757d3ddb243bbdf1108720559d8ac10e72c740c94d4a9eaeb085a872f454cda68dd4c8881cdcdbf5975887746e4063db79251c9dbc54b8df5f09c2b80ff8bbcfa2032b0461a7135c8c0cc3ff14f297b24a969a10b7a70a60d431634106785a2325cc62bbb6ffca915954e7a2baa686915403ab30b58828cf4fa31730cfcdfdf0a3b6774028e38982616fd7b877e589b919c3a32eb772fefba0580a"}}, &(0x7f0000000140)) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000400), 0x400000, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000880)={0x0, 0x0}) ptrace$setregset(0x4205, r6, 0x6, &(0x7f00000008c0)={&(0x7f00000085c0)="69126bd8f6cc53805a01f29039891e23ef0cb09430af966f901487fa13da9a284cf62e65c6e22bd5c1b66436ac6529d28cecf6a64535f70c9d3004102c8ab7a7524619a89cd7fcfa34b3e1110b9e14cd7c0db349394c1f28a181b123f031570ddb68749574f7f0762d6bab72a036f475c07b9012ad8774a34ad6d9adf9da6f661f30a5fd44a977fe678f62b0fc9de31e877ff7896a1aeef2c2182110d458bdec4d6451eea6e545b6378191f4a72f09e332567c285f9b27da4c59bda0351874f1270a1ad9096975a8c70a26545b377890b92923e83abac4e77b33559b95f2714d8ddc4ae77187e8f28b293c500bed4b", 0xef}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f00000042c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) fstat(r7, &(0x7f0000004300)) r8 = dup2(r5, r4) sendmmsg$inet6(r8, &(0x7f0000008240)=[{{&(0x7f0000000380)={0xa, 0x4e22, 0x0, @remote, 0x90de3de}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000440)="e75ef4abda7a4278cca4a8622f49cee0f1c5138bc77475e7b10a0792f80403fc32a4be3ef1052fff43dfac71e67c16b421a2611cd0b3d97d516b7b06ff63878905867fce78ccbf94e317fd62c7fdc76796739a427531f7cb31d0f96de165bd4f392e870d4e10e46b93a5632b", 0x6c}, {&(0x7f00000004c0)="d1184a4d0ec3f976fdc2df94c808e1c115db14d98d957b54a7a2f725b8055a0f162286e8e8a59c1fe3d3fcccb2f1877beb13e14a9a687f5f177858408fc0b197bc2f2746212b2876b5cc8ac215e9be6b5e456b0b36a33de736c19a9ae893811fdbee5ff4b3ee4cbfb8fc83f879425addbe", 0x71}, {&(0x7f0000000540)="3630df25cad708095fec07ce43e42ccc71a7a0530243eafb34ae7ff5f33dc0a80e0b46a090fb85eb481b1f6ac2a8f9ec25c277c49904cbc68244e504acf8b5cc0641a989182a6abb4c5ca5afa2f4b8dab3302fc311bf44d669c5ba247e3cf82160cc19cc6e34ecccb31aab203dc5ab9ca4035353f7cbffdb13fce7c1e44366954cd86cb4326fbe4de1f3b8c6303bc4cbe784fc817133dc8e139553f37716b05266dff7d459a2963e77e39e573e53b638144b878cdcc7f794b07a14ccd657ebd33386544da58c46f1207f98144fb49cfe26755d", 0xd3}], 0x3, &(0x7f0000000640)=[@dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @hoplimit={{0x14, 0x29, 0x34, 0x1}}, @flowinfo={{0x14, 0x29, 0xb, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0x7}}, @rthdrdstopts={{0x40, 0x29, 0x37, {0x62, 0x4, '\x00', [@calipso={0x7, 0x20, {0x1, 0x6, 0x2, 0x2, [0x3ff, 0xff, 0x4]}}]}}}], 0xa0}}, {{&(0x7f0000000700)={0xa, 0x4e24, 0x1ff, @private2={0xfc, 0x2, '\x00', 0x1}, 0xef22}, 0x1c, &(0x7f0000001480)=[{&(0x7f0000000740)="5f24bd171ca34f3ebdc5e39bffd1a2f3eebc0e5e7de518399f23920f45afd4138bf3f17593c91d53c828452bc4af2da014ea62e54bb9b6119f992e18079cb956761e46cc209b73610b5ccbc8b3a956f15dc14e53663c765045e5f6b4f8d5fa02bcecb3fcc550e04d7490ab08151a78cd2219b87525c41e9c3edb6a275cc4d285b0e00a1c6ff3c55a5cae417b6349f12e49657e207e7585b3d2853ce74d7d3ca94c365ac8aa5d01184fb3646d440726da", 0xb0}, {&(0x7f0000000800)="08495f0c4da29c92cf3b8463d7622e9fa66ceb1f79b4e78e5cee3c5ee7bd38dd32f5ede8ef7af74f52948c6b72a75360d8b1d2f10883627d3a8bf935360e7d112cbc80db89a3879efd681776b58dc980", 0x50}, {&(0x7f0000001300)="029b8f52f2b0278d59899face375149f9bc88118a3a2b888a4d823cee1d83586ef7726a7f2d5f4727b46bb2b46f4b87ec45201481e386985573bac5b8bf2e0d0a4ff2dbf04f1c00088df18eee3dfd0ec62f6a6f06177c069765d32064a667ed0f7c3adeb9599a9b0afae33ecb0c5bb092749122fb429450d3bd8993be527aa1191d2b7e9fba8ec07617788033401e76ecfd956436f26bec9df3e07b519b08f3dc366a68b4c6d23114923", 0xaa}, {&(0x7f00000013c0)="cbfc87eb15aea3a6dc83f45a8cba9e69aaabe09e843140f3d023f2bc7723e9ba7b6e6480d0f3c8b465b3da10916e118582be3bdf086f130c9f07308a92e7046a18779f9872fb1f8d3a1258ddd010180591a5411b965a5de80d87b2e428008c9374bf2a598f1bd41ea72527a4f547eecdd49152280b9de7994ec390c778d9e5065b8aaf499f5da403c4c40855d0e1321b3c0d2c378e84a06bcaa3e86fe3d43a039a5a94cc75d102f8325696b0e803d606ff82202b20bc898c", 0xb8}], 0x4, &(0x7f00000014c0)=[@dstopts_2292={{0xf0, 0x29, 0x4, {0x2, 0x1a, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @loopback}}, @ra={0x5, 0x2, 0x6}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x0, 0xa, 0x3f, 0x7, [0x400, 0x2, 0x6, 0x9, 0x2e8400000000]}}, @jumbo={0xc2, 0x4, 0x4825}, @enc_lim={0x4, 0x1, 0x3e}, @jumbo={0xc2, 0x4, 0x8}, @generic={0xfd, 0x60, "a659acbbf6fbc17ca572138e6fc97ddc5f9b684f95f5776d582e05296f34bedc7e354317afa50959f6ec3204f844eeb18eabfb591d43dad7c841cd147579b8e826608cd1423833836561214ef1b18fbd32ec2c2391ea8a46569f330060dfa40d"}, @enc_lim={0x4, 0x1, 0xf9}, @hao={0xc9, 0x10, @remote}]}}}, @dstopts={{0x28, 0x29, 0x37, {0x67, 0x1, '\x00', [@ra={0x5, 0x2, 0xfbff}, @ra={0x5, 0x2, 0x997}, @pad1]}}}, @pktinfo={{0x24, 0x29, 0x32, {@empty}}}, @pktinfo={{0x24, 0x29, 0x32, {@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, @dstopts_2292={{0x38, 0x29, 0x4, {0xc, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @hao={0xc9, 0x10, @empty}, @enc_lim={0x4, 0x1, 0x5}, @enc_lim={0x4, 0x1, 0xf8}]}}}], 0x1a0}}, {{&(0x7f0000001680)={0xa, 0x4e20, 0x5, @empty, 0x80}, 0x1c, &(0x7f0000001a00)=[{&(0x7f00000016c0)="c3ff30ae5aab4eee0201846050f070d7c202cd8576c579aea042005176cb989acd8b4672ee424abb884fe4c93cf4e136e9f5f1cc47f2c0a701874327e78f5b83f1c932d45bb88b9abea0009b34c65a445556f66dff718d30ed973e0e1520ee5b01e08fe3100f0f9dc141bbaa953cda191e6b67670820810dca9c618f668ccd3c10c69cc4ed21ce0bcc2f8f35c0fe25bd", 0x90}, {&(0x7f0000001780)="62ae30101aa265e0af98d52b10e3e8f3157c73b2a6e0fea082b1b70f8c415e65c1e97335513557c6efb3ec8f16f0e79bca4f7c53840419d87f0f38fd302587c5429e8940c8bf979fec4c30e66bd9", 0x4e}, {&(0x7f0000001800)="673f62bade6cc72a8694d3aeefd4b06615653a57a44999da6cd4429cdaf8a294a6b382252647fae1affea35b33ac6e138294aee94896cefa3253e8a22d58b3b5884dcb7831c06d210dff57f9e430e8ab8b2fa713071e597bb07cf0bc7e68ba2c6e6c540435dae433993ee9d45c6477839756d9bc7a1fc231071bc85d88fbb4ce03ce41e3cd48671844382c102b169ccbe365188f89c8d0c4f7327c1f5b3d806d78e966ff29a7", 0xa6}, {&(0x7f00000018c0)="bf3989330b88196960355d7b96ad6c955c677553458cbbbbdc353a89d624bc2ecd1942bf89f24d0b69a5b79f24ed52105db269aa85", 0x35}, {&(0x7f0000001e00)="2b414ac7af0faf1514796058291a1f2fb19da275b6a996b2fc6521c210110c993dbc41299e3bac63f660f44f5d55c5d38b60257c58ae6b2d73ce01891ed61f314f23f285200166db47b2d25bd43705e399125ae310fcd5f7d19c783d4d496ac0d7941b2ea4c729c2f6060862de79034a6f9ae6174faa195a6d2b9be3d26d68de87484162412d89ba8893df09422d3a9256866fc68905426b2acfadd38d13d12ee544dbbdff7f132277f28a5f56812b937c7de125ce99dee3dcd3fa9c71898a0d2e21a0de6d910cb9d96866144d09c75f389067866cce575190432a5266dfe3d1f5faf3fd7c32e232f0a0bccb49b28c2d480c22d1c8e439dd1c291b234e6c025c1b0667f85acf828feb76d1d511ed405d0b390be6293e763ce2508926f5ed0840febd6ad205ec6995d8b9b5371072c03ca9585fa7094ed4828e0644dd4372d238863241241dda5f223dff1060eee0c09267a1584a4c0fb5536a5da3b9f69e8781361d1774bc8f0b0df402c2ff028fe8f401a053b3cd901359a962e04fc684e043ac2a7852df7930ad2d1b1b70943882cd18deed8afb1c9a5efd256dd7abd7d3ed147cadb6c16ab5410e85025941a19666ddce8d728bfab1660b1a20e3130b09785ff5aea292efa7de3bd6b72b841c15b9b54128bf38e94289a996e7cece797834b33dc6426a9f68963b659f8fcae9773aabb17512c0ae39fdfa4d28b88017b55b6e2bda6b39e12972092c5432bf1a506875aa902fc81fc7b50c0ad20e557e652ac30a62b357eb7436756c8495af0e5768765b38007f7181c5fd4d0cfac4cc2e9c72e4e235cbc67ca19bd1c6cdcf917e3cde3dd166116febbcd5a7aa96992b6aecd3b169075afb25c9cccbb6ccd415ce381fd992ce1d5242087216c4d2110f2825b042c9f1ef7af30aba9db23da58b586ca3d2a6d0014ba7a47c2fa43a47b36ad1f00b630d8c62f8e110cf80410fb1ba6c006f5fbdb2966287de86c250a3ac616dfaf8fd313ab5bca76d137cfe5c17567812450dfd4dab491509d7b98998ecfb9c02f6a46aedc1a3ca1c89a02afc080ccebb23045048ac0a9265e8382ca39b185d7e876f7592d3d0b1ef85ad7f39abab32d84f50a80418c5064503c9c6bb4a277e8a1589fec1d5d9a11e721f1f181cdd9ebb2b91cf82ae3c0479a0beeb7592e04c636958b43261a47165ba1956ad51f976a895b6aa1a04a398cbb6f5153ad1ed994245362c3594ffd733a67cbb83da887625df989246d038081a55f2abb9dc56ccf589ab98ba87e81ac1284dd545d14bd27e0fe9d23fc3fc8210ff7af5b078c4de9fe5f6c3aa606ee5a48d8f931a0845d1724856b01d41b5623fb38976e09632f18a18e41b4dbea45689a086c5e08ba0620d4daccbc24e0f660a4d6342823d5a02a38a97ec777d59773125474dc21aba147bef80a086871fa0f089614b02d0f6214b68d9c5bbfdee191868427ace3902f52b0bf9fb6f4339dbcb0f69c08b43240a2786f2e397acf600ddfc2e4ee3d003ddc0b3d5c1e7035e83370541ed99905191db826efc6feb45776a193088d5eccc8bfed87c18626c5e9fbe8e72996e63ac67a28200ef8b4477adc51fe8b52f8b3a6243d374ff4cfd490be105b5d139e8044c818893ef7dba06ad749feaa1ba1145cc282e8a2a0a3b4ce567cd2311a1736dbeb66045b499bc659853d7cc4a862eb4a21c714b0833961d438c4e2328bf84f51982db50b1ac430a812ef6805d8caecf51ca1de6016e8fc6176d4d7397d409b151a5d63f9b45b658ca04bc8b09cedbaafed5495b98381e22d6a7d65f8e012cecaa1fdffd0c027f69307070cb71fdbd3df690aa258b5b1d85cca0dab9e6272fa7fdee293d33b12ceba6ef470dc5d7e1bc374f34843f8fe1c200d79686c73ade6d05d3641ec2838acd7a0cd7303ef6a55f0cb4e0d2b6a87a7dab60a346d324ed494b126e4d0eeb331d4d246b0dac45199585b7f32b0507514abcb18fe5a4ff5709c578ccd136d4259e677e0024cdee1786c0781257159ebabf804e338a5f339a5ea83680e3bd8baeacb29f8124d0639bea16536d0b60b93c54304f48ec071c74c8f6e8529e819d326d50ea0809a60248fb1af81b6e9782e44b25d720a23a3ae37ac4db75b5a08856a9883fba22b86820dc2f618fa97f5f423869c97eb23b8193ba4ae3cc0d06f9a604c6633669799747fd5ff3768f1a4eb8e1a9e4f9e7ab072faec70f74c5724a00730e6d269f9972c892b44a9af40081c192f5f45389900332e45fc2e721fbbde859f3251ee448e2f4f2e8f45405a549a32bbd046e23320eecc6aa748da58db497939514a21e140d27e275570c6abc52250ee85c8d2c99ef6a24bd0baad6c3b1fe5128b9e0ddc9750234ca784d8eb83932a9d66dbfeebd5e3fa96242e60ec601e33129997ebc5f4c00265c80b3994629e94d6b41121b92340f038c99545c97a431ea1a5038fd1c9256d60cc95d52ea7fe63e4f559fda438f07947ca38b0aec518992c0c4c1c15c4b80afa3f3659fbfdbd53c115662ccc42cd6df9390a744433bc4db8c4096c939693536d6bb2fd4419c17ea9014865f29fe8c60803b43273b5e593a109f64577459d68178e4f57634011117e15ce0bd74a22319388b8a363ab7da8b96b27f5c586cae30b9a91d80591adfbf00c984ade674ce9f12c8f1610724b2d39c2ecfdf20ef4ce357559a1901aa39643370cd894543b424d19e95401be93dccfd2f6a53047aaba174f18fe965a474fe28be40a718a7e207072e9610114307adb5ae9efee462bd4c5e42149db7407e8f91cddf51e14c954b39cbcec18579473772d74fbf60acca94ba7fc45964e8efed9ba935dcfd739c1c4fd99b9326101e4ebc507a6dc85b15c70d8ffba1a8a61109e0f34e21f5f6a928e623d6222b6e8888dc927a332f5f16ec33009b07fe8090f42bd52d9ee5ad322c1e295ab172740967d4991e2d6271f9a7589ba9daa920a97e1130419e9257d49b5dee9a95ff8aaa99569b7f9926957f537bc7350a957df043551564badeeb26f81485b7237a001ea5233733fe452d722e9288570cafc0065cb895157be7509e13f2cc1a0c64011e48d15a1067fb0dd6696f6b9395c2dc7b33c051b9fb57365e0b635c128ba64efe672347a388890d9acbfc5b343b5ab46fc5b124d2d10cd02967c1ece8a1524fd414a334ebf45e082f0aa345358b14aa882f940003e8aecad087a06455870b633918a77b86ff51ffa867949d6753cc58b9f4bb7c3e37cb08047809f49ec2a28bd73aa35eb0ae6df51d06a999bd1d4c15bcf4caefad0c673f63a285875d32ac2f6aab4463d349313c843ef67b7b443058b259bd747362bc6905754ae4a5952c32b26a42d3f29eea1206788ec28e5a71d5c7bbefb86843c5fc7412e3220c78465a597c84ebde9d241422fcb4435af8c091eaafbaa9975cfcd18df269d6af936a08fa16fb1ced89d5bdd217f8e7424e0d7518ffa4b218850a1f270ef5f9a2ce4d9c6812e63fad1267056617b480dc6ca5860dff31a8f58afd58acac93eebd3b5f0d880bf38104f3c058b380bc5b05e94c8bb3088471be3038132c01a9388550745276855fff5407635a6c4578304eba2c7f6162d6e7239ea63407b0962bad7897d4056fa35a7a229a885562ba1e915502211b690783b091fb024156d1775b4296934c2ecc19ae0eb832d31d214ae1c21a9c1d06557a40d0bdce58d317910fa2554ea76ea937e13cbdd231130446864d3c3d3b935d91f4e794933aed9b65e5b9c8fa5da34e69ec98a3dbe9a7127f2a0af9d74e8451b189c34b564040260ef4cc6dcaf9bf49d8d7f9cef579e68e13b059b314870b463dbb7fe1aa592f05927d42d9b80f6f9b234b3f1a8973a2d62a04374c3de0bd274afa8cfe8dfe7b9c6ca4576cc42c303765a63ab76f863e35eafa6cfc656940a109fdeb435f6ca64cd7686aeb6ad4846295d9b93e0e7c9b6d3dce482df08637d619faab3ec165cfa18bbbf5082be785aa7a70adab41ff030cca66082d0699b794752b87f3c4f0164ea2c0e4a5d736bf9ef2770f992b0de49b06036fec1ec2e02fcf025cd989b9748277d1ec2554b4c482db7992cf6635ec707fe5dcfa0f4363eae76fac44c24a3b07a20829d91478dff20e3f61dcb19ae487588231ce84ef2793fb7653d7077e6f2f6fb1d739638293e824fbbbffcf9537bca25325251f23b733bd3b9363d36ac4cb34a9dd8b657ec9de38dba692e722e7f293ecee17a174fe280367113b8f9b56c4e2a34a92a5b964a906e81ea0208ab2bff76464e95774e6dacec2a20c4462f014e57d6575f67b655d8e93d2a91676648d8f2676e0046978377b1ae3d9651d71950f0b1be495026c76842b62b1a5d91a4f7ef7617b162a192da0046e0558ee92f1c906c615b5118d389868ebe0a644ad72548c0c6f58dfbb305d23af22c62cb71d215677c163a422e083d765b745ce32a4d131fe6c86b78baca57a20c6d616cb171ef77cb0007ee6bd65090a359a25045998f80b4bf57e7f62a29f3a641d086b5ce29b19c51ab3bb4141092f85ab259fb91031cc745669d70e28f5b98957a2acc9cb44a873cc8eccef15f9f86594e76f0a5182e51ac7f8dc5bd31f703accd5be4dd74cb4e97545c268149b0bec2537add6efec9c21e0290b1632c93375e061b0c0b4c3d22ee217bdbfb1c79097862bf103c53e3079fc02c2a2190e747d02457bf70ad2002eef73059c82ba356d4c08f49c99475759c55229b6701029f0af207586f3d56426a847617ed3dbbcde8b96237dec35022c7ff5b3963583ac4b4c4d9185dabf777644dd42500a1762be9e6299f4ec698467479a7b3bda2f15271d1470be60c63a29530b62061d522662c6da22957e26258349b7125ce8ecfdce25b074a7197c9ee281b41d72d9b139667202a3715f52873787fbe28a449ee3b83f1fa7178bfd5621281becb387bbc41fbe44132baea83eb7b62f78b45ec13ebaafd0ee12127b5cf993a6eaea9a35fc22d4b15c17d0091b39d89dd8bedf6872126a94661c88c62600a374123012eec9020a181d5214d9e8f152994a7bfa452b64024af625aca2ca96f7c6e1fb7dbfa05c9fea370fe3f9e9a1a3ee9c080393f6c408a3cdd640e3d9fd1229fb2f9e8fb04a7a61df6deb58bebc9b8e21304076e701417bab08fa51abf9a8e452412a082dc3c1b1da21ac509f7be0bc14bd6bedf0c8db10f7a8ff084e1969b311ff673de0ba003864eeb5c24250546d39020b8b587e5059cceb9b453cda95d7f0abc5d4cca413d322c83325ecf6c23ce57a9688d4ff922920c5c8d714ebdcaadb6662aa55288772c479498969dcd9b4c7912da8829b368a5c31232b583f369decddbe69f7d8dfb429860b1dc6517813088d89d59a1a2a3f0d3fb2e9ce36ec93df19c80eee1e370a4d764e553a7c6a7b823a25cc7721a5b7e1e996bc4db57f1f885f75f3aabf4b725448a792bd918ed422b41bedf96d315e370f5c98e25ee66657b0a40f801bfbb679bcc3dd05ba271e402ef9d10591ab2b229330bd87a1d3594ed3f8d10e6d2c327f70472bcba8fb6b866c4f9f852f083da8e5f3ac7f8eefe5589677a05b3cd0cfac91f05761146c936a8210912d90db76bf58c31ae9ea98b5eb0cddc769e41473d6b8219e71bbd0486d262f711f19f1a558fc88ab9c30d3048def91f84673622b1d0c2f4c3f5c8557e6b69578d1733df730254083b3bde83bbbe4e4530a4876581fdb5848aea2f749f9d4cabb381d89545c4303a90047059586e23fc33b0c1dceb16c913a215632ce1e23b7abc72d3ddf21d8", 0x1000}, {&(0x7f0000001900)="6397562e09f5eaec3665b8e39091d57404e4f8d3e721b3ae5a90398566c3038c513879bebde91710cd1e8e75071877d1bafbbe2436181722ebaf62d30182e9dda92e394e531dc2d310a9c87e366c19afd93b1dd44918233511b823572c1311c1c36fdc66042bf0fb2519404c8cdedc4e227d8bee5c2a", 0x76}, {&(0x7f0000001980)="e09da6ec75c955733d68c30811c1dba8f2bae3aab082d68479bae62c83c5c8aa60bf7cd10acc971a9f2289982e5c34e0cacbc6054d27277dede7c2f8dd81c1228359d41d147e66a91096574df47633d1aba1e6e6e882d4072a213dc6703cd25ba14244bb", 0x64}], 0x7, &(0x7f0000001a80)=[@dstopts_2292={{0x108, 0x29, 0x4, {0x11, 0x1e, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @generic={0x4, 0xeb, "0f1c6a13c3ce363d937a44a525fd000d3480cd0cd44fa002586b62dd8150175fe85cb2788522c0c2ea07bcea15aba1d1d69151188c8e0fb9c09184895504644106489383323a0d2bcd28f1e6adbe4ddad8ec45073559f6fdd82157bd664824b074741f94e479c78bb215f3bace2ff8c37d493dc3e380840c6bffbed1a35097919081f2245d2d83514fa824c03b3588d43c926cab89601a59596ac97a837c927e97bcda175287d4144e13683723a9ddc88ddefd9133f5dddf30c3fcd5759285268fd937b48b3d1d72b0bab1ccb61663467e3a9838be91f22febc4757592d33c7a1868df22060e476af9a900"}]}}}, @rthdr={{0x48, 0x29, 0x39, {0x87, 0x6, 0x2, 0x5, 0x0, [@ipv4={'\x00', '\xff\xff', @private=0xa010101}, @mcast1, @private1]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x101}}], 0x168}}, {{0x0, 0x0, &(0x7f0000002e00)=[{&(0x7f0000001c00)="c68301aa54e6c4caf99e801147d02798ee159b6a8bd244cdb0bdc0fb7ae09d42506a8c0cf49ba6a04c893515e26bfdc43a84d15a99ea23450bce904f08be985e62123ce08c6cfe8f980d35733918d64cc6ce20fe9e52ba6a5e0bca4a31ab1b44eb68beb327ccab9efdeb1d73ba09732f034a22dbca554e7a9902f27cbbf9586720f67b37f4ad0a55aa8e9739c2ee5bdc54a723b2b5e0d1b47fae27fc50524bbb2d18115ec7b112a60132a2eb18340b44d5be99e46eec2bbac933d9a57d6aff8f9700ef", 0xc3}, {&(0x7f0000001d00)="a2a9a8fd9c9f2e991c608ecae9d03bff832a29bacbf8c92a15a92cd755e726a342b1e0578580a64b490532f0adef16167f3c7f65a97a1bb84ef6cc62830e5b890ab722d6d4097fce715d412d2c1141ac34", 0x51}], 0x2, &(0x7f0000002e40)=[@hopopts_2292={{0x20, 0x29, 0x36, {0x11, 0x0, '\x00', [@ra={0x5, 0x2, 0x8000}]}}}, @dstopts_2292={{0x48, 0x29, 0x4, {0x73, 0x5, '\x00', [@hao={0xc9, 0x10, @empty}, @enc_lim={0x4, 0x1, 0x80}, @ra={0x5, 0x2, 0x8}, @ra={0x5, 0x2, 0x9}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @broadcast}}]}}}, @rthdrdstopts={{0x1028, 0x29, 0x37, {0x4d, 0x202, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @generic={0x80, 0x1000, "e2e42d8b0c1cb2d72e00136084fe5dfcb789792c2d7a9af7b9584e861dd09ee1fdcb3dffa789214a4dceb4c912cc994f5cdfe88d369b0fb299baef48622955f1496327ef8802683e75fc470a2245fb4f69e4b326f78334c915780f3075ff6e1ddf27615df6cd122350d2357707dee40f54325db7f88803e6db12467b4ed3bc5e427c419f0d173e7ee14f8133afb4813f43134c6260d70f46dba7833215a5efb7f10ba3c7edcc7200c28379e654dac4a2f0e168c6396a93e6d3d300698c5a1413db473bb796acd7b7e1892fd9dcbae4278f2b69e7d93924f55126663bed020c8a18e6fbc66f6ba4376cd64e0d6720491c40dff4971ad55fff6006326423b28be66a1c7ea3a59d2a724ec5b1aa0ba2555f29a2e0a86baa5e0242ba0c07fb2b9ea986ec9f5c972a3ed57c8ab3e7704116aab08d1b45bd40e7845c89ae4135105b315c915221a50de7d581bab88e9b1c93b3fc14ad599aa44653a733af6ed6cee4f83a87576d306bb237133854d986c3790720d1a31d574f34331acc0a292412338e9deb6b1fa55464578dfec4fc5c20873b0c697991f258d26c96f3ae49e5c25b8372e6fe64976b1be404748cf21e405fb9ebcab02031ec5c0901b2b71b38f7836d9f8d80965f55ca21b1bca43c690f843ecea64004e2ab56038e3770567d1e6cc47e14ac1033223e57e6fe157c516c3f8cf0c161177ebe61719aefe5a99771d86bf314e973658c33a12c8c187310576bcc12da4831d15cad46356a8b3d73a4575fe142041e6707693575f2c001f1557ad5555b13615b9390f3b0c2e0f98f77d070794d54a7e2f61dec0b6bc69c0222dcf89eb966c8b32945111d9ff216164a8875982a9fb9754c7c7553ba93346c33ca9b82b4b385e8cb626b8f62be71aa24a577d35dd04ba678998201ce951cf5be62906e8579a2bab407fe127d472626b111d19e345801945b974868ddfdd08ee011c467260df6e8cb35315c14a401f28c5e3ee04d28a6ee440facdc362abefa1d07d89ffd44781f623ca534f838f210256ec6ba10464d1b20293852106a200afe5eafd7cb770ce7426819fe69312b224124309793884ee4f1bf24f413d63a835c14c94c5bda23ddf87207742df6a4cd256a46134d92dedda8138ecf644467f757cce68b4a29de578bfcba5cdc2dad04fde093bc512282cd00cbfdcafed0481ad89410506de46e7d42f57df23dcfe94e8e0847141c5d0c65de9b94d7ce49feb86ba9b21879d20b63d44ebf3060c28f5f0bdd508822114baf27a0def642492fb2c1ce5505efa38e8c8efdf50baf10cb2c51f0bf21c1a71fafa28a88b9cb0be242ba650ee54b8df2a6dbae3e7b174bd39e72d94b4bbf943d619a034969b0ee2bc56b947e10846a7ff522772a78e7604ed12eaca4c40b1ce9cd84bac9a4f8f4941398607a3034a138a5ee8cbf2b005950e26681d095d62f0f7803276d8e8a5c506c81fb10fb48b4b93a40fbc0d6ab2f0e3107c9b356ccf23a79a81a24c3186a5fb4526339ed5352748934aba2c540bbc185631c4bfb375b5c0196e2e3b972587f1a438ad1541e69a0412e7165edafa868baf244872539e04afab1e3220a0ab0e040ba5a1b225d4d2e681325d0ff620cbca30fcb8bf41c973912cc09c4b1f061b3e5dae133ac9b846cde401b50a1d73cd9a7833147a259968685a97a0861d24b12ee09498e7888895a48f5b4a728ace1222ccb2ffe388504033f225001f80f4bb807690e5c00ff447c09c40693ab2822994f6ae368dce0cf11f88fa578f90e03560d33be1a2a3dadd79ed582cc46eb1e1a462469feaf883536933d36f49d28d1e830f32ae9f6a2cc17dbad348482328c4eddcac0dc5d23efa2fd4aedd8f7006a292b39df68b19a45119db54d4e1cfc0b7a8422191e4933a16d95b36cfdb33060c6c0e313f4167244429f6ab0e14cea9d7ac13f742264dc6c4e9201526579c3e92cc4cebc90e3005cbd436db8575000ae7e06ab006e68b43b2bd67ca1f43543c903146ff656d61efbefc50f8766a0de9e65b1c56d9e84ce1e516daa3de54f721f56b23b9381b587c814c87a276c4630bb9aa1f6505eabd695ef39e38a8b7571aa9a8dd67e48770a9068d78de18062bb9eabc4e4ba967e114af4a4a9a2fdd5f557d55a1ebfe857806f5b9ff584b12709d930a8fef3e0dbd15c5d7a285e3c9752ce61d4ac324e493d7bdb11427bb20ce9fb705a0a3f76a98ae02eb2def79d35705d51b97249d060c7a3e4c5747466bf584f3b57d7dda374cd841395577ef24710901e12e49d4952eb6c475c217397fe0c80432c42b4a8ca4682bd46c6d73e6ca93a0afcbc4f706a1996a68f8dc22911a8d11b338e82125cd53ad6655e917c70bb5f63d069e4eec2ba29c560811f6735f0054f6730bbf18e317afc85a8f240d8f95eb8a93b97c2bcee6f5f7fde0f2a95f8dad949f6c3b9bb95d1c2c5ab9d3276f711fc54fb1273bcf904fd025eb489ed822e4da9596173650e44a235e1529271c36e8386a5186631037e2934bffa44d412ceff588b666241ee06f40519fde583731cc83af28c6b69642ca5532ecf86e87975fa2d04aa6bd34e40bafd624474c158a102d969664075ee07e9f2b971a2c55709adbb9dda26b12fd89b746aec6d74c2ae5d6f16f208e122a522e81823c5de662bd7437be24cd288210084931610c0cff5b137562caa4b975e5d6b7a4a5a70f9f717d5bc99ac9459bc93f07c65b92a7bd1fd5413f733ada2e6d78bb3acae787c35e385e9882d216328be78cd7fd29795b6c6337b25d264d274196635893f2a76741ff71e5dfc9e283c0160d24488ee7e249fa80587a7b9185315307d02ee32257517a8556a7b27f725db7aa353e9cdb78542bd9fb0389160fe09b2bc48f3710f291f49f3449d354f54ecd371a54ab6f368813aeb0d1be90902ce6f2c8644163e0dbdbf8a513842fe546589ddba45f8921302d1ac4d217563b61848dfe3a62f600366e794ffe552c0e2ab9395b647971d2c64cc7a8532a6218b7890f81b14774ef3565b62f6cdd93e7f1f4a4754bb18acc7008376ca2b894d633342ff4522f9bc3f4fbb77cdd5352bc5103b621880cace4ab1891e8df974373e820865e2251279b729d532b76b0131b57b2f0aa6f4bf099b48c82333da188daa85e0eb657ddf18d9e208e723ef18e690bae03e74f6e8658071dc478fc81535cecb8f22fc5531bf99572e2a17e47cf4eeb973c2fa73a9928846818c432c3651bc855c990b88d9d206ed7378913e690c5d84b1a4fd20eccfc8d35be1b5008ba4afd4cae39c3a4291cdb178fea5c9b0bbccc8790d5efc3b283b61b9d1fd0d3146fc56c33d67a8c726dfbc5c3220b230b906ecfa9a71556a9de4890bfffb30e8d1e9166b8dd98a59661c85f032ddc621ac1690918ede9e8793162d48e8ce5f3205e3d34e1acd3c348da7f5052de19e79ca0861968673077b9bbf19b921b743c43c15b8caad05ded8d47c054e64443e294dd2b2ecf5d257e7c0d6273fc73a988da6539e9352d0855aeae0dec4aa6f05623a8d2e18f7fb254dd4c9103935926f877743fb352b98e5efe07d552e75f42321d2c9bf48f5dc26d102bdee6b255ec58663cb796d207072efde760e3009ba64905f0f3453dc6ba21e90993968984bf611de26c3b93be4289661efc0f2b9dd5428c8a610a70f6b8ab8663175b6ffa55ee104d0fd467cfb9121b140e3b7244c2504572176fa1626345f4d699d5c0c6bb2132ec3b8a9428de36593bd2e7d4f9c30803cbdbd8810d8907ec1e85771fd4dc6d0237a85bd17d2f4dd9551d6b89920105e866b6cb1085fc5ce479078a2524f570230e350417a2ca2687e01a6adb8060a03a6e8a84d80f49dfc05384880d396ea60b5c662ab080a4aa5db173289369513d60dc69de5e70ee93122eb64558ed6f953c66ecf2e5e19f4e18c248487070ac79b4d877f5d4eab63b339910774bb6f695a6054d1242b1aeea0892c932022905ff63cdffa8313142f7b8a273e3163e4d3f23be4f020b8594bbaf773a1218c8864dda19807012e32cc8d17d2cc078181f389f7943533a3659c4a52be5fa0cee42252cfbd44c040efa523aaf7c170fa508276c0dc7e10059e0006663bdc15ee4bd4be70b2755da6637ab22d67190f325028d52f1188a0254b1a224c73605616c6fe829decf3931b140d1d19f70ba7b6a652575adc2eaa18b027ebae04edabc2057f11091cddeab2cf96404d080da6a8e9efdbedbd5336270b4e03188a287a5e9ab797764557f089a792ddbc08601a5896c719bae115b8b2244276d917f192372d50c35b280456a2659490a1a6dda63f4acf04b005522c622c8437303fe06bb8fa99b62c1341c7f78202af77b06c5a5abb1e0649da724d54986e1a5b69ebe8a069460e8069fde71bdea71f8408acd6b3fc0fdb219cce329a1321ad0a6c0042fba5a3c552b7dc2a0fca369f08412984fe946b851e492a6430b2df849ab827cb2b5fe1e186f5305b7ca8bc919fa0a47561e55cb2e5346cb041cefadba2ed5ad2ed8779f07b3fb8970caf048153c12a60fc75a802539b336f8fad36be5dfdae2ff4dbaba979d1d645d14c1075544b61f9167419aed4c2c6207896342afe7c855d43d8692c98aa46640eb88a10ec70fb26c8256bdb11fc036fc27e85272f92c0fa3a69f44e8427921e1878f38a0751ba44e18e2f80a6ab697e8244ce1391475395ad494e76ec5953d321ff28896f78c0b402a35a4e7c8fbe49d14128ddc7a93aa3f06e912bcde7bf5a5c3dca9006c0bf7abf9abc0d7c4f985b0110bf34430890b4e17b975d63a0f91cdefdc75b3f12e0bcb164ff031924db0745fe6bc0cc9b614c155d8aa76419cd3e78602e6aabd8e98aafff511cc67615e8b4c763b40441c130fdc5c2fe4bec369ae20e5c11ad6ef5dc53e0107184b1725cfca9fa5740b361f9451ec777c0975b735f34d1e0b51e6da88076526c86f8e1dce4d25376b031615044eb338961491f6c83f2496292178bb8ad6bae993d204b6caf29dad6834dc611ecc6a709c8058f1f84d09b9e1f3a3a76a18cc04f2bb3d1abcf3f63a18ff4fd7c49619f389d84961c4e18851b1b9eeefc7e9c243b34408f7bdf6f03411397f31e4fba3ad094d48047f1641fe4e627c39239b8874c0ce29f717f9fb4a3a8f752f6a70f5e173581a63ac196a060da20afcffeb07f4763b5cd5c496234f79b1f7d99b64a1b2c165bebd38a47ade27039f6bc073363d481d76721d7e77b8ad396c18af4f60dd186c35d31c65ce6e7bcb118752c0da1e39a1a1fd0ad04bb677daeb1f181f6a6632861dc8227334902986a37608db0a4e6c1eafb8c263eb86b99ddea99076158d961b6535d84a063f31755a6c335a19e18bdcdfa613b7dceeb50ece9793f265c29d9f6b8581bb4aa2e98adadc28694c9faa4fb741eccba8ef89bcd692e524c363a2002f8a2f7dfb5b8edf0ee13f0620f74fb63a40fb283438497a0fb32d4e8c8bde67aa59e33697fefb10fbdbb44ba964ccc974442c6768c4e77a722fefb2e060c739f01b7ea7229bbf5623b3384d79005c39eff287f8fa932a82db55c194c276ca1b688ee5b71eca4705cd4803d119898bcd5a4bd14b224748cabdce62a995f31bb4032c35ea278814a92108025b0048a211e1f5e42869029f04d65faf0c46a04849437fdcd7460fb795e6a625581fabf870468218092f3159df9b64dbd175709ff8f2974ec55a9644383689a98597e1f4f779e0824e7556734d886a388f79fea05f368dd70988e7c5a45c93d595098e0da4b53b401160beae1faa6f3e14e0c"}, @pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x9}}, @hopopts={{0x30, 0x29, 0x36, {0x0, 0x2, '\x00', [@pad1, @jumbo, @jumbo={0xc2, 0x4, 0x10001}, @padn, @jumbo={0xc2, 0x4, 0x8}]}}}], 0x10d8}}, {{&(0x7f0000003f40)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c, &(0x7f0000004240)=[{&(0x7f0000003f80)="20aa82ebc45f515cb6c8126115ab89b11ec38bbc7d31bf444ad0f74d13b8b0f2df859523102e8959ba4d4105abc5d0972a34f93e885bad3032675d5fb3ff3c637b233a78e22c6c3c1d952234970b9c503d159eb2e56c135bb2b162124520799c89b89083c8390bc759e0f4e2e76a499f1c64ab700ccdba", 0x77}, {&(0x7f0000004000)="60026cfb1af7f820ad71ae111a73d7f3682e75644e94b5be8121ebd9e166b0015b68df7dfb050e5c91a62a04e2ada864640bcf12184d4eb3b129db390424c416e12bff0c2a0b374a34ffb3c042b6ce7be84a18a354195a33a38534ce748d8c96130c09352101a27d4bfd7e1a72855e627dd73e6ebb901275d49d3ca93eb87c0c", 0x80}, {&(0x7f0000004080)="36c2859c98d0faac5afc978a0209733dd9b0ea3aa73f4be6695ac67b8283a15ab078f3e07010c1f69d33b7e742b0ac0601a99e06d0e7a5980b922e696dd184894266ccc9ff1cc2fc6ed652cf66d1dc4e640efa1fbfded1c4aec4b17ee30cae820fb2be4e3943a5be590c15139c238cce3b83b4d00d8f20888bd80befd8709e148f98fffb36b0d2ddad84423f4cf24ca6dc58ef77353146096ae6bf31eca68da3010f2a7ae057e052a71a13290fa3d3e92a100b85330c95304c23010ceaebf434bf5f7e473e771b2e5fce3b22928b4126796b946e8dcc2fbf3ac5aad84f0edb60b69c0b66184bfb", 0xe7}, {&(0x7f0000004180)="9d0278ebbc704cb88a9c3bd7c91dce91108e834ad23f734741349a6d7388419da796eca4344c417c8bc3f6e868db87a6504b8b19145e1fd356dd1bf64cd57869ca9bcf201fe571baeedd8516c97d299e12945b8d0712f150ead105f4d3", 0x5d}, {&(0x7f0000004200)="63566b68b65a2466bf7567829dc8daa0bca7977512de8bdc2fa4a2aba230160b7a7a91452159", 0x26}], 0x5, &(0x7f00000084c0)=ANY=[@ANYBLOB="1400000000000000290000000b000000000000050000000098000000000000002900000036000000060000000000000007280000000108fe0400010000000000000037a20000000000000900000000000000070000000000000007280000000208fe0800ffffff7f000000000800000000000000060000000000000008000000000000000720000000000679560003000000000000000500000000000000b82e000000000000c20400000078000000001400000000000000290000000b000000000000060000000088369eb3a425baf69eaab96b7fc7941fa2"], 0xc8}}, {{&(0x7f00000043c0)={0xa, 0x4e20, 0x401, @mcast1, 0x3ff}, 0x1c, &(0x7f0000004400)}}, {{0x0, 0x0, &(0x7f0000005640)=[{&(0x7f0000004440)}, {&(0x7f0000004480)="8c6562bd7818a341764db3d6f7f69b281d3e74cb33d631b7b3382e8a81a12b1b4906f561aedb295407735c6c298394e4efaffd751233cb75cd81625fa5a3307d540fa26ffc3b4fec1caa035745612ef8c5712abfb00bb2eb8f7616d7e4ee910b8bdd86fdfe339fd2d1fea141929bed5d0a36849996b7f138ee1d3433210bc9aae1404e002ab6665ecab1f0c14fb670a703ddad1d7c78fa095adc6092f08472c2372825e76101a34d4afda08784", 0xad}, {&(0x7f0000004540)="597b166ae918f124771797a653363f60a846035452a0e162f87e59b293c58c306e2bef0baecf3bd39530e898e66108e4279adf8944cd208550dac53321c98cdeef84c41d4230caf54977d7f9f3c3114ef101882461e7c3d844d608d36b01f3a77bc888f448ba3f1cac0abb40a226b6d6edc816c3d90f37e854be9f46d67c315f78e7086d4d6a4c760c910f9743f3a06275003d81bfe5", 0x96}, {&(0x7f0000004600)="0fb6fdcd192b721bfba58e1331879169a86dfa40ad3cb69e15bdb6d8c469d2bee65332cd30c30a745578551e1d19108cc0dc26575c1816fc1dcae0269dcae289d8ef3927f5211fd04497b969e0108bc589265743ed7f4b48c08445928e5785e68a81023e93b489ceb1a2b72c835aaf0e1b807a7d4495cf34b0612155205d7051db50fdd7f38551463b9f35316e04c789bbb14e26ccf3160e25d68cb6531b1d1469439a46fad47e8a2bef33aa826660d79d1adec65f16f2e1bc4951402b252dbce23cedb0c8924d626de489f133464236c0b8fb82eeebdc583a840a883ff7818d10bfd73e1c6791858a6656415d4fe633a788877f0d51a1fa8685664e18a4b8c8d2783d7945c1a0deaf762f10d9cacbff51039bc215c6b8d87db91da6b772fedf1c7e65f0dbd65af413e1f18d0a7c1c0bec70d5d4f84b0d116ab6263147712083e92c05a9eb4008c5fa92dc14f2139864ec3895dd5873762e73b393f4b9cd2d36c8e16bb972e544bd738035504579e6fbfc6165f0d09f406655afa0eacb552caeaf5c12156ba2a005b84af8d846594c8e850e7109a19e6691943ccaeb98cdce78797c01059773f6f3bb435205b15d76fa74fc341eb9bd0ba6b01251344dcfb05d78259e9c17f6706ef7263369314f9d4554898f23ef283a9466c13629d3953fc090724bc00e1f5a08474532d9c3138db175a8a63947008e2b6514aa2462e29fc0f9daaa500beb4026bfa4c797190eee309fcc6b008a93b2a166d3d816d4b10ea107256f9db6bd4181607101d8e6d41f099a5c208ba7b2c3220ad7bb00c5f3d0dbaa3246510558c4f41ad703917ebe7eb293806ff84a4eb609027b51c18731cfa71ae905ae08cb8e72d401c7c57c4b36d5a3c22119f528835a7b2a58f9ba1838cc4f2f2f96b4db1495deabcdbd03dce2ec8ad5b36f2e819fbdd0997096a329e3247dbf36662bc06eaa294ea6aafb2392579ed1c0ef85e3bcb77801d6e05c3643007b763ac7d3428cbd49673ed58ffdddcbddf2a3e331e72a21d0187c53c7a1a07895526183a8406f76349bf3a52e9a1efa72df9918b3252d80ded3fc86f5e127f6f510efa10ec58bb91b98be2c8bc2ba3ddbd7a00967feccfd7010e5f2bc47cad16c8d7c3393d8f52085f0c40b5d17e8cf5a03a85d8892157c056bfa41cf67612fc9729b3df338384e8861181850ab27776432b254a3a7524b7a81261c353686512ad0f9b5baea2c6580328b2a8b523121aab6ac1b75c1a40c2bf2a87e377a2a535408b3fdef501c973c6cb76376d623243d240328e2c1ec7e4c04dc152f2460cb19907f9fb03747994fadad63a93b8ecf5d139c8fd9a2efe25ebd435f78295a5a380a8a33d4caa02f37ad511c5a43314062e1670a6713a8e16ce951092abbab8d28f0080e86d1ede36bc8f1c3ad132f2687075b02210fd203b2fe868c72fc12987673e5308baa18e9c331d9aee36bdc9bf2292fa85f1a6c3bcc6dcc0cfc3b2032627974b8ffd86cc324a37a1642598c1f5afcb06b5ccd6d5ce2bc1a97a19cd77941a6c3b67de29a5dc23845be555d19d7d86fabe23e81649d6233867afbf06c20520e83be3fe4ce12f04218402a2466261d96d084486d8b9339584960dc9af43946195462d9b642047e2dca8e525783c5af75945bb0b372276ef76d7d5646b2cd5784760980a7b6075650965ad3aed6f34c8988c9ed66414a14a16e349578e2a9b963c2a55b6814c4e32582bfaaaffefd1d5a24805b58241b5990a70b349210816f92781ce57ba9868c3aa754e60da83662db603790258fbd7cdc5e94ec9137ade6bd6e87c390b9fb5158a982b00454b16937626a14476291ea991236e4266c57122cf102eaebd7b6a30a425b09d907fe24055da6a02af93cdca0f741b8e3d12271bc7f59accb44a1f7d5624832c0964a58dbbe77dcaa627931bfbe3a9f7c530ee7c711b9a8ca3b7f352160113db52d47f7f318ebbc0ce13e22d535d488f5f5d3b39ac9645d3e8d1183fe64a677c4694f3cee77dcf5ee334770786f9af6b4864c374bb28793e801fb898610bd287ebe160009d819b1d3f230887d6dcc915aff01c4453e42b31accc27ca0cbfa87c7998d5f657e3766ff7540b68ca3ba3ad5025306d15713d078ef618811f41de257b74ea573ba5bded2f9f68b694fd77946d8c1c6e27b106fd8bede6a2a4007cf7b6095c0834d4829b27218b995b821ab0a5f8cbcf46a3734b477993e3cb66c7a1666ce397a37581692cc449ff4146d17b56630ef2d14e3788d0d6404cd63a555e809582acdbea1687fcff69f7e62d44444580dbd3d0c4a22f59426ab0a6da2a57b184638166f71d3150608ec012d5c4d5de790c16cab17c328cf05e29dec772d151450cf64062631ca9a6fce9e9605434f3dabf500a5f5bf904cf580b536c4f70f8b5ebce22ef109f785642e0f010bae959e112584c718fd7fe5e272a0be98f0f8811d9794ca86af3fad051ac600a8957c00e0a7b3c758eea904f36e801bf611be9ab2c89b2c07c6439f5d59f58e4b6494250ed31b7d3b0294da4f4721c323854f39244a4fac6877b022d37fd95fd580b22419f88228a8b03d76563d3b5463d1aa077de7e074c59059d0d02ae547eaff8b97d660b1961dd4bf19597e4749fa7ac0ebc90b4f65a408074b8a41636150368d95f01698548131217b214f490012d998f5c24420a8209284867ec0bd4051c811d32b7329185a5cabcba9122e5d3736555b0c961f124b42bc65aca6d9dfa45afe37860c4fbdb2f1766b914530e6c8c5d9999687b37781a022097db43ff0d6414b1d7225ce9cd7bb4577ba858f203ec0dbdd96043d6f8424dfbe08b8a875468de6cb35b761f827c53d5031047f6c786cffcb3ccf1f90bd4721f0746bdd1a11aa970bd1fe7a22c0efc73e29e469b3b7c922ab2518ac352e0ef4c563cdb4ed557d8451fd6a88925f8243729f734bd4e69c1a40837e76ba8fa8257e2de2e1f68f38d4fd0e4f3ef3453e7fba58e21e032a41b6d93d4a1b0c74efceb6a4c2cd1ec2405281b2ac8660d47dc7e5b5b4816a31cb9622567363e07d34a33934b6076bac1c3925b2b7af58dcd5091ec5ba762aba682fe00da5aa822fec29ef6b9d279c75ec9d854a39aa028ad94f216a79097e348c64576153cbf02531c16c0b10a7052b0d1ee757d493fe9a763449b48821e1965259915688953f6fedc14d63bcb2eb6d9ca76c9f02af5532acf4e4a0a5a41fa25ca2369b99bd872af260ad1fcf9a84afc7aaaac03d7414504d9317712aa2a1122136f5c8b42c6b2cb8752c6d38e674614c6733d0aae0c432aef3d738038b4cdd4dffa1e892340f429f30498d6574f369639dfae73746cfa838ac19ecadfed7074dd286c5a97c46ba88dedd134e706967bf66c4ad58c7560f09c91efdc586f0a3127a76cc0158efd7849f9b658f1357eae3efaf1ad99c0c91bbabf977700b6a3c5624b60c922c75e835a5da48ab02602945ff0641bf3bc757ee05836eb3e7221635d86790999e4f0b9124da62cdda59b5c122546dfaa84c2247ace2bc5410b9dec402e02c777cb3901ffdb30972c873a9a826840580a1ef9c1ab86a609219ea22c2f7b302be14fb97ef12a08a7984487aa1932943eb576f79a05df2f24fb663498960413174b5f6b4725611cbb01b79e25d3fa81b96500427722f2fb1fc5824343d2afd370d1964e9116cfb8fe079d1dac41934584a8b5cd57ff0614d0cd2ec60682edaca07c70316c9292185cac810829f58a38540cc3c3682c707c27c0127328a6a8cdd598ef66404ce2cebb1b3db6e286378e15594b8721af73f0eb063faf40524732e91932cb4b739d8dc58669aa3105432064b8671b368f0fdbc66ae2ca2df1f3d505cccb0b725a4aa453bd1a96368b78a1317f973ccd377da8ee4370c254be479c8d1db2581c581e098c4bfbdd518eab598dbd05988993dc26e809c83dcd9883329b003d0dcc60a2408882f8ed6c04742edadc09fd4e7117c1994f8b8d5def8f57c0edc7da13a0d69029a55e2706771b716c5724f6de8bc0b99ed91b1cc3cef9531b1d6bff1e8bf93eb64e8c6c1dca9c9ffe7624c11ddf60ca134001b2d7dfab5ce16d1b64f352c0f31e89182b30b13ef173f1b1850a9e09b4c276cdb31b8952057b2acf9f4abae343fa8f1637499be3b37bd1ec1a458dc063076fd91296dc94c0a1565d657a36485a583a3cd5e91ff0caa75603c6561d02685da306de775971adc829140fa9145034c2dcf15eb09a4cc9617b2dbb98144a26fcb2c75bbdedf838c6c07d1f86c6edc69a23b22f015fbfe5265dd6ce02cbff951a42ffc14facef747c450b88e2e74856d70e1c5c9dbdfcaf265775abfe24978d7efaa45c4af27d8dc8cfccc30f8c17449f4eead7af83366f0245bfec54e1ccabd125434a673489d2f9279036e6a9cc57d62613b59f2c1f515d2a073daaa522026054e0b89b88fab8714e2fa3b237e8185257d7abdc1a63ea026864a57ad271f5fe84bdb0c144c4564cc35cf8ba7baac4b67a14f397060b0b7a8b6d36b24da5f3098cd25a09e97f649502108d210546ce7a948d85542a2229696723a564704b192777004368c6bca13727876058e8255f14eebb20c3f191d5ba9bec8c3c19907804d54029f56968126240e17df87ae2f5323a69b9d1f56c0d8202479ebefac7c8ccd9d2f2714882a90e69192241a049b51b73ed20c682cd442ce3603207f2c30ec1b9d83a5e9192f26bf152f80648c8fb4a9980eae7b3a3bf0d6ffc99fa7d25058810013f95e72fc37cb4addc3462fb58e7dcf2a4c9128e078ffec029dab2d0a4619e63d15e226eaa518a37c3ae5ce5aa8559425cbd0fa7d5848b3b7e14d9f98167ede5259b6b7234d7ca32784641629bab4cabb427dcb630ad71ba3b847b2549add186e8b290592618e68a8bc2bb7c6c3195e8e01496797ddab9c33e6c91cf5a0e7c576554ff77138674cc26f8257369923f9230f497c83092e8bc91fe62acf7d5d291c6aa16071cf08a3b37371f5d9b071b1c99c5d91cd3e45e5b270bb8edea551b4d009676b61d63df77c1c4f755100309afcc02720339ff022f6f3f4418a7681242548a4830957d40f30956682785dbc31898c49b5af47d99aceb0c406fb5ae01e54ec8dfec6a8f7a7f7360d833cf394a4f028f45dc56115372b09833f8059bd79e3241b8870a5c8b87a3011319a7a27dfaf19f4ac194f1d73625e845ea64a539a58d4f2a9d6095514e4afa3c1e98d042b584b8d1ca748a87a6875a12fd43c0ee8712e8b1afbf583da8a0e540d2fb6fb1972614c1e1a64020142520f4bdecc1224e84691f5efacc0a6d856644ba21a1d628337fb8e9897bfb2a36f96a2b61fe5fe06385c8ee04f3ffe1670da9375361fad628ccb52171986dc0ed84ed126717d9751673353da1d604eb8c2c4277588ee290912ab8a01f749784dc4210107c97034d0892cf133a617662885764a32d96134316561c1deb3159cd2f22f6e03c6b2bed1df23cadcd355f17a565ef35a1f017bbc73424ed7e7cc7092e7e28a100991c3cc05b11eedabf2a85c450e1f91379890864c51efca3edbccd8f95c411eb618aa85983224d2d8654cf3c7ea13124fe26249d30f2e99ac081fb48c82f31a6a8d1824b7bd89547392863eafa457bd510b383502576c93fae18577363b5f53499c382e548737c333087f3c28216af4336037efb8410e4e375f778725f6fd6120f970bb39ef1edb153be6370885bf5c6be9a0418303bf99b76be2b75d232e2d524f8d388b925db4a6812e983a90159540d00b999bcfca3186", 0x1000}, {&(0x7f0000005600)="82dfbac85d4e647e590a1dc369440be7d01b589b2bc394431a05affb6231e1860faf45c790037e9ed3c5d391e656c91044e8081e", 0x34}], 0x5}}, {{&(0x7f00000056c0)={0xa, 0x4e24, 0x100, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80}, 0x1c, &(0x7f0000006b80)=[{&(0x7f0000005700)="348a40a48d84f425e5bdddcee99c50869996135cbdd82bcf5a469f4e0b623f7cd59fdae7a137ce4ee16cac7334fcb7cee66ef36e364ed7d2d6d690530055c110bee7ae0f7e41191482eb6aabbd8fc2ef24b17bcbef5c508ac7115bb2", 0x5c}, {&(0x7f0000005780)="67d6d97a294c522201a187e0a66bdec086c7b447ceb80ce2621818a44c44272ae6df8a654c51bb485697678490a45cd93759fc6b545bcfcd9dfeb51d92f5f00c6b53e5296cc1ee85aaadc2b7a8c480a7856ee1a765b8522a90bf76f22d92ea99cd81d5e5bfd29c7ae7a2b5821be77a7d72d277802ac9cca0a9e6ff3a60485161a2257ce73d660b6a", 0x88}, {&(0x7f0000005840)="17c365a15e150e799b0cc8e48e834c0e697071ca265e5bc687d5dce430aee09b6e8d2c0dafe464fdfb757516b1e5588bd544f66f129bb972f7478e233aedae0d5c3b21fd91ad809b5299b9815a992bb5c29ded8b5bab2805706f2baa9125aabda301e6e7384b20c87871db83f238012edd1207039ee1815c490b523cad405506ec288b5613ca868cf125aee48447d47aec2c9a32c9d4991797a9178c1b11fbc421c300d0a91e004a187e710979d2ab0af90ace530030f5ab07a3895d263931f997a3092b2c6bbe9d81629a1676bd6de0ca36e4eda11279a141de55719339def7d669b4b8e0962ea1ce557b0b8b", 0xed}, {&(0x7f0000005940)="f06853f0003dcf3d61216b4cd05f429e6a1c18a67590d078cb7476f29dc8db846f455b9f3173aa4f4aa7a563b359b5d3c8fda4f3a9e026b814ec5435ee4e714adf7a75fc28077f8fc18fb98f1c61e1babdb6cb061f5862497576e661e80d7e9564264b65e599cbf513cef5e8f24ba24d6ecaff23709845d3d941f34f89354abf9cec8fc9446dd6616c06f6cfa9d8f5dffcc7ae588a377794b807e37e0b0887f454f88bcbd3e86a6174935d7d3366b380ee21295200b0438c", 0xb8}, {&(0x7f0000005a00)="ee5ff1e78c182119c2e16805af5997bf8a1dfbbd15b5b79a904325e27077f700d9e8ee4b8cacf3599293034539c6ceb4bd1718444d873514a57368c6c170faeb38d3ab5182441b91df9fc02094ed2010c4622300464894c42c285a3a3a92bcf138eace146030600d2411c875fae48c63fb9c4a8a922c34c503249f5452b402f9d0f473d0a7005be73ec02bb60b78e688ce1d9103f466c7f4f36ffa7e00b98a5b593902601b1b05082da944d54a86dc815088c6fb9558c9c8aa7bf4136701dbb2836c3f590cbedf952582cc5ecda9b52624fe69d0b94dc8fa3eada86bd1d6e11ca7b50163cb24f337c1f344aa6fdb462a1d6bba16e33076f6", 0xf8}, {&(0x7f0000005b00)="84bcfb2e14b8165e1b751ddcac84fd29b6b3fbb1788a1409af8b8eff08520e01307e20341ab2c21f299b28bdbb3872c4812c7bca33ae193df438b5384a6c5d1a8f375f75b23904eb93317a2168dd790c805d6b", 0x53}, {&(0x7f0000005b80)="49cf70724644ec3afea00b38125e2989960d2dfa5016e8c55d1d0542de1b1a18721bc8ac033a8b3a8fd065f75c7ea2dab9092b55c8102166159e41963009748c0ad36aa710b514c8d4efcc8460f3f21467df49f45db9b7f4313f38e02225d72bb97ca1ca3733ab7dbd79bda0befcce1e19634a6adab468f91d26445d0ea73f66dd2112220963d23f06a88573b9fdeb147270b3b033c2c523462d382c618f71390896bc2082eff9561a568d20e5c1a8132be94f7a0a7cdcdcb64448978bf0170704b8ac8a401d001c1c43fd8ff5ef0101bf5ec94b771ec94dbfe5639c841704c48ab8ff2663d6154570e9583a345f483fb6a132493140031d55c87b04cabdf2e5a0b86b8153a373698dbc99062b6476e6f8305c89945f07cda2044f65cfd2e947855423e3b1eba72beb3f8e7d39def50206bea875a05ccd1f3dd50a2bc5113cb9f2fe57b38bddb595cfdc60b1901c4247385b56aec2a295b389f583baa471b755376826918822e5df4e6b79ca9c135ec1facddcd22a4558bd453373a12d22f86a69a4f5769e9fb78d997278f960077833d9adc8137ef1a1936abcb3fd5a42cb08a67664197728b5341ec52df2b6bde8ab3b68b1d8268b1da29aefa014fc661231da267ea844d22657d1caac4a733d7383465dc46a69d54282e97b11a6441b14ff6b90181614725c76f52ab6397ea1beb9c5ee8423199a9808891a5833805e7db3facd8563c0275d7c71d9857633de750844bb2e895dff287192437094b8a4ee8aefa7bcea889cb115cfd3827099ea84ac66afef4ba06d2319f06c6c0a476d8c0f40fbf65eadeac92b39cc0c69a0784a40a4852fd2d4f3ba2fa25039cc3918228b17a9ce9cf3aedc9353942e9619cefb4e63646277a871e742fd54ad57e6b62bd1ddc37adf0db67fe88dab2ad020cffcb27495fabe87bf06cd2bdb09a903d49482074454d9c892ba7582374114f14c5633e7f06ac1d22f1de67356a54f188de8a127dd33e90bd208da1c58905e11ca842c942591585caccc447e1528baf2b2a451a45980cecd3c14492a6eeecaa33030866f1e404bd9da95a2a32e5618c9f0dac74f820f061312f0b25e173a3df52972a89c49478fdf9c0414c1ba7010664ae579c1f0466ea65d1c45b58fd26583b9a5ade9b9f3330851ea71fa327006879eae0e6465d55222b6b3930248a7a0698fad43b07344289eb1081ef3b5d1d627935eeaf910078276485d48ec3b566530affe1abc733262fcfa7c7f97a2f9fd68031580a286481462509dd3828bd2e635dcb9328f86381a3bdad6bcbd98d6f0e15c89efb0cc48859b3d55d6a98c8d9ac5451ccdde5df2177b5d45446a06f1e585a8a18d9c0e81f3e3b80f6c51ed214163764fe36f04af5e2e648f4e0e8ff9bd810a35eed08a9c2ff8143966b7f60e88c26be67efe6d6cfec06fcf7f05dd6b480d6f38d7fdd438b8738e0fb368d1200dd5b19b152f015b359130b58ba2fe2c37a4085a4ccf1af28b6106f4d5de6d04e34edacd2cd7865baf43e9df05c0c635178098b8103e01cf07a665c8df9bb16ceea7455774fce989efecbabe3dae5b7c27ffe643a71035d60450fc2d7af7782b04b59c9ba2a6279964829eb9ef8c5ccf0f0a1f3aeec2785dbbffae104b53191293e8ecaf7b3092d2e98185698d3fee951954c2ecf92d86e4e60505060f89c90177682b9d2e75e09e1c79566cf726e358c7b2e8d03376adf9e6c558f199d9989c0bb481f704f2fe852a64cbfa0cc0fe4508f88e472da6e9e3bc14ad4c1cf9385f198c7dbca983ca4823effee16541c09f115d57ededc2534635917ae452b646f25c9563a320c767950be79175830a0d21389abe53c3f363ea66079a0bd1e3325d3d012934ef7260734e382e4b72eb0628f796f22c7286585529ec58320973ae90d948b11e282f7f4da8e23b086c0ef2ca35df810ca7f70cef9c02dd6d1d54e9997251728fdff157c5b6a15410ee346888924e9a165d93ec9540c29ee36e7e5fc253c8afcd23a7b5ac660de91f0b7ec3209a3297fb13e106e4f59f34196cd6e68fffa901059c6c72ae83970d23f9c45aa0290bc716963e7c631465d69f59327d498976b1038ca6a90ff5e041d7883bd396040ec902998b3a12e77a029e7c9792e57be4b1c1d7b3df041f97ea6909b4d0294176166d6c75cb50e46044d58bf1cf5a65577925cc4ab56ac193d6bf4f58a72c780537f03f2e495a79c3f6fdc7702c4f84afeaa1c3c7a2c118cb96e91961ddefde47361704790e906b6372940269fa8feb627d702adff2561598bcd738e7def79d4980881cfc6837c037f1ef703d2eff9fe77b973ca8524181cdb7680f1b80203d7aacbf5ffae3e327bc952aee5c394cd76d1cc7eee3ee9cd929a1a3a334b47743eb81c00b2477bd52cbd6c9bbbdeab2c8df890cf8fc6af5d1af5e71c8c7520e8fe5eca815d24377fe7fc4871a72f05f55c5a669bdbdd8e1e5b31ec62bb6018c53a8b09fc50504640fa4f18d2aa24e667ff0bd45322c5e24946ce48fde6a2dac3a3dd0abee5d98c509249dfaf2d3b648916c1345e24c14e8c93acd3bfc6e4a960c4d27ac9c79449b301a846f98e8f4b3e1f9fc3be33db373bf45be03bdc5b6344713f71748adaa5fd5c617b3e352c0f67c5c04e09bcfc232806a44d7d6c2090cec43506b337e2628e7907d0e8e7fd93b8c01eca14f8392731f51ad74f97e5e679a5d3a3e8aa093b9491cd8894c4279be2266ae9b31c06e321c55070815f58430e3c9998e4d46381889325cab1752c58ebff40aa9f08a71209f8dd442d7ad8720914aec300304ec07f8af1d7bc6b161c4600175cc9a6d98f9185390b3bc83fb82aef0dc04fda95219a384978d458a7855550375d4477ab16a72f8c3fd0ceec3e89917ecd126381053c4c9865065c5fa2c563b436d18600c1b5c164797be4d73e0535983a9845eaf294da0d9276d79b8d40dbd51b45345893a7c72f20dab6b7ff9c1aafb96c71e509beec1e43a9b50ab3119f9d4cecb27b1caf6c0302168b37b026d93c97055661fa693c440cfc9a51c6e6365681db6e8e9e8bbbe4fcd6736ac5140c3f12bd099de0c37164e74e525cde31684fffe062d61ac84e005f2ea29315806597db3154050da958ee909710f847093603ac46e409c4eb0450a9492f64a63d7407d26a658c23258917c448006ac27070de129d956466ed4af182d9747d29e3f0cc0d4c77d51bfb5ad7d7e0ff5cfd2f0cbb8cae7ec462c4345283ac2f901bb41d6c381f8be38033648c17ebaf7a08bc82223e4ce912ee203223a4e18b8d4891243e458405bd70b9b219e620aafadc9a5fac240665c4095dc6c6605dd6f060b7dbe5d16b957aa98de6d001daffad2feea7eef2ec22542e507d251c2a5c8fde56eeaa4c22c63edbaee94ba23f41ffc0d6f80d8acbd6a4fe9e160003c3e143b29bc8a120496fa8319023f2ee7b55ce98d4b3dffd569840c9d51f51a0c399b5915f60d9c47abb18c37729b93e844ab20aeb40a391882d772d045da65bfcc7a1c70b3e3cb6e43946884de2e5398136c31d765c4e1cdaa38cce284050576c2df6d4784424b6cca6c0f8f8aad38646f1005f404eda8f19435b06d14bdb693739426b29c895905102004cf5e9ff03f8d8888c1b04b80b40c6adfd7910b8a992c421731d5b55326e9bb992692209e0100797d348a88107ec6d855ef5e2bd45be505325bb982fec0eab976e31973faab8f55c55b0ef292a5916ac21c91a16a0c0b72e36b15d6501667d37806ae8e23b7889ff55421b257bc22387e49d1362c797068ff4f66f2295c0b6d939d8aba876eb6f6e849e70d3f66492034ff8cf44cda533455aa3747d3c7f3ba1ffb5f352fb55de5cd720ecadc676f5c7b83f8a2bcfc9cbfad8d417e7b8e7fa27e059585a92f65e9e87fd61b0082562c7c24432efbbbcec0be729b56f0b166884403f9d379eb9b90c284cb8440529a2b19936f8f9f228ea1680b4e81a1bd31e51045fbfdc727a2f704b913d74dc846ad6eb51468338335d7ec5f012d72260cce9d37680e4f0b9fd9691f3fb7df2d7c2f296ed6aa4e3548d218bc414a5cd7fc17970a9ddcaae450b5d82226724ce6ac30e5b92841aebda591110632d2748b64c96ef96453202503abfeab8d39bb1ea896b67b29e9dc3c6f5c290897050a9818fa441a6a709836281d31a54a293290b94b027009f0bf65debc0265074524f8bef4b9126d8c11fcd425333f29277696ed359f26cdb0f8d57e5acb3b5cb38c08ca5c166a17b2c5b11c98cd1c0e1a2b39f9cf8c5f6696c1e843a113a50ae820977cda467e647215b017b74d0ab09b2c5935732696f913e0b387f5a5b89267ccec0327638b2f0378e4ceae501d15879a2395a3b6551f61bd93a1be68b79ddf45905cae324de3680147f067ae5123e2fa1c5ed8b1223c6e8412ea0c20ee628b24a99a8cbeb31b0f0fbd464dc71ca9ea3cf10dac85acc8536f1e78766774ab80775d06b000445819803c452e52c152b28680f643a10004efec4d671addd461e15fa4d941bd489cc7eaddb6ed91b390a784d1716de9a2463fcb7e3c5a79eb2749e91c492f2f1ce3049c4fbaa318115899eab56381104ab4d7981c6fb7904915793ddd69653c4db5f167807473aeeceeb470af4149a6e8a0432c36191be8330e387636a68c6c1619ee0477df2beafab2494f6ab8b0dad273b14c69e56c62855183621f14546e85cb28c83d985468b4826ecf3b487faa5b2eecff14a37b3c929c91161ac613a94cdac990227c8a3e3ed39e619cbdd9d3767bde23cf07aeda49a8139461a5a3dcaaf5b55a20a3ad91ec72a3ddbfd5b3202d43bb329d5fae58159e4aa86dd61df280a98f7b12167c307b4cf949bd0b756515ad8c9db614328e54efc4d8934f937a0a0e54fb8b26d03a1c8c400edcd303af93f3eafc32b0cea9d2feec7f81e90878877ff0231c34147c9f5d742f954d2fe8585d92c142e1cba94be3cc244e7fd17a759dd5fd9bc86e631e82d098e6731fe16536922ed7dc9e7b46f2f94d88a985631158397954544bc1325c41c82f81a9fc7607d953e334e191f13fd6420d5e71c3475f84ad218e19ab8bacc71a4f54b47b3c35c4fe47986390c5670f7699985fe9c20df49d1bad70974aacc7ca0fe952720fe29cb2d4c3902f4827f336dd77035837e8918e3b8755b98ae4d46dc9d4cc39d5bed668e115496623533e8fe1e6383f5030bb9f004cafcc6e9d386e3d118d7211e267221dd17e34cd5a918aa56c3dc2487daed38d1dc283b136eae1376c01b5b6799367e69847bf9ca7b0eaa96991b6cba302a8438078ea53bd3ade8d2d6eb440dbee0f9b929c892820d5d236464d734071dece0771348dfbfd6a4d1b9121d17f658a2264b6a542c500e274722731687e2c216fe4c46e510cee77cabef59328aa5024b8b6afcd36e97c455d125eb0c6e07aa4290e864df2ea8a298ca58e6fbc781ff7a11dd91f62c105eaa583b59001302d9d4473bb47507e7ad7beb7e23e488a053a2bb73796a4a58222fd719b55698cfee7149100ad8ae292765dee8e51d6cbe834fa74a7e9da0a0d47f3821e435105fe861401367efee891227ad76091936d3c30d0437b894268ffb3523551bbd94ddb728a9fa70fbc076bbb2e477f3fb33d26a17edb3cf70c2cc5cb4b87db48abab6cd3b40b932933323f8570bf5c89bffa86d6a007f1d98d899e65a8b5aa20ef5ed056012518c317d5226992ddabab6220cc0e94e239ff887cc0d6fe9dae0c2be0d460164835f1c2ce060fbf4876d7c45b6829541fb36d4150f86df8b3c7", 0x1000}], 0x7, &(0x7f0000006c00)=[@hopopts={{0x40, 0x29, 0x36, {0x0, 0x4, '\x00', [@jumbo={0xc2, 0x4, 0x1}, @pad1, @enc_lim, @enc_lim={0x4, 0x1, 0x1}, @hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}]}}}], 0x40}}, {{&(0x7f0000006c40)={0xa, 0x4e23, 0x428, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x401}, 0x1c, &(0x7f0000006dc0)=[{&(0x7f0000006c80)="02f9c901e64b527f1a98cb706651ca4973919ecab9d483bc5f5299354f9655888d537587d2289748369a7f87cafccead64c64366f808bc12374953a162da4c7eb413d3ee2fc9c23b88c4cbbbe98d474d2fd758e4fba199a54bd7779cceb5dc0530f581f10033952053141e6982d4b5ca54f94d8770ce6656f79bd9f0b626d6", 0x7f}, {&(0x7f0000006d00)="472bc10da2ba421d32d1c6f373d2a34d907167ac0fff1b6df4e0cfa09bb2a5bdb1bf66a10d6a9e64c3a4743c46ae8ff48d6a7ff0b828d92ca2685e116cd4979ec0fe8ad7fa26227caef695a910d38853558e6930e221f9b5877a024143583e662c964104ca092d48894ae46f814a0fcd023ec80611f84a0b15225a3240388f62437cba428556fb65f1a0c57c353e4d39e24546445db130e07846148f5f5096667b29f3467a122b1bcab92cf0b32ea7f0147b7178ab4cd838cbad250f6f89", 0xbe}], 0x2, &(0x7f0000006e00)=[@dstopts_2292={{0x140, 0x29, 0x4, {0x32, 0x24, '\x00', [@jumbo={0xc2, 0x4, 0xff000000}, @hao={0xc9, 0x10, @remote}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @pad1, @pad1, @generic={0x6, 0xfb, "babaea5a589027f721a260d0c82984ef0bff8f39f4b5b363a41a1cf096d5eb4852e2deaaeba6c6e88b091520876a5276fa2647de1442f4751b6b0d4450921be26054fc2d95f48e3fcfab1b824d7cd7aab2ea768ab128e8b34a102f772847dad8c327cdefefb014b19927293efe195ead25275f63338ca54612db7e4c96cf2896a02977f7fc0d8dcc5bd5548897247d57c7e3ec6c3fa1791558295daafab8b73bd19c084d874f87cf0f677e4cae51f4a6d0b33beab2f64dc4150c8b140569006bbacd40f022f09ef83904eb82fc9939812f3d32d96b52f11b107517d6c05a3e6be5d5a61a42924fe4ce718e09993080c083f8bc859e1efce6a12098"}]}}}, @hopopts_2292={{0x90, 0x29, 0x36, {0xa5, 0xe, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0xd7, 0x9}}, @generic={0x40, 0x65, "92d2b7d03cec4ee22ce418be433ab28cb8dae666fedd103b2c6cf06c051e6549e85611a150cab840d7549b8b9ec2f23a444f9dc63b4066b76b79d05f53adcd2ca4ebaa1fd17bfdd1b492042df39bd3254a979b5546a7b08b89dd5015ebd11cf550e96c06ed"}]}}}, @hopopts={{0xb8, 0x29, 0x36, {0x2e, 0x13, '\x00', [@pad1, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @remote}, @jumbo={0xc2, 0x4, 0x7f}, @calipso={0x7, 0x20, {0x2, 0x6, 0x5, 0x3d5, [0x401, 0x3, 0x3]}}, @pad1, @ra={0x5, 0x2, 0x5}, @calipso={0x7, 0x48, {0x0, 0x10, 0x6, 0xe4a, [0x6, 0x198, 0x9, 0x80, 0x1, 0x1ff, 0x3f, 0xffffffffffff0c58]}}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x40}}], 0x2a0}}, {{&(0x7f00000070c0)={0xa, 0x4e22, 0x80000000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1000}, 0x1c, &(0x7f0000008200)=[{&(0x7f0000007100)="4983e2a955f9a7ebe1044b631d1524199051f3884838f0f749f691a6064f5de49408fa81f01a771ea0f9834cffe1bc090a7952bbd39a7dad259fa82dee326108173c42fae343b9cdbcdedf60d3342018eda428da183beeb604f483421b2f33b9a1a964ba6761cb433c2efdaffa63ea2e8629f104db4bd3ca223f2619953bf8a6dcbef272fcf47c267f10fbb7635d8aed0775c6e1cc820bd2962b0ca91961c2db9cb6c4a918300eb9c632719f8a1f2aa4f25838054d6f917d3840347e60104529d53c9e5144ac9f839a32bed81d8ad8630205543f0e463ba8767125fcb30aecc2783e7a113e7991963fe965f458b82f6e6356ea7e0f15159b9f13c2d49d0d163b592673dfb53f0d37869de40c2a0c51815c20443ce8c1de7c92fc47ddb201e495a899eb240808bbe8b4ce95afa3ecf17d7d6e7307156df8d0bd425d30a1f53f1ec025e7994eab340120e57dbd1d68c3b8fa0d6393b1baa84b9f74ae1c4c21174cfd06636c15cbc7a791ea5b811f2c6a602691166ad8cdabb39a4ed04d7ab3a3c18222b490c7ce86181ac0066259fbf26320ac1e451fc92021112930cc33612e3e800ca2b97da0a7556a32805251c9ed4bb9eccbaf7a35265ea333385e6e4d980f466418a278c395a30e5d4730a75cd181ceca61e81b80b425cd28ac6819fa63d5009cf7fe87ba0f77c57076d425677d648808f7fdfad0e060d452ce3d0d212b3b10997bc36f63d65ed310e605bdf18dc94286edc7b755ecd3b6be41598b64b0abdce3784ea6f42f021a3f2882ba0dfbd66168e3bde5ec0cba9bb3d989c904c33362927d1d62e3cc1b71a241710dd864e39506a1a5774800f879da1e6efe29ad0d3bdcb7b88c58a68a4fead7cc32713ba79df18eaca405c2119e229161d17c10ff68201306844feb4cad1d9acf2f36bdae3bd5dd882a447babb7c2eef494bb040a9f63a70188d896ddfff18a040153791be3a8e6bbf46c56ac4aed749c8184838ef51ea633114578638da0e233c1587b1e383768f4ed4b8db8e33576dd6c9f03ad40c13d5edc98a63436c8df0fc5a3e86b4ac67dc380928da5a2d1199036e743191a4cb10f2e088aa79345f1595d38c61d94499ec83201e10f9f078f4716021b6206e0d8327356d9870574975ee464c7b2b130238795e19da6733f3bdb8da6d07414db7a213677834ba400a83142f872278a4c108c32777e6c2e3476df7e2313be0a08e556e4848087965de6497a4fab0a2d80199f7a6bd5388696c88ace1606e341881697b45fee77df33d1344dc2fa8e6ddc2729737c20a98e0a4e3cc46f557dd4226f2c335e469c9035800c5d5873fe1703f658bc31243651ae0dd62519a077224714fb86bc13e796a56f94c8ece4a9200b887f00bcf812b15dee5ce7651afe40edc730c27363a779e998cfd95f03245a5e065d27fdb9b75e67951270f3e26877ec7ffb6328e8f8d722246b5a2333fc06e6fc2c4454672ddacba460a6f5470c81aceb168bc8a5f06ce73836a3e784e92d68c8f3b2287ca7afb2ddb0584739c74fa82eab41a4586216ea1460430a0a587d0cd874f217d7579d733eb5536e3383c006107ff009d6517d153a34d10ced5644f7d09dacd1573645d7b772ad2bfb87eea5cebf94a96eef77ae198298caec674c2446fb84c01a892ab9bd9a3911f65c20eaf9890d3f97924bd07c5b152852ea8475c7e6753457c076afa47f360b65afdbcebb83b063bc7421297a3f4761c13e68b1f3b90049cdb10928064011d9ec4dc933120dcfeb08a6304c2d1e92a41355d41e75f1753d1f1b6a68de2d8ade69a38701608f36bedab9a8e86b9766ea0fc5115da87467bad432e64bbea6f0ddb2291aad190d71bdb8f5cebcff65b822147f44eaa0d96119818925e2c5a5d6a795c5aa6ac6a58b585cb3708fc2a25341b2848ecd6caf3ecf4afa34307a4a48862425a52f1b067d7cbf6a9d8fcc9bee1a8cc8cc5ecf4281d11876590c5d5037ec6ef3361c2944f486585daadc359bd674deacb8112c63a13250e22fb38aa628683e0143c6467d72070cbf89d2ebff93ac3981a930772c018bacc6c6c2affb7e28e75cf36acbac6bf5bbee1e5df81ecfe115922ff46e35ef859c420be9b348564e4502c77f48a818eec0ade4db5c54030b675929f15d858af09597b07e88f18de721e778434ba850bbd9b050ea743c85fedc81a67e591dc15af52b67b6bf91b10662320d26582e317aa16bd755df8692d487d235a32c19ca6ad06952bc19e6cbd321546c0c1b634cc5c0fa72bdb29f05d9cbf024b1c7eea24510bb1a05a2339636aa2a710ec8cfd726c8211c589cd46e7b822a0ba25b605be5aa993641ef739035270d74b7755a0a27c1855d92430138bcd59c5cff10dc6d702d080f878c8ee2103c2d55e7bc6e08f99567cc4313cdb133c1bc0d1b3b38954a5faa32c8883e6dc62ff987b9b06735d7dd29dc00f780076c7f2b54c407777dc32b00c5d5cfa64aca690338feb402df5d7513f1246b4b1242b691260d7bcd693378ea66a2759566f9678744227a6ac52282e1672cd99d1ae0d2a65c3f29c1dca87b505ff569aa48eaadb75061010a807dcf1655e2f507f27245cae301df5978fe2cab93de96f15f7e22510547b0fc05d21000b67fdbab8ade28f673e1fe90a06ce02b6351ea3d7d6f7d52f28441feac7cffb9a3859d091da6fcbb8719832f89ab59ae6ddbfe8cb220a49dd724afcd1e13da785636a7a896a4b56bf81590d7748bb0e768233719a8cd81800722a49c34ca239d98d12ae0d09595cbfac196fb3e52f4c997478e5b53d55867ec2922b9b454b5fc39ff637659f98ffb5856fb32384e4d37353a512e6c7660b5487e09fbfed620d6dcfb70a61a28772215646255342f3fa4c67bcb94b45143f9576d8beed475f202bd51a108419f7a10b7bb4f7cf671e949a4162758c6013dc61028eb95b7989699ad5813398c5d7cddacbe97f1901cc0daff082a4b5538740c4a2ca9f84838ab1186ef3399fcc7d84b4262cc3aec9a69c07f3f716993acc6a039bf8a4e4b7a1c3115d78d703b59f023d04ca20258a1a8666f62164e107fd809e2e048b4a92b1631044d6291603af2d940043e7a37ee7d2c35701c727bb8f921771378dd9c358623a41ac23cf373bda532cf1046e145853ea33a05c1167abf06d9c2916d2206741121331cfdd7d6006409478a7d9e5eeeec3e2972f4ab800703b2cdb10559f9d3abc9793b89eb4212bcb4595a766c2bde305e698a53b75756cd09d2d36a4fca960ce8da487cc7760e511593a52038332024ca45900fcf709802ca67228553d39bc54a9b972fc4452d918a18a06958e2985c6f7dfe5e03f661b4db61c1774e0530b2ff6b543d8e0cc99b1ac5f9132bc02312b3fc859993634e1c6ebdcd925d6f7cd1ed58dc8c49665323e0638067f7c7cb7b267f82d55ae9114185d256238027b8fd49656909c1554abc0ac13ac0b3d6d6a90f9a3ec110838bf821f100434c48ef33ac101ba751a4ae6d0375a319497d60e9748f583fac70c5af2a73cdbdc3e1fe28c440432267123647205df21a197bb5e2ec20c0ce1d7c74d889b915a89178d74522e6d2099961ec001943a425910ae03bce0193e3566cc31ade59f58f4190c9760288495be94c22518e9fcd11bd43932e5376369c5120ddfa7a374c5975ee305a232ebbe9085e6cf158c59a5ad3a10bd1ff9bca04a624fb761093149e3f79b97557df2419867b1877193eb6f6a68ea9f72dcaff098fd2052108a6b3ce891dc3e1635405c6380e7406d7bd39c30446b820e815b1a38e862c634cccf838ff8d6178d43ab80f33d7c7beff1cc3e63f4102b70674b1bf42356194e8b4b982f95ee75c9942343a89e8cece5bee2ceddeb6096e721e79af541845e72d8ec4ef9366af75c102ff93999c9496fbcc76265e6c476d8bdb8f54a2401c182868119c452facb92f4eb221081055b5dcc7334c970ea50cb53e594ec1938263139220415b172d8556903e87571412f6e9ee9fd7d4c6ce6cb1074960d5a953fc14200def173254b5626f730d735285e74104b5eab864da6f839623676a10621fbe0acbf354a74dd44a3b24b547b8e0b0cf6b0a80ca1da917dee233dc70dd48224aeca905c03d9a91d27646c77f9d231ab4aec7ec02a9418d26f463d537d1103e6ef9428d979f0b03bb7f4576e9bb18b67bec35501a98e9d0f6d298bc06958ca31fc09411eb70f301235bb140cb0bd17c5ae2c8e5431d719a591edcc79ed7053c8b2880895c5a88f6c74faac215a73b254baef5bbb65fe2d5f543d75a7daadd196852eff74e166a91d3f5e450a9edfc27da6229c4721cd9bc546e10c2a4940877a6dd0b80958642521cd1e5aaf36f0186d9b7ab6abebb00a115aed0eaf81cc43d6ab6ab63b8d3ef92acf52ab1730cf07359063a266bcc1440d6223e9189e72a0ea156ac466390a9fc55569fbdc856107c6263305cfd35e31bd6de1f7b220bd2bf09c4fa4b119394aca0283d1c29932ed7c217fe6648536bee08081398e75d979e5201083cda320365bce2dd6c34a4c369040854162fa2700b9e8584eb9ae432284a8f8b74cad40d41b01beb1f371f0ca5e1d6b63aa0956821cc22644112d12dda220db0510206fed4ef5ee514d513deddfac5eb84cf157a700c79f33849410a87f143e6f54917d7b610ae530b314569dd362c382f3950ce700584b426860b82e4db94e52223597972fe88a899ab72626365d3cae9379ef5b57096803ac338572f149ea73fd06d31c1a3154269878cb3c00ae0dc0acf00407b6d3c49cdf18f2519dc6ba280561786438e884347a1df9c07d5d5a34455099c5e3baea560514bba240e83a48b742bbb39ac1465768f3401bcaea89bcf12e0ff45b4e98913c57c8f42f7d00715989c09ce5e7c1586ea6c44d9a207ecc0a0b5a187fbdf4a487c96c38273cffca9bd7c77bb47c33bcca47b9501935510559173ebec24e3f75bfc804156928adb76783b273a9812e9e3de36ece288e9f9b2fb449325c853331ce6e5514dd73c538224db1836f051efdcf462f886742794018d33e8ce88a96a59a0bde8889eca3e24a02c52f1cbb7c480325887dcc6a479284094f4d290da4f4771b0afee8ce55c2743bf95bd041a5996e1fe5ea2dd0a5a5e9eb24327057b6fc01465a51c12fad82a2139911470528cf2baedb6ff7c0530159d2fd3dab19f4be8dbaa5642e4e15538ca975bb92f215898d052d294dbb9ee634675cdd0e87cfe5d9354726b72590c53a20173ac3ade9afc1fb6f0e94832f673e2acdddff19c0d9e6d157be5304f4d4f5149b2f6de9a9c139e8d1326e5a32cfadea1984d99663e5dd7773a9ec68ea122e826208b15620020ee2a57046e90f124cae4293042ababd14176d53ee39026d4e5fea95007a6bf67c0a94f55552b52822494e7b7bc743c8ac1268b4316ff9b5fd59b7598e973c9a278ad62c95e5505deb9084e1e1430f8d7515f32aaea77f57c2e3e69e33075ef255a508da9b4776a2c3dbe2fa136f853a3d8eb8650e6c4ffa476766954d55887a0057d42dc484b2a117befaa9698257912fe3dd192946128546e16a2d2625a39f65a3e0ebb15afca8dd6c04ccb4fb05b1cd12781e63383f9bfd0773771e62be585e946147c4c4e64db53e37ce1e883ab8b8c44d0cc55ebb34d8a68f06c6735e4af7e091c51bad493a258eda8eda483faee5f59b121aa8a2ea02599db4461fedcce92d933e947615db302e76bd4759e75c69d7e6d4fd476a689c1d3b288ac5731953e854f7846cf51c6898786a42f51ee3cfe842cc2", 0x1000}, {&(0x7f0000008100)="10ff9c502e7af741e10556281f9826552dd2c088997be1cfc523ba04f5533acc7d19e142e631fe14d60e3d41bb94e32af0c0c26332366492d60bac9d64e607f98e0755f41ff325d54805d171fb777bc58cd75e44f1fd40b2275eed05e1a6866fca3ecde1764d5da5ac6a861998360e8968e963e832adb2a2aaa70a2d9aa072d70e4c6c7d51e6a9473c1b30ca5ff08de19772149e3ded56ebf9ea8f62277625798515e4f7ed337475667843444cd18500507c5e42a20bb21dbf59d44c0032100c5e3ab3a7d80ffd1cca4031ed8ddb98ed7516f26a", 0xd4}], 0x2}}], 0xa, 0x2000c001) 23:28:26 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 2) [ 1525.830286] FAULT_INJECTION: forcing a failure. [ 1525.830286] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.832059] CPU: 1 PID: 8926 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1525.832910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1525.833944] Call Trace: [ 1525.834278] dump_stack+0x107/0x167 [ 1525.834753] should_fail.cold+0x5/0xa [ 1525.835236] ? create_object.isra.0+0x3a/0xa20 [ 1525.835807] should_failslab+0x5/0x20 [ 1525.836283] kmem_cache_alloc+0x5b/0x310 [ 1525.836788] ? ksys_write+0x21a/0x260 [ 1525.837266] create_object.isra.0+0x3a/0xa20 [ 1525.837810] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1525.838461] kmem_cache_alloc+0x159/0x310 [ 1525.838983] getname_flags.part.0+0x50/0x4f0 [ 1525.839537] getname_flags+0x9a/0xe0 [ 1525.840004] do_mkdirat+0x8f/0x2b0 [ 1525.840452] ? user_path_create+0xf0/0xf0 [ 1525.840976] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1525.841634] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1525.842283] do_syscall_64+0x33/0x40 [ 1525.842765] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1525.843407] RIP: 0033:0x7f3666038b19 [ 1525.843875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.846174] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1525.847141] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1525.848034] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1525.848923] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.849812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1525.850715] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:28:41 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0200000000000000"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:28:41 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 3) [ 1540.787603] device syz_tun entered promiscuous mode 23:28:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000100000005000000000004000040000020000000d6f4655fd6f4655f0100ffff53ef010001000000d5f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e38303439393233303000"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000f4e089668a0d4000840a22d1089d0f04010040", 0x1f, 0x4e2}], 0x0, &(0x7f0000012e00)) 23:28:41 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) 23:28:41 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x8301036f33c7775a) link(&(0x7f00000001c0)='./file1\x00', &(0x7f00000003c0)='./file0\x00') lsetxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x2, 0x2) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0x8000, 0x7f, 0x1, 0x4, 0x4}) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x202400, 0x80) 23:28:41 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:41 executing program 1: rename(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x6, 0x3f, 0x4d, 0x81, 0x0, 0x8, 0xc0680, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1ff, 0x2, @perf_config_ext={0x5, 0xfffffffffffffad5}, 0x900, 0x9, 0x20, 0x2, 0x0, 0x0, 0x200, 0x0, 0xd1fd, 0x0, 0x401}, 0x0, 0xe, r0, 0x2) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x6e6bb2, 0x2}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in=@rand_addr=0x64010102}}, 0xe8) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000200)={r4, 0x1, 0x6, @link_local}, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000080)={{{@in=@broadcast, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000000000)=0xe8) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000180)={{{@in=@dev={0xac, 0x14, 0x14, 0x41}, @in=@local, 0x4e24, 0x3f, 0x4e20, 0x0, 0x2, 0xa0, 0x80, 0x87, r4, r5}, {0x7, 0x7, 0x50, 0xfffffffffffffffc, 0x9, 0x3f, 0x3, 0x211b}, {0xffff, 0x1, 0x8, 0xa1}, 0x4, 0x6e6bb2, 0x0, 0x1, 0x1, 0x3}, {{@in=@broadcast, 0x4d3, 0x33}, 0x2, @in=@rand_addr=0x64010101, 0x34ff, 0x3, 0x2, 0xc1, 0x0, 0x4, 0x55a}}, 0xe8) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) sendto$inet(r1, &(0x7f0000000080), 0x0, 0x40081, 0x0, 0x0) r6 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$DVD_READ_STRUCT(r6, 0x5390, &(0x7f0000000440)=@manufact={0x4, 0x2, 0x800, "00bc95e1d7c7526002994560cca3cb55b66678e5eaea2741345629a1cec02f007569e0842af897601b10179ce9c733b49449827210b73d70a774f7e48cea1c35a571cf104a8db9faf6c7f7a86647a7a3a4a1740d6e9722cbf84f0d9ec33b9bab22d97351d38686158264793722ee3b2516645cf01a1a9ae08aa9192b0aa2d521be5340caa28d3e9aca95d6c911bf19b56b60b59d718961708152c187c5ec50437a3df5039deb78aa1ff0d0c1dce7ff26bb1fbbd65861e3bd8db8c3eabd654b68db5d517f3cad2b86c70d81f32e2a06e473b6ca25df162c2c9c07bc413dca11294ad0405edf9d6960235bf04a490a886388edae8fe3dc39031f5cf8d64613ce9bd37486c957324e5f11cb734692496a2ea9f4a345751bc9c2fe871e70c7b6611549350cde91af83ff7b1c57a2b3fa51cb7019e32b4a56fc4a3f0f78c41e923aed5cb89ab79fb2b1d7d2264638ec688486438cb5bfcda5bd3336c0eca5c4eb49ec0284e9b1356de8e47797300221dae6b2dc5998e5616720ffc947ec2810b3c85b606781abf15f61154565f58d2492cc6a2c56dffa9ba7ab98278ed6ee13653b779b893d8494c76cebde9bc51ed405e27e8daf3d6a9c0e3a09f155d92887781b7e1d1bdca9c0618f5ed7e0c97917b349b694a3d9005f9a672cd522aee5946b70b962128c7702b069399bf489ddb076c5ea02fe2b9030823c4247a6d22cd8c59b4290c56d47ccfa5167f94e9bf5e66bf4fb99c0585598f1113e111eb23cff6482c3060b77f79a77f71e9a6d8fdf8a7311ef5c2eaf7b102e638b3cd28644c29855f14b30e9c0631ead0c314870a30615de4c1bda467575f75edaf7569a77ba047b8443d96d8c862006bfcc7c21b848904100527b69d39c5caf1c3aa038fec350da5c1cbcdec3def9c83b0fe0e3d5f044685ca4e3da91622fcf098a3d4a827740c771dcfc67298754a2a1601e363c35ba09e0191097ac1cb793653beb39885a70b00457010111f12223bc6d6b8dfc16c29e31e27a0bf6c35b421907f10cd41cedd40709d56d7b8e9e3531c1acebc0a5ad21dc1a18affe006320ea8b5d7c4fca00ba4028f802c97ca82c5b321867ae14d8ec57614c9bc5a8b0b7df20bc38585a32d3cf58ea3f9402c478d84c9312e1660648f67ad131560dc6a4932657afcda99b9d5cbf9c8d8e19798f86e62c1dcf4e4bfcdedefac0cd9d9d21cc692a1eb6b7d5b1b2c1a1a49ea7c3566fa56a9d2cc025332479e61fe3a750e20446ebece96faaa58a355e59fb83205c2b389243ecf8141c4a75ffe7281adb43074b88a501682b32c5153f9b79441306a130d17536eafbc70bfe91bb34cf4488d8624cc4fa287fa60b6502c2cc1a049b0afc6bee5a6240238d5ef0e762791121ed045a939dafdf1dfe996325fd552570887ffc7f3066e857015ee8cf082339375cc0989afe26e125bd66579d44c56c4ffe86507b5155ac7f47ef66629ed7b6b11db00c40ef262f5609733ef55b27370e8fbfea36500ba3e9687232eb9f2f6af04dfbfa79a64cd7bfab080648330776ff4088b0345f436f869f5aea2dbd1155bcd62cb858f694ea8e8ca34c418dc7ee051a1a041f0521abd04a7319f73d8fb902688e58a69c9043e8392ff1ddb95a9f6f7c72d5ca765c809901b9e4da6929e6ab98fdbed606854e05677b5fc04b46c7e77550bb2cac1747774d9f5bb41071a2edfdf7ca48303b65800ae56b1d4254d504555484040c8a6a7ff987cfd65e29c921d6aa356ab1ab3c9c3f493cb3c55b414d31cde83084e2183bc2e173f5872c252ffbc5c97ff6712d5934fdc512575dc5db977bf7d5d0b92fc13fcdfd04bafb59d28aeac0d8d5c105b1d648f07753c1fb731f883d0957b1c56138847f34b9b669511580ccbe523de0abf33ee0ae793d659cb2fae7bb1e546eb3d9c4b805499627618b9d0400ff60fdafaf975cb3a9663eb1efef94676dce8042f0d93f11e93d7fcd25d7535c7a37f57b2835b2aefa0108924efba0390da2d939630b6047eb7fff3395d421a27412fadd589e4673f4e3b86d92c51b8d2451812ce4623b2c5de86894519f6e72e381c8fa39ef43f95bd4c812936794f709556e89f9f1044fc59237da4b40406d74b630f4b558e0ca5a7e85f45968ee2162c5c787123f3165cea19f4998ba73ea99af14de50017ced399b32c65fcc3b0069f2393958c5b8fae29ce59e3de43ff2fe4f603b264190ca1ebf9763cef6d81b3b16e59210c72f53f064e3e877791cdbb836cfc3fa9ca97c8adf27f1d012fffc243a95e10adb0de9d1b375c15d4b94e6e1ff7a2b1a3162fccab6e526e8db185555acdf449e15f9fb8b60185c61fc2f838e9c258ab52ece9a38214b0e8d100da3681e215eee5a2052de65f2568d49744786e56185416a53934f627f3fbb460880e5e399993743cc048549a08f9a4a1e11210fdf0ed031a3c8f44cee83af55bf74948f51126d53e6808915d630a0ec0e31884c3ea8b9eacfbda96501b44c200bb7caf55032ae99324af341291df2183ef4a6b0cb2f0272007dac9589149953e61f01e027627dacb58d5edc892fbe29146b3bce72431ec4e2fb4fb7a03af2c2e94c7d68cf59c2f618eff3e7e06d0e03608ac678b325dc4c7bf5af32b215b65fa9a1bed17292a56e9131a8af0e22b79a91f66e5294c9dfd0ee6546978e0d3d5420649f10c1b9f917351cf824887011a8b4ed165b5db68d8f8d4dbd87d337e49f05873553fe5d0e34638851a273618f59ce5fe148ca149cce089a8f4301a5507404939cf4993b4afa6f9d2a76c40adcbf4607e0e293483194f7756ac3fa8f7e2eb28be0a251d0e70f428d06731a135a02b239ab8a0a79472002e08291a7242c41251cd36185a1b31a32ba3da99897886dc37fc9c4d2a8d1"}) connect$inet(r1, &(0x7f0000000280)={0x2, 0x4e20, @multicast1}, 0x10) 23:28:41 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) [ 1540.801130] FAULT_INJECTION: forcing a failure. [ 1540.801130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1540.802711] CPU: 0 PID: 8939 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1540.803666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1540.804815] Call Trace: [ 1540.805184] dump_stack+0x107/0x167 [ 1540.805633] should_fail.cold+0x5/0xa [ 1540.805697] FAULT_INJECTION: forcing a failure. [ 1540.805697] name failslab, interval 1, probability 0, space 0, times 0 [ 1540.806539] _copy_from_user+0x2e/0x1b0 [ 1540.806559] __copy_msghdr_from_user+0x91/0x4b0 [ 1540.806578] ? __ia32_sys_shutdown+0x80/0x80 [ 1540.810678] ? unwind_next_frame+0x13ef/0x1a90 [ 1540.811311] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1540.812035] ? 0xffffffffa0000000 [ 1540.812515] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1540.813122] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1540.813845] ? create_prof_cpu_mask+0x20/0x20 [ 1540.814453] ? arch_stack_walk+0x99/0xf0 [ 1540.815027] io_recvmsg+0xae8/0xd70 [ 1540.815522] ? kfree+0xd7/0x340 [ 1540.815972] ? lock_chain_count+0x20/0x20 [ 1540.817141] ? io_sendmsg+0x830/0x830 [ 1540.817687] ? kfree+0xd7/0x340 [ 1540.818163] ? mark_lock+0xf5/0x2df0 [ 1540.818689] ? slab_free_freelist_hook+0xa9/0x180 [ 1540.819379] ? mark_lock+0xf5/0x2df0 [ 1540.819903] ? lock_chain_count+0x20/0x20 [ 1540.820496] ? lock_chain_count+0x20/0x20 [ 1540.821082] ? __lock_acquire+0xbb1/0x5b00 [ 1540.821694] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1540.822439] io_issue_sqe+0x3bd6/0x77b0 [ 1540.822998] ? perf_trace_lock+0xac/0x490 [ 1540.827396] ? io_connect+0x610/0x610 [ 1540.827909] ? __lockdep_reset_lock+0x180/0x180 [ 1540.828545] ? lock_acquire+0x197/0x470 [ 1540.829079] ? find_held_lock+0x2c/0x110 [ 1540.829635] __io_queue_sqe+0x90/0x9d0 [ 1540.830158] ? rwlock_bug.part.0+0x90/0x90 [ 1540.830730] ? io_issue_sqe+0x77b0/0x77b0 [ 1540.831304] ? do_raw_spin_unlock+0x4f/0x220 [ 1540.831898] ? _raw_spin_unlock+0x1a/0x30 [ 1540.832456] ? io_drain_req+0x603/0xb20 [ 1540.832993] io_submit_sqes+0x44aa/0x8610 [ 1540.833574] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1540.834245] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1540.834904] ? find_held_lock+0x2c/0x110 [ 1540.835458] ? io_submit_sqes+0x8610/0x8610 [ 1540.836046] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1540.837394] ? wait_for_completion_io+0x270/0x270 [ 1540.838073] ? rcu_read_lock_any_held+0x75/0xa0 [ 1540.838724] ? vfs_write+0x354/0xb10 [ 1540.839275] ? fput_many+0x2f/0x1a0 [ 1540.839794] ? ksys_write+0x1a9/0x260 [ 1540.840334] ? __ia32_sys_read+0xb0/0xb0 [ 1540.840910] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1540.841647] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1540.842376] do_syscall_64+0x33/0x40 [ 1540.842878] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1540.843505] RIP: 0033:0x7f33fff70b19 [ 1540.843960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1540.846197] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1540.847131] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1540.848000] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1540.848868] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1540.849733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1540.850598] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1540.855631] CPU: 1 PID: 8944 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1540.857669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1540.860102] Call Trace: [ 1540.860869] dump_stack+0x107/0x167 [ 1540.861916] should_fail.cold+0x5/0xa [ 1540.863057] ? create_object.isra.0+0x3a/0xa20 [ 1540.864392] should_failslab+0x5/0x20 [ 1540.865499] kmem_cache_alloc+0x5b/0x310 [ 1540.866696] create_object.isra.0+0x3a/0xa20 [ 1540.868002] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1540.869489] __kmalloc+0x16e/0x390 [ 1540.870542] io_setup_async_msg+0xda/0x2d0 [ 1540.871796] io_recvmsg+0xc26/0xd70 [ 1540.872862] ? io_sendmsg+0x830/0x830 [ 1540.873974] ? kfree+0xd7/0x340 [ 1540.874951] ? mark_lock+0xf5/0x2df0 [ 1540.876036] ? slab_free_freelist_hook+0xa9/0x180 [ 1540.877446] ? mark_lock+0xf5/0x2df0 [ 1540.878550] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1540.879439] io_issue_sqe+0x3bd6/0x77b0 [ 1540.879947] ? perf_trace_lock+0xac/0x490 [ 1540.880462] ? io_connect+0x610/0x610 [ 1540.880937] ? __lockdep_reset_lock+0x180/0x180 [ 1540.881520] ? lock_acquire+0x197/0x470 [ 1540.882015] ? find_held_lock+0x2c/0x110 [ 1540.882526] __io_queue_sqe+0x90/0x9d0 [ 1540.886042] ? rwlock_bug.part.0+0x90/0x90 [ 1540.886639] ? io_issue_sqe+0x77b0/0x77b0 [ 1540.887232] ? do_raw_spin_unlock+0x4f/0x220 [ 1540.887845] ? _raw_spin_unlock+0x1a/0x30 [ 1540.888421] ? io_drain_req+0x603/0xb20 [ 1540.888976] io_submit_sqes+0x44aa/0x8610 [ 1540.889572] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1540.890266] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1540.890947] ? find_held_lock+0x2c/0x110 [ 1540.891513] ? io_submit_sqes+0x8610/0x8610 [ 1540.892115] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1540.892788] ? wait_for_completion_io+0x270/0x270 [ 1540.893448] ? rcu_read_lock_any_held+0x75/0xa0 [ 1540.895103] ? vfs_write+0x354/0xb10 [ 1540.896280] ? fput_many+0x2f/0x1a0 [ 1540.896866] ? ksys_write+0x1a9/0x260 [ 1540.898091] ? __ia32_sys_read+0xb0/0xb0 [ 1540.898662] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1540.900282] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1540.902568] do_syscall_64+0x33/0x40 [ 1540.903756] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1540.905484] RIP: 0033:0x7fa048f33b19 [ 1540.906346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1540.911952] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1540.913430] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1540.915356] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1540.917234] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1540.919573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1540.922015] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1540.932378] FAULT_INJECTION: forcing a failure. [ 1540.932378] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1540.936280] CPU: 1 PID: 8933 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1540.938522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1540.941297] Call Trace: [ 1540.942149] dump_stack+0x107/0x167 [ 1540.943350] should_fail.cold+0x5/0xa [ 1540.944576] strncpy_from_user+0x34/0x470 [ 1540.945999] getname_flags.part.0+0x95/0x4f0 [ 1540.947428] getname_flags+0x9a/0xe0 [ 1540.948625] do_mkdirat+0x8f/0x2b0 [ 1540.949843] ? user_path_create+0xf0/0xf0 [ 1540.951204] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1540.952974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1540.954610] do_syscall_64+0x33/0x40 [ 1540.955868] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1540.957493] RIP: 0033:0x7f3666038b19 [ 1540.958689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1540.964868] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1540.967341] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1540.969672] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1540.972043] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1540.974373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1540.976717] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:28:41 executing program 4: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x10d) accept(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, &(0x7f0000000100)=0x80) accept4$inet(r1, &(0x7f0000000140)={0x2, 0x0, @dev}, &(0x7f0000000180)=0x10, 0x1000) clone3(&(0x7f0000000380)={0x0, &(0x7f0000000000), 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x1}, 0x6d) 23:28:41 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() setpriority(0x0, 0x0, 0x0) r1 = getpgrp(0x0) pidfd_open(r0, 0x0) prlimit64(r1, 0x4, 0x0, &(0x7f0000000680)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x30, 0x12, 0x1, 0x6, 0x0, {}, [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x9}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0xc, 0x6f, 0x0, 0x0, @u64=0xcc7}]}]}, 0x30}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000000), 0x4) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = fork() ptrace$setopts(0x4206, r3, 0x10001, 0x3d) syz_open_procfs(r3, &(0x7f0000000100)='net/xfrm_stat\x00') connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000005c0), 0xc, &(0x7f0000000240)={&(0x7f0000000700)=ANY=[@ANYRESOCT, @ANYRES16, @ANYBLOB="01"], 0x100}, 0x1, 0x0, 0x0, 0x4804}, 0x44) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000040), 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x5c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@empty}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2f}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xcd}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) unshare(0x48020200) [ 1541.008026] device syz_tun left promiscuous mode [ 1541.023368] device syz_tun entered promiscuous mode [ 1541.026887] device syz_tun left promiscuous mode 23:28:42 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) 23:28:42 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0xba3a) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000001400)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x15) write$binfmt_elf64(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "1a419af29bd2f1a74fa6b406329e18b7a0575d29cb2689e16da65ddadc26c580dc05829c8fc9d26226e2631de3538b61be7b2f1bb03484008ed5d6250af90146541feb3723086089ce3c954f9d8ade", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x5c7) [ 1541.155808] FAULT_INJECTION: forcing a failure. [ 1541.155808] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.157508] CPU: 0 PID: 8960 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1541.158459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1541.159612] Call Trace: [ 1541.159993] dump_stack+0x107/0x167 [ 1541.160511] should_fail.cold+0x5/0xa [ 1541.161052] ? create_object.isra.0+0x3a/0xa20 [ 1541.161689] should_failslab+0x5/0x20 [ 1541.162223] kmem_cache_alloc+0x5b/0x310 [ 1541.162798] create_object.isra.0+0x3a/0xa20 [ 1541.163396] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1541.164093] __kmalloc+0x16e/0x390 [ 1541.164584] io_setup_async_msg+0xda/0x2d0 [ 1541.165160] io_recvmsg+0xc26/0xd70 [ 1541.165658] ? io_sendmsg+0x830/0x830 [ 1541.166177] ? kfree+0xd7/0x340 [ 1541.166630] ? mark_lock+0xf5/0x2df0 [ 1541.167145] ? slab_free_freelist_hook+0xa9/0x180 [ 1541.167801] ? mark_lock+0xf5/0x2df0 [ 1541.168330] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1541.169053] io_issue_sqe+0x3bd6/0x77b0 [ 1541.169604] ? perf_trace_lock+0xac/0x490 [ 1541.170171] ? io_connect+0x610/0x610 [ 1541.170687] ? __lockdep_reset_lock+0x180/0x180 [ 1541.171322] ? lock_acquire+0x197/0x470 [ 1541.175321] ? find_held_lock+0x2c/0x110 [ 1541.175884] __io_queue_sqe+0x90/0x9d0 [ 1541.176415] ? rwlock_bug.part.0+0x90/0x90 [ 1541.176991] ? io_issue_sqe+0x77b0/0x77b0 [ 1541.177555] ? do_raw_spin_unlock+0x4f/0x220 [ 1541.178153] ? _raw_spin_unlock+0x1a/0x30 [ 1541.178718] ? io_drain_req+0x603/0xb20 [ 1541.179276] io_submit_sqes+0x44aa/0x8610 [ 1541.179860] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1541.180518] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1541.181160] ? find_held_lock+0x2c/0x110 [ 1541.181702] ? io_submit_sqes+0x8610/0x8610 [ 1541.182280] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1541.182947] ? wait_for_completion_io+0x270/0x270 [ 1541.183607] ? rcu_read_lock_any_held+0x75/0xa0 [ 1541.184242] ? vfs_write+0x354/0xb10 [ 1541.184747] ? fput_many+0x2f/0x1a0 [ 1541.185242] ? ksys_write+0x1a9/0x260 [ 1541.185763] ? __ia32_sys_read+0xb0/0xb0 [ 1541.186319] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1541.187037] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1541.187729] do_syscall_64+0x33/0x40 [ 1541.188232] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1541.188918] RIP: 0033:0x7f33fff70b19 [ 1541.189418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.191905] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1541.192931] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1541.193889] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1541.194800] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.195677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1541.196548] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:28:42 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000240)={{{@in=@private}}}, &(0x7f00000001c0)=0xe8) r3 = socket$inet(0x2, 0x1, 0x0) openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x82100, 0x12) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000180)) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) copy_file_range(r0, &(0x7f0000000100)=0x7, r1, &(0x7f0000000140)=0x8, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r4, r0, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000000)={{0x8, 0x8}, 'port0\x00', 0x78, 0x80000, 0xc9, 0xfffffffc, 0x9, 0x0, 0x4, 0x0, 0x5, 0x40}) 23:28:42 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:42 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 4) [ 1541.338759] FAULT_INJECTION: forcing a failure. [ 1541.338759] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.340697] CPU: 0 PID: 8973 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1541.341617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1541.342725] Call Trace: [ 1541.343093] dump_stack+0x107/0x167 [ 1541.343587] should_fail.cold+0x5/0xa [ 1541.344102] ? __d_alloc+0x2a/0x990 [ 1541.344597] should_failslab+0x5/0x20 [ 1541.345112] kmem_cache_alloc+0x5b/0x310 [ 1541.345666] __d_alloc+0x2a/0x990 [ 1541.346139] ? dput+0x1ae/0xcd0 [ 1541.346586] d_alloc+0x46/0x1c0 [ 1541.347042] __lookup_hash+0xcc/0x190 [ 1541.347556] filename_create+0x186/0x4a0 [ 1541.348104] ? filename_parentat+0x570/0x570 [ 1541.348697] ? getname_flags.part.0+0x1dd/0x4f0 [ 1541.349331] do_mkdirat+0xa2/0x2b0 [ 1541.349810] ? user_path_create+0xf0/0xf0 [ 1541.350376] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1541.351092] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1541.351789] do_syscall_64+0x33/0x40 [ 1541.352294] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1541.352988] RIP: 0033:0x7f3666038b19 [ 1541.353490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1541.355985] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1541.357011] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1541.357952] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1541.358821] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1541.359699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.360567] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:28:58 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) flock(r0, 0xc) read(0xffffffffffffffff, &(0x7f0000002880)=""/196, 0xc4) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x8400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2c0, 0x0) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="0000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b9f7ffff0180ffffffffffff65080000000000000800000000000000aa4200000000000000000000000000000000000000000000000000000000000005000000f7ffffffffff000000000000050000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e00e900"/640]) fallocate(r3, 0x0, 0x0, 0x1000002) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x100000001) lseek(0xffffffffffffffff, 0xffff, 0x3) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0) 23:28:58 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 5) 23:28:58 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) 23:28:58 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x20000, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$EVIOCSKEYCODE(0xffffffffffffffff, 0x80104592, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000500)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x9, 0xe080, 0x4, 0x8, 0x5, 0x200}, {0xcb5, 0x8, 0x6, 0x4, 0xfff, 0x7d0d}], ['\x00', '\x00', '\x00', '\x00']}) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000040)=0x3f, 0x4) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) sendfile(r1, r0, 0x0, 0x500000001) 23:28:58 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f6669"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:28:58 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) 23:28:58 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f00000003c0)={{0x2c, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e20, 0x7, 'none\x00', 0x23, 0x0, 0x61}, {@local, 0x4e23, 0x1006, 0x4, 0x0, 0x60}}, 0x44) fspick(r0, &(0x7f0000000200)='./file1\x00', 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) unlink(&(0x7f0000000240)='./file1\x00') r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000680)='net/snmp6\x00') syz_mount_image$tmpfs(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={[{@size={'size', 0x3d, [0x30, 0x6d, 0x67, 0x6d]}}, {@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x30, 0x67, 0x39, 0x78, 0x6b, 0x31, 0x65, 0x65]}}, {@mode={'mode', 0x3d, 0x6}}, {@nr_inodes={'nr_inodes', 0x3d, [0x67, 0x4f, 0x36]}}, {@huge_always}, {@nr_blocks={'nr_blocks', 0x3d, [0x39, 0x37, 0x39, 0x2d, 0x70, 0x70]}}]}) openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x0, 0x40) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') readv(r4, &(0x7f0000000280)=[{&(0x7f0000001e00)=""/4098, 0x1002}], 0x1) openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x20400, 0x0) ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/183}) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='./file1\x00', 0x40, 0x36) openat(r5, &(0x7f0000000540)='./file1\x00', 0xc180, 0xb1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x100000001) perf_event_open(&(0x7f0000000600)={0x7, 0x80, 0x4, 0x81, 0x2f, 0x9, 0x0, 0x7, 0x23, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5, 0x3}, 0x2244, 0x6, 0x401, 0x7, 0x10001, 0x0, 0x7, 0x0, 0xa2c, 0x0, 0x1}, 0x0, 0x10, 0xffffffffffffffff, 0x0) 23:28:58 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1557.295530] FAULT_INJECTION: forcing a failure. [ 1557.295530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1557.297112] CPU: 0 PID: 8993 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1557.297944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1557.298949] Call Trace: [ 1557.299281] dump_stack+0x107/0x167 [ 1557.299746] should_fail.cold+0x5/0xa [ 1557.300217] _copy_from_user+0x2e/0x1b0 [ 1557.300708] __copy_msghdr_from_user+0x91/0x4b0 [ 1557.301280] ? __ia32_sys_shutdown+0x80/0x80 [ 1557.301819] ? unwind_next_frame+0x13ef/0x1a90 [ 1557.302378] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.303028] ? 0xffffffffa0000000 [ 1557.303469] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1557.304036] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1557.304690] ? create_prof_cpu_mask+0x20/0x20 [ 1557.305238] tmpfs: Bad value for 'size' [ 1557.305251] ? arch_stack_walk+0x99/0xf0 [ 1557.305275] io_recvmsg+0xae8/0xd70 [ 1557.306714] ? kfree+0xd7/0x340 [ 1557.307123] ? lock_chain_count+0x20/0x20 [ 1557.307647] ? io_sendmsg+0x830/0x830 [ 1557.308115] ? kfree+0xd7/0x340 [ 1557.308525] ? mark_lock+0xf5/0x2df0 [ 1557.308986] ? slab_free_freelist_hook+0xa9/0x180 [ 1557.309578] ? mark_lock+0xf5/0x2df0 [ 1557.310042] ? lock_chain_count+0x20/0x20 [ 1557.310552] ? lock_chain_count+0x20/0x20 [ 1557.311063] ? __lock_acquire+0xbb1/0x5b00 [ 1557.311612] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1557.312279] io_issue_sqe+0x3bd6/0x77b0 [ 1557.319781] ? perf_trace_lock+0xac/0x490 [ 1557.320288] ? io_connect+0x610/0x610 [ 1557.320753] ? __lockdep_reset_lock+0x180/0x180 [ 1557.321330] ? lock_acquire+0x197/0x470 [ 1557.321813] ? find_held_lock+0x2c/0x110 [ 1557.322969] __io_queue_sqe+0x90/0x9d0 [ 1557.323444] ? rwlock_bug.part.0+0x90/0x90 [ 1557.323969] ? io_issue_sqe+0x77b0/0x77b0 [ 1557.324470] ? do_raw_spin_unlock+0x4f/0x220 [ 1557.325003] ? _raw_spin_unlock+0x1a/0x30 [ 1557.325504] ? io_drain_req+0x603/0xb20 [ 1557.325994] io_submit_sqes+0x44aa/0x8610 [ 1557.326521] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.327726] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.328316] ? find_held_lock+0x2c/0x110 [ 1557.328813] ? io_submit_sqes+0x8610/0x8610 [ 1557.329348] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1557.329935] ? wait_for_completion_io+0x270/0x270 [ 1557.330525] ? rcu_read_lock_any_held+0x75/0xa0 [ 1557.331092] ? vfs_write+0x354/0xb10 [ 1557.331668] ? fput_many+0x2f/0x1a0 [ 1557.332549] ? ksys_write+0x1a9/0x260 [ 1557.333472] ? __ia32_sys_read+0xb0/0xb0 [ 1557.334459] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1557.335797] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1557.337263] do_syscall_64+0x33/0x40 [ 1557.338322] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.339788] RIP: 0033:0x7f33fff70b19 [ 1557.340682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.345507] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1557.347358] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1557.349104] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1557.350836] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.352803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1557.354552] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1557.372308] FAULT_INJECTION: forcing a failure. [ 1557.372308] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.374224] CPU: 1 PID: 8986 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1557.375360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1557.376719] Call Trace: [ 1557.377291] dump_stack+0x107/0x167 [ 1557.377908] should_fail.cold+0x5/0xa [ 1557.378530] ? io_setup_async_msg+0xda/0x2d0 [ 1557.379302] should_failslab+0x5/0x20 [ 1557.379932] __kmalloc+0x72/0x390 [ 1557.383608] io_setup_async_msg+0xda/0x2d0 [ 1557.384350] io_recvmsg+0xc26/0xd70 [ 1557.384988] ? io_sendmsg+0x830/0x830 [ 1557.385561] ? kfree+0xd7/0x340 [ 1557.386223] ? mark_lock+0xf5/0x2df0 [ 1557.386900] ? slab_free_freelist_hook+0xa9/0x180 [ 1557.387685] ? mark_lock+0xf5/0x2df0 [ 1557.388367] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1557.389250] io_issue_sqe+0x3bd6/0x77b0 [ 1557.391957] ? perf_trace_lock+0xac/0x490 [ 1557.399138] FAULT_INJECTION: forcing a failure. [ 1557.399138] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.399787] ? io_connect+0x610/0x610 [ 1557.401592] ? __lockdep_reset_lock+0x180/0x180 [ 1557.402177] ? lock_acquire+0x197/0x470 [ 1557.402671] ? find_held_lock+0x2c/0x110 [ 1557.403187] __io_queue_sqe+0x90/0x9d0 [ 1557.403686] ? rwlock_bug.part.0+0x90/0x90 [ 1557.404215] ? io_issue_sqe+0x77b0/0x77b0 [ 1557.404729] ? do_raw_spin_unlock+0x4f/0x220 [ 1557.405279] ? _raw_spin_unlock+0x1a/0x30 [ 1557.405792] ? io_drain_req+0x603/0xb20 [ 1557.406293] io_submit_sqes+0x44aa/0x8610 [ 1557.406831] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.407451] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.408074] ? find_held_lock+0x2c/0x110 [ 1557.408585] ? io_submit_sqes+0x8610/0x8610 [ 1557.409131] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1557.409734] ? wait_for_completion_io+0x270/0x270 [ 1557.410337] ? rcu_read_lock_any_held+0x75/0xa0 [ 1557.410917] ? vfs_write+0x354/0xb10 [ 1557.411383] ? fput_many+0x2f/0x1a0 [ 1557.411848] ? ksys_write+0x1a9/0x260 [ 1557.412325] ? __ia32_sys_read+0xb0/0xb0 [ 1557.412834] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1557.413487] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1557.414132] do_syscall_64+0x33/0x40 [ 1557.414596] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.415237] RIP: 0033:0x7fa048f33b19 [ 1557.415723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.418026] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1557.418984] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1557.419882] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1557.420772] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.421664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1557.422553] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1557.423475] CPU: 0 PID: 8989 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1557.424344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1557.425350] Call Trace: [ 1557.425675] dump_stack+0x107/0x167 [ 1557.426119] should_fail.cold+0x5/0xa [ 1557.426585] ? create_object.isra.0+0x3a/0xa20 [ 1557.427144] should_failslab+0x5/0x20 [ 1557.427642] kmem_cache_alloc+0x5b/0x310 [ 1557.428153] create_object.isra.0+0x3a/0xa20 [ 1557.428701] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1557.429327] kmem_cache_alloc+0x159/0x310 [ 1557.429838] __d_alloc+0x2a/0x990 [ 1557.430263] ? dput+0x1ae/0xcd0 [ 1557.430669] d_alloc+0x46/0x1c0 [ 1557.431075] __lookup_hash+0xcc/0x190 [ 1557.431594] filename_create+0x186/0x4a0 [ 1557.432228] ? filename_parentat+0x570/0x570 [ 1557.432764] ? getname_flags.part.0+0x1dd/0x4f0 [ 1557.433336] do_mkdirat+0xa2/0x2b0 [ 1557.433771] ? user_path_create+0xf0/0xf0 [ 1557.434278] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1557.434915] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1557.435584] do_syscall_64+0x33/0x40 [ 1557.436041] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.436691] RIP: 0033:0x7f3666038b19 [ 1557.437148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.439421] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1557.440358] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1557.441224] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1557.442089] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.442957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1557.443857] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:28:58 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:58 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x20000, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$EVIOCSKEYCODE(0xffffffffffffffff, 0x80104592, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000500)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x9, 0xe080, 0x4, 0x8, 0x5, 0x200}, {0xcb5, 0x8, 0x6, 0x4, 0xfff, 0x7d0d}], ['\x00', '\x00', '\x00', '\x00']}) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000040)=0x3f, 0x4) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0) sendfile(r1, r0, 0x0, 0x500000001) 23:28:58 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 6) [ 1557.650568] FAULT_INJECTION: forcing a failure. [ 1557.650568] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.652693] CPU: 0 PID: 9013 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1557.653541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1557.654557] Call Trace: [ 1557.654885] dump_stack+0x107/0x167 [ 1557.655337] should_fail.cold+0x5/0xa [ 1557.656269] ? cgroup_mkdir+0x254/0xf50 [ 1557.656768] should_failslab+0x5/0x20 [ 1557.657237] __kmalloc+0x72/0x390 [ 1557.657666] cgroup_mkdir+0x254/0xf50 [ 1557.658148] ? cgroup_destroy_locked+0x710/0x710 [ 1557.658756] kernfs_iop_mkdir+0x14d/0x1e0 [ 1557.659384] vfs_mkdir+0x493/0x750 [ 1557.659844] do_mkdirat+0x150/0x2b0 [ 1557.660293] ? user_path_create+0xf0/0xf0 [ 1557.660814] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1557.661468] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1557.662108] do_syscall_64+0x33/0x40 [ 1557.662566] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.663196] RIP: 0033:0x7f3666038b19 [ 1557.663666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.665945] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1557.666889] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1557.667776] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1557.668648] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.669568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1557.670473] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:28:58 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14, r1, 0x1, 0x0, 0x0, {0xd}}, 0x14}}, 0x0) sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r1, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x40004) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000340)="2000000080000000060000006a0005000f00000000000000010000000100000000dc0000004000002000ddbde0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b00000000013324a63088a2a7525136dda5", 0x66, 0x400}], 0x0, &(0x7f0000000140)=ANY=[]) 23:28:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x0, 0x0, '\x00', [{0x0, 0x400000}, {0x800, 0x0, 0x400000000000000, 0x8000000000000, 0x0, 0x4}]}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, &(0x7f0000001100)='./file1\x00', 0xffffffffffffffff) openat$zero(0xffffffffffffff9c, 0x0, 0x161001, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x1000) syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0, 0x40040d5}, 0x0) bind$inet6(r6, &(0x7f0000000180)={0xa, 0x4e24, 0x8, @mcast1, 0x401}, 0x1c) r7 = getpgrp(0x0) tgkill(r7, r7, 0x0) pipe(&(0x7f0000000140)) fcntl$getown(0xffffffffffffffff, 0x9) unshare(0x48020200) 23:28:58 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) 23:28:58 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 23:28:58 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1557.841513] FAULT_INJECTION: forcing a failure. [ 1557.841513] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.843415] CPU: 1 PID: 9020 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1557.844285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1557.845358] Call Trace: [ 1557.845696] dump_stack+0x107/0x167 [ 1557.846187] should_fail.cold+0x5/0xa [ 1557.846667] ? io_setup_async_msg+0xda/0x2d0 [ 1557.847219] should_failslab+0x5/0x20 [ 1557.847991] __kmalloc+0x72/0x390 [ 1557.849077] io_setup_async_msg+0xda/0x2d0 [ 1557.850293] io_recvmsg+0xc26/0xd70 [ 1557.851398] ? io_sendmsg+0x830/0x830 [ 1557.852511] ? kfree+0xd7/0x340 [ 1557.853478] ? mark_lock+0xf5/0x2df0 [ 1557.854538] ? slab_free_freelist_hook+0xa9/0x180 [ 1557.855963] ? mark_lock+0xf5/0x2df0 [ 1557.857075] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1557.858661] io_issue_sqe+0x3bd6/0x77b0 [ 1557.859846] ? perf_trace_lock+0xac/0x490 [ 1557.861055] ? io_connect+0x610/0x610 [ 1557.862218] ? __lockdep_reset_lock+0x180/0x180 [ 1557.863585] ? lock_acquire+0x197/0x470 [ 1557.864773] ? find_held_lock+0x2c/0x110 [ 1557.865963] __io_queue_sqe+0x90/0x9d0 [ 1557.867072] ? rwlock_bug.part.0+0x90/0x90 [ 1557.868318] ? io_issue_sqe+0x77b0/0x77b0 [ 1557.869503] ? do_raw_spin_unlock+0x4f/0x220 [ 1557.870784] ? _raw_spin_unlock+0x1a/0x30 [ 1557.871983] ? io_drain_req+0x603/0xb20 [ 1557.873161] io_submit_sqes+0x44aa/0x8610 [ 1557.874403] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.874674] FAULT_INJECTION: forcing a failure. [ 1557.874674] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.875837] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.875854] ? find_held_lock+0x2c/0x110 [ 1557.875871] ? io_submit_sqes+0x8610/0x8610 [ 1557.875893] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1557.881831] ? wait_for_completion_io+0x270/0x270 [ 1557.883068] ? rcu_read_lock_any_held+0x75/0xa0 [ 1557.883892] ? vfs_write+0x354/0xb10 [ 1557.884367] ? fput_many+0x2f/0x1a0 [ 1557.884827] ? ksys_write+0x1a9/0x260 [ 1557.885309] ? __ia32_sys_read+0xb0/0xb0 [ 1557.885824] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1557.886484] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1557.887138] do_syscall_64+0x33/0x40 [ 1557.887656] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.888303] RIP: 0033:0x7f33fff70b19 [ 1557.888771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.891141] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1557.892923] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1557.894679] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1557.896618] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.898377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1557.899845] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1557.900773] CPU: 0 PID: 9024 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1557.901624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1557.902630] Call Trace: [ 1557.902958] dump_stack+0x107/0x167 [ 1557.903403] should_fail.cold+0x5/0xa [ 1557.903888] ? create_object.isra.0+0x3a/0xa20 [ 1557.904448] should_failslab+0x5/0x20 [ 1557.904921] kmem_cache_alloc+0x5b/0x310 [ 1557.905421] create_object.isra.0+0x3a/0xa20 [ 1557.905954] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1557.906574] __kmalloc+0x16e/0x390 [ 1557.907016] io_setup_async_msg+0xda/0x2d0 [ 1557.907538] io_recvmsg+0xc26/0xd70 [ 1557.907992] ? io_sendmsg+0x830/0x830 [ 1557.908456] ? kfree+0xd7/0x340 [ 1557.908866] ? mark_lock+0xf5/0x2df0 [ 1557.909319] ? slab_free_freelist_hook+0xa9/0x180 [ 1557.909906] ? mark_lock+0xf5/0x2df0 [ 1557.910383] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1557.911035] io_issue_sqe+0x3bd6/0x77b0 [ 1557.911536] ? perf_trace_lock+0xac/0x490 [ 1557.912049] ? io_connect+0x610/0x610 [ 1557.912574] ? __lockdep_reset_lock+0x180/0x180 [ 1557.913411] ? lock_acquire+0x197/0x470 [ 1557.913895] ? find_held_lock+0x2c/0x110 [ 1557.914399] __io_queue_sqe+0x90/0x9d0 [ 1557.914872] ? rwlock_bug.part.0+0x90/0x90 [ 1557.915393] ? io_issue_sqe+0x77b0/0x77b0 [ 1557.915915] ? do_raw_spin_unlock+0x4f/0x220 [ 1557.916457] ? _raw_spin_unlock+0x1a/0x30 [ 1557.916959] ? io_drain_req+0x603/0xb20 [ 1557.917454] io_submit_sqes+0x44aa/0x8610 [ 1557.917980] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.918590] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1557.919181] ? find_held_lock+0x2c/0x110 [ 1557.919701] ? io_submit_sqes+0x8610/0x8610 [ 1557.920235] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1557.920831] ? wait_for_completion_io+0x270/0x270 [ 1557.921422] ? rcu_read_lock_any_held+0x75/0xa0 [ 1557.921994] ? vfs_write+0x354/0xb10 [ 1557.922448] ? fput_many+0x2f/0x1a0 [ 1557.922897] ? ksys_write+0x1a9/0x260 [ 1557.923368] ? __ia32_sys_read+0xb0/0xb0 [ 1557.923882] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1557.924520] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1557.925157] do_syscall_64+0x33/0x40 [ 1557.925613] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1557.926241] RIP: 0033:0x7fa048f33b19 [ 1557.926696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.928938] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1557.929875] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1557.930747] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1557.931635] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.932506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1557.933375] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:28:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f80000200040000300000000000000010000000000000002", 0x2d, 0x9}, {&(0x7f0000010500)="c418710de6ff00000001", 0xa, 0x4000}], 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/cpuinfo\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r4 = socket$inet(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) syz_io_uring_submit(r1, 0x0, &(0x7f0000000280)=@IORING_OP_WRITEV={0x2, 0x4, 0x4004, @fd=r4, 0xffffffff, &(0x7f0000000240)=[{&(0x7f0000000080)="2dfeac27e8585b81bfa6303cce2a42d243c07bfc", 0x14}, {&(0x7f00000000c0)="5f3733ba3412e732d2ee5ade38cfd0e580631ea0bcf1c67dc0e98cc18ef54f5b3adf1caf19822be1a576cb1b3638bc362895a47d609965bb6860259e35773edaf4fd7b11da039d28a72a5e10b9b386fd48ed6878b0b42b554738dd3dcf4c335ab53042bc4c2ac8e15467e109d259517b4f5ac1f41be49d88a3c13235a893e03dad73cc09fbd5f59092dbae9d22086aafae765188b75d33313ccf44982eb7f98b7cf13b3c59997b324dc901d525ee61bdfd05ccf6cdb8b6207ea2e098337b2528c6394404c30591c5f80a9a8b72466d63df", 0xd1}, {&(0x7f00000001c0)}], 0x3, 0x12, 0x0, {0x1}}, 0x7) 23:28:58 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 7) [ 1558.016422] FAULT_INJECTION: forcing a failure. [ 1558.016422] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.019715] CPU: 1 PID: 9034 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1558.021690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1558.023821] Call Trace: [ 1558.024461] dump_stack+0x107/0x167 [ 1558.025345] should_fail.cold+0x5/0xa [ 1558.026276] ? create_object.isra.0+0x3a/0xa20 [ 1558.027399] should_failslab+0x5/0x20 [ 1558.028497] kmem_cache_alloc+0x5b/0x310 [ 1558.029191] tmpfs: Bad value for 'size' [ 1558.029489] create_object.isra.0+0x3a/0xa20 [ 1558.031156] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1558.032577] __kmalloc+0x16e/0x390 [ 1558.033450] cgroup_mkdir+0x254/0xf50 [ 1558.034382] ? cgroup_destroy_locked+0x710/0x710 [ 1558.035562] kernfs_iop_mkdir+0x14d/0x1e0 [ 1558.036578] vfs_mkdir+0x493/0x750 [ 1558.037446] do_mkdirat+0x150/0x2b0 [ 1558.038335] ? user_path_create+0xf0/0xf0 [ 1558.039353] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1558.040866] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1558.042132] do_syscall_64+0x33/0x40 [ 1558.043039] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1558.044450] RIP: 0033:0x7f3666038b19 [ 1558.045358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.050373] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1558.052667] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1558.054423] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1558.055874] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1558.056769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1558.057665] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:28:59 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) fcntl$setlease(r1, 0x400, 0x2) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet(r4, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) setresuid(0xffffffffffffffff, r3, r5) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x4080, &(0x7f0000000280)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@dfltuid={'dfltuid', 0x3d, r3}}], [{@obj_role={'obj_role', 0x3d, 'security.capability\x00'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}]}}) fsetxattr$security_capability(r0, &(0x7f0000000240), &(0x7f0000000200)=@v3, 0x18, 0x1) [ 1558.126089] 9pnet: Insufficient options for proto=fd 23:28:59 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:28:59 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/rt_cache\x00') r1 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x4fea}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_NOP={0x0, 0x1}, 0x3) preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000240)=""/134, 0x86}], 0x1, 0x63, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000200)=0x3ff) syz_io_uring_setup(0x5402, &(0x7f0000000080)={0x0, 0x9fff, 0x20, 0x0, 0xcb}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000440)=0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000300)=0x4) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x80000000) r4 = socket$netlink(0x10, 0x3, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x2007, @fd_index=0x5, 0x5, 0x3, 0x6, 0x10, 0x1, {0x3}}, 0xffffffff) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000f625381730006600010f000000040000000000000000901e51d4cae5c6b87d41bb"], 0x24}}, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0x5, 0xffff019b}}, './file0\x00'}) getsockopt$bt_l2cap_L2CAP_OPTIONS(r7, 0x6, 0x1, &(0x7f00000003c0), &(0x7f0000000540)=0xc) connect$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6}, 0xe) sendfile(r6, r5, &(0x7f0000000340)=0x5, 0x28000) [ 1560.337051] Bluetooth: hci5: command 0x0405 tx timeout 23:29:14 executing program 1: sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)={0x68, 0x0, 0x8, 0x70bd26, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0x51, 0xa8, @random="a1e8b4afc396bf76434e645b61cc9a71fdba7809596232a2dbe08574f1812806e7a018179666d1ad6ca38318906ff8e25e9f706f8d0f14c9a261ed59e89963fa683b655b456e3d5684ebf43abd"}]}, 0x68}, 0x1, 0x0, 0x0, 0x40081}, 0x20000000) r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r3 = fsopen(&(0x7f0000000080)='cpuset\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB="caa420916e71e8e80d9f0154e43e8a31e5e16f07fa9540e7e0b253d83b401a736f0bf0bc9f4c", @ANYRESHEX=r1, @ANYRESHEX=r0, @ANYRESDEC=r3, @ANYRES16=r1, @ANYRES32=r2]) socket$netlink(0x10, 0x3, 0x0) r4 = fork() ptrace(0x10, r4) fallocate(r3, 0x70, 0x0, 0xffffffffffffff0b) ptrace$peeksig(0x4209, r4, &(0x7f0000000040), &(0x7f0000000180)) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x0, 0x0, 0x0, 0x5}, r4, 0xd, 0xffffffffffffffff, 0x0) flock(r5, 0x6) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x4, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x14e6}, 0x40002, 0x0, 0x0, 0x4, 0x5, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x916f0e0b00d1ab96) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000100)={0x101, 0x0, 0x0, 'queue0\x00'}) unshare(0x48020200) 23:29:14 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f6669"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) [ 1573.176894] FAULT_INJECTION: forcing a failure. [ 1573.176894] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1573.179009] CPU: 1 PID: 9059 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1573.180089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.181182] Call Trace: [ 1573.181543] dump_stack+0x107/0x167 [ 1573.182034] should_fail.cold+0x5/0xa [ 1573.182554] _copy_from_user+0x2e/0x1b0 [ 1573.183095] __copy_msghdr_from_user+0x91/0x4b0 23:29:14 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) 23:29:14 executing program 4: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) r0 = fork() ptrace(0x10, r0) waitid(0x1, r0, &(0x7f00000001c0), 0x8, &(0x7f0000000040)) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000100), &(0x7f0000000140)=0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) 23:29:14 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:29:14 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) [ 1573.183717] ? __ia32_sys_shutdown+0x80/0x80 [ 1573.184329] ? unwind_next_frame+0x13ef/0x1a90 [ 1573.184933] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.185822] ? 0xffffffffa0000000 [ 1573.186425] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1573.187030] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 8) 23:29:14 executing program 0: sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) sendmsg$inet6(r1, &(0x7f0000000840)={&(0x7f0000000300)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00', 0x80}, 0x1c, &(0x7f0000000740)=[{&(0x7f0000000340)="a85fd3d9d0a4836491956720a10be54a27b3d5ffac3d3b0df205850d0e84c1e75d1c040fc27e7ff9cf522ee97d5fe6ab364f73b0970b3b7e0a031cbd0c3851199ee7893b889997dcfb27b6e9f1138688e44bc641533bd48f57e0afc428729eeec5adc694fa961785e056b852e8481bf96b5c051daeb30f9feb1ae0", 0x7b}, {&(0x7f00000003c0)="ccf626566a41bafc2e2c553182abddb44ba6168f7d253224f474e6021f0bf4769407e36da3649ea1f32884eb33c1c266b27ac5df21174aa705ebc24a9ae6bdb97d8c3d5416bdfa6ab59f31b82445e2fa03805b306227bd98381b1341cdb433ba89fb6e185bf93dda2dbf7a9fef8645b43586d07511423d1acfb3709aa9fdd48722844e923f6635e85a96abe6e65a2e0c14ded7067fd01e859b5d4a6fa99b400a904b245fb77bd05c3b805e51a3bed13a8f30689a1eea691fa92d7c668ee50248475dc25f9c0314ffd8502d63ab67cf631a10b7", 0xd3}, {&(0x7f00000004c0)="b7d4e17c4351cad8daf7cbe18a105abe8af83084900edc5e45580e92d5e6b98d868a83d286a805af", 0x28}, {&(0x7f0000000500)="84dfcb77da0b8a4c2f603125a275acdc6f40e6cb372cc6bc33467856678ad620c071c33e24718d405b645baca312f3d423c0203bb9b80c2a4debedf58f1dd99facff1fd95ae57be051811068754b9f1ae2a109f40cd30982c6e60890af5c3540801c44d08ebf8c2841fd6c097d8eda95a6349a44560ab4ed5a5b197953410a1aba953025312c1abf8f5be738bbca1fda1855c8fdb3a9f787c71a39ce30abe42133770751cecf47dbdbc27f9bf00b6698ca6cc70af6c454032ac3f190d1bbb14134c63e93dc4e636aca611e6391176384ee41ad4cf2e9fc8de6629fe69581c9dfc2708aed29cc3a", 0xe7}, {&(0x7f0000000600)="ab716be4c042f3955f1007fcc606228915", 0x11}, {&(0x7f0000000640)="06406bafdaf57c0c06835324b592830f76b81dd3527c0fe5460957327cef32dac6c67a56c92154d0c4a2b75bfc61487b105f050c38059260451d973b131fd415b0e19ad186b43550d0920aa4a440ddd838d30a09043c870ef41bcb6c62131c49189541390c4aae090236d7f869b46e64a7dc560f9a6903b3b4010e441d77fdf322e17914d8ffe3f8fedd72458eda3cb9f385df9ab64770d8310581daf5cdf57547ac176d6c86f81d5e96b8803f7eb12aae657d64da2f0e670762ee1c8f33cfab956207e2c8c047d1f1147dc9b278d685f03812aad780d1f61e16db640b1b381839e7", 0xe2}], 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="2000000000000000290000c0d4a218b20037000000732300000000000000000040380000000000060029000000390000005c04010100000000fe80000000d53b3f47f1e91666f68f000000000000004ba9f702d13b2d11000000000000bfbcb2d680df48125a247bfcc82687d62805"], 0x58}, 0x40800) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, r0, 0x0, 0x0, 0x20, 0x101c40, 0x12345}, 0x7ac) set_mempolicy(0x2, &(0x7f0000000000), 0x1) perf_event_open$cgroup(&(0x7f0000000240)={0x7, 0x80, 0x85, 0x3, 0xff, 0x40, 0x0, 0x100000001, 0x104, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, @perf_bp={&(0x7f0000000040)}, 0x100, 0x400, 0x0, 0x3, 0x10, 0x1, 0x3, 0x0, 0x100, 0x0, 0xfffffffffffffff9}, r0, 0xd, 0xffffffffffffffff, 0x5) preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000100)=""/255, 0x7ffff000}], 0x1000000000000143, 0x1, 0x0) splice(0xffffffffffffffff, &(0x7f0000000080), r3, &(0x7f00000002c0)=0x800, 0x8, 0x8) io_uring_enter(0xffffffffffffffff, 0x87a, 0x9f57, 0x0, &(0x7f0000000880)={[0x80]}, 0x8) flistxattr(0xffffffffffffffff, &(0x7f0000000940)=""/192, 0xc0) [ 1573.187751] ? create_prof_cpu_mask+0x20/0x20 [ 1573.188366] ? arch_stack_walk+0x99/0xf0 [ 1573.188925] io_recvmsg+0xae8/0xd70 [ 1573.189412] ? kfree+0xd7/0x340 [ 1573.189849] ? lock_chain_count+0x20/0x20 [ 1573.190409] ? io_sendmsg+0x830/0x830 [ 1573.190924] ? kfree+0xd7/0x340 [ 1573.191371] ? mark_lock+0xf5/0x2df0 [ 1573.191874] ? slab_free_freelist_hook+0xa9/0x180 [ 1573.192531] ? mark_lock+0xf5/0x2df0 [ 1573.193038] ? lock_chain_count+0x20/0x20 [ 1573.193601] ? lock_chain_count+0x20/0x20 [ 1573.194159] ? __lock_acquire+0xbb1/0x5b00 [ 1573.194745] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1573.195463] io_issue_sqe+0x3bd6/0x77b0 [ 1573.196014] ? perf_trace_lock+0xac/0x490 [ 1573.196599] ? io_connect+0x610/0x610 [ 1573.197115] ? __lockdep_reset_lock+0x180/0x180 [ 1573.197746] ? lock_acquire+0x197/0x470 [ 1573.198281] ? find_held_lock+0x2c/0x110 [ 1573.198510] FAULT_INJECTION: forcing a failure. [ 1573.198510] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.198817] __io_queue_sqe+0x90/0x9d0 [ 1573.198834] ? rwlock_bug.part.0+0x90/0x90 [ 1573.201295] ? io_issue_sqe+0x77b0/0x77b0 [ 1573.201812] ? do_raw_spin_unlock+0x4f/0x220 [ 1573.202372] ? _raw_spin_unlock+0x1a/0x30 [ 1573.202886] ? io_drain_req+0x603/0xb20 [ 1573.203396] io_submit_sqes+0x44aa/0x8610 [ 1573.203944] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1573.204589] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1573.205202] ? find_held_lock+0x2c/0x110 [ 1573.205717] ? io_submit_sqes+0x8610/0x8610 [ 1573.206272] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1573.206878] ? wait_for_completion_io+0x270/0x270 [ 1573.207491] ? rcu_read_lock_any_held+0x75/0xa0 [ 1573.208090] ? vfs_write+0x354/0xb10 [ 1573.208560] ? fput_many+0x2f/0x1a0 [ 1573.209025] ? ksys_write+0x1a9/0x260 [ 1573.209503] ? __ia32_sys_read+0xb0/0xb0 [ 1573.210023] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.210678] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1573.211333] do_syscall_64+0x33/0x40 [ 1573.211802] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.212466] RIP: 0033:0x7fa048f33b19 [ 1573.212938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.215239] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1573.216226] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1573.217125] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1573.218019] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1573.218909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1573.219805] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1573.220739] CPU: 0 PID: 9064 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1573.221624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.222701] Call Trace: [ 1573.223056] dump_stack+0x107/0x167 [ 1573.223529] should_fail.cold+0x5/0xa [ 1573.224020] ? create_object.isra.0+0x3a/0xa20 [ 1573.224629] should_failslab+0x5/0x20 [ 1573.225131] kmem_cache_alloc+0x5b/0x310 [ 1573.225662] create_object.isra.0+0x3a/0xa20 [ 1573.226237] kmemleak_alloc_percpu+0xa0/0x100 [ 1573.226821] pcpu_alloc+0x4e2/0x1240 [ 1573.227328] ? cset_cgroup_from_root+0x220/0x220 [ 1573.227942] percpu_ref_init+0x31/0x3d0 [ 1573.228482] cgroup_mkdir+0x28b/0xf50 [ 1573.228954] ? cgroup_destroy_locked+0x710/0x710 [ 1573.229557] kernfs_iop_mkdir+0x14d/0x1e0 [ 1573.230104] vfs_mkdir+0x493/0x750 [ 1573.230578] do_mkdirat+0x150/0x2b0 [ 1573.231058] ? user_path_create+0xf0/0xf0 [ 1573.231605] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.232346] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1573.233029] do_syscall_64+0x33/0x40 [ 1573.233522] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.234197] RIP: 0033:0x7f3666038b19 [ 1573.234690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.237044] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1573.238019] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1573.238932] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1573.239847] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1573.240774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1573.241699] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:29:14 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) [ 1573.268556] FAULT_INJECTION: forcing a failure. [ 1573.268556] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.270266] CPU: 1 PID: 9068 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1573.271178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.272303] Call Trace: [ 1573.272662] dump_stack+0x107/0x167 [ 1573.273153] should_fail.cold+0x5/0xa [ 1573.273669] ? create_object.isra.0+0x3a/0xa20 [ 1573.274283] should_failslab+0x5/0x20 [ 1573.274795] kmem_cache_alloc+0x5b/0x310 [ 1573.275348] create_object.isra.0+0x3a/0xa20 [ 1573.275935] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1573.276631] __kmalloc+0x16e/0x390 [ 1573.277118] io_setup_async_msg+0xda/0x2d0 [ 1573.277689] io_recvmsg+0xc26/0xd70 [ 1573.278187] ? io_sendmsg+0x830/0x830 [ 1573.278701] ? kfree+0xd7/0x340 [ 1573.279155] ? mark_lock+0xf5/0x2df0 [ 1573.279659] ? slab_free_freelist_hook+0xa9/0x180 [ 1573.280323] ? mark_lock+0xf5/0x2df0 [ 1573.280855] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1573.281571] io_issue_sqe+0x3bd6/0x77b0 [ 1573.282123] ? perf_trace_lock+0xac/0x490 [ 1573.282679] ? io_connect+0x610/0x610 [ 1573.283197] ? __lockdep_reset_lock+0x180/0x180 [ 1573.283828] ? lock_acquire+0x197/0x470 [ 1573.284388] ? find_held_lock+0x2c/0x110 [ 1573.284943] __io_queue_sqe+0x90/0x9d0 [ 1573.285471] ? rwlock_bug.part.0+0x90/0x90 [ 1573.286042] ? io_issue_sqe+0x77b0/0x77b0 [ 1573.286600] ? do_raw_spin_unlock+0x4f/0x220 [ 1573.287190] ? _raw_spin_unlock+0x1a/0x30 [ 1573.287748] ? io_drain_req+0x603/0xb20 [ 1573.288311] io_submit_sqes+0x44aa/0x8610 [ 1573.288900] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1573.289570] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1573.290224] ? find_held_lock+0x2c/0x110 [ 1573.290774] ? io_submit_sqes+0x8610/0x8610 [ 1573.291367] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1573.292025] ? wait_for_completion_io+0x270/0x270 [ 1573.293450] ? rcu_read_lock_any_held+0x75/0xa0 [ 1573.294756] ? vfs_write+0x354/0xb10 [ 1573.295792] ? fput_many+0x2f/0x1a0 [ 1573.296888] ? ksys_write+0x1a9/0x260 [ 1573.297958] ? __ia32_sys_read+0xb0/0xb0 [ 1573.299065] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.301282] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1573.301977] do_syscall_64+0x33/0x40 [ 1573.302481] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.303171] RIP: 0033:0x7f33fff70b19 [ 1573.303673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.306122] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1573.307144] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1573.308173] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1573.309132] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1573.310087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1573.311036] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:29:14 executing program 4: open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x3) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fsuuid=\x00\x00\x00\x00\x00\x00\x00\x00-\x00\x00\x00\x00-\x00\x00\x00\x00\x00Nk-\x00\x00\x00\x00\x00\x00\x00\x00,\x00']) 23:29:14 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 9) 23:29:14 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:29:14 executing program 4: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x10000, 0x0) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x9, 0x3f, 0x3, 0xc, 0x0, 0x2, 0x2c8, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x955, 0x4, @perf_config_ext={0x3, 0x6}, 0x40108, 0x6c, 0x5, 0x1, 0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x10, r0, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_TIMEOUT_REMOVE, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x1, 0x4004, @fd_index, 0x80, 0x0, 0x0, 0x4, 0x0, {0x2}}, 0x80000001) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x41d3, 0xffffffffffffffff, 0x0) io_uring_setup(0x5813, &(0x7f0000000000)={0x0, 0xa6d5, 0x20, 0x1, 0x250}) r5 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x41d3, r5, 0x0) io_uring_enter(r1, 0x3491, 0x0, 0x0, 0x0, 0x0) [ 1573.563139] FAULT_INJECTION: forcing a failure. [ 1573.563139] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.564914] CPU: 1 PID: 9082 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1573.565830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.566940] Call Trace: [ 1573.567304] dump_stack+0x107/0x167 [ 1573.567804] should_fail.cold+0x5/0xa [ 1573.568340] ? create_object.isra.0+0x3a/0xa20 [ 1573.568959] should_failslab+0x5/0x20 [ 1573.569473] kmem_cache_alloc+0x5b/0x310 [ 1573.570022] ? mark_held_locks+0x9e/0xe0 [ 1573.570580] create_object.isra.0+0x3a/0xa20 [ 1573.571186] kmemleak_alloc_percpu+0xa0/0x100 [ 1573.571800] pcpu_alloc+0x4e2/0x1240 [ 1573.572338] ? cset_cgroup_from_root+0x220/0x220 [ 1573.572974] percpu_ref_init+0x31/0x3d0 [ 1573.573516] cgroup_mkdir+0x28b/0xf50 [ 1573.574046] ? cgroup_destroy_locked+0x710/0x710 [ 1573.574683] kernfs_iop_mkdir+0x14d/0x1e0 [ 1573.575245] vfs_mkdir+0x493/0x750 [ 1573.575736] do_mkdirat+0x150/0x2b0 [ 1573.576227] ? user_path_create+0xf0/0xf0 [ 1573.576790] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.577496] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1573.578197] do_syscall_64+0x33/0x40 [ 1573.578701] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.579393] RIP: 0033:0x7f3666038b19 [ 1573.579898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.582362] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1573.583365] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1573.584340] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1573.585293] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1573.586247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1573.587203] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1573.665430] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 23:29:14 executing program 1: syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000300)) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xee00}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000005c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c652fe1451d4e7b754bc7f05f0ff404807bf64d176a29993195992c14f39ee8328796f81d1886f6cb48f1ed71a941835b5840190114208ef9dda4756eab00fcd38d0a302906ffc3e8f25260ef7b4e28db855ed9e895bd4b0fbdedef955a9ddf4161dc9347ef97623a3ebf9ca8933a81653dd955d769a92740fbed0519a0fe8fb2bb1420fa5a24997c0cf4682cd464c3bcd44c267b10cfd7565652376257be8c2ef9d94e9ad1d44011543b4d0e2c77577a1157a58a7edab4a0981d3549776f0000000000000000000000000000003431dcc155e5a5de510ab9a8c034ae4e470f736b27b55dd876c4d87f60b7154a92ccc3062af7d6e34f950d8ea3f989ab63db6d324b84e3ca0f3b0808d8ef0272283ef64793afb8c3cb66508f2799783143e99c6576f393ca3cee9f4ed8d3c6cdff4137436ed17015892feb7927419bcb63f9b68c8fda03a000186aa7a90b64f5cd2db4aac3"]) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0) 23:29:14 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) [ 1573.712894] FAULT_INJECTION: forcing a failure. [ 1573.712894] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1573.714581] CPU: 1 PID: 9089 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1573.715482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.716604] Call Trace: [ 1573.716969] dump_stack+0x107/0x167 [ 1573.717458] should_fail.cold+0x5/0xa [ 1573.717976] _copy_from_user+0x2e/0x1b0 [ 1573.718519] __copy_msghdr_from_user+0x91/0x4b0 [ 1573.719143] ? __ia32_sys_shutdown+0x80/0x80 [ 1573.719738] ? unwind_next_frame+0x13ef/0x1a90 [ 1573.720374] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.721082] ? 0xffffffffa0000000 [ 1573.721569] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1573.722170] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1573.722895] ? create_prof_cpu_mask+0x20/0x20 [ 1573.723506] ? arch_stack_walk+0x99/0xf0 [ 1573.724086] io_recvmsg+0xae8/0xd70 [ 1573.724588] ? kfree+0xd7/0x340 [ 1573.725037] ? lock_chain_count+0x20/0x20 [ 1573.725596] ? io_sendmsg+0x830/0x830 [ 1573.726111] ? kfree+0xd7/0x340 [ 1573.726562] ? mark_lock+0xf5/0x2df0 [ 1573.727063] ? slab_free_freelist_hook+0xa9/0x180 [ 1573.727718] ? mark_lock+0xf5/0x2df0 [ 1573.728240] ? lock_chain_count+0x20/0x20 [ 1573.728805] ? lock_chain_count+0x20/0x20 [ 1573.729369] ? __lock_acquire+0xbb1/0x5b00 [ 1573.729964] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1573.730689] io_issue_sqe+0x3bd6/0x77b0 [ 1573.731248] ? perf_trace_lock+0xac/0x490 [ 1573.731807] ? io_connect+0x610/0x610 [ 1573.732346] ? __lockdep_reset_lock+0x180/0x180 [ 1573.732983] ? lock_acquire+0x197/0x470 [ 1573.733530] ? find_held_lock+0x2c/0x110 [ 1573.734086] __io_queue_sqe+0x90/0x9d0 [ 1573.734628] ? rwlock_bug.part.0+0x90/0x90 [ 1573.735209] ? io_issue_sqe+0x77b0/0x77b0 [ 1573.735788] ? do_raw_spin_unlock+0x4f/0x220 [ 1573.736400] ? _raw_spin_unlock+0x1a/0x30 [ 1573.736941] ? io_drain_req+0x603/0xb20 [ 1573.737500] io_submit_sqes+0x44aa/0x8610 [ 1573.738088] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1573.738764] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1573.739421] ? find_held_lock+0x2c/0x110 [ 1573.739982] ? io_submit_sqes+0x8610/0x8610 [ 1573.740585] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1573.741249] ? wait_for_completion_io+0x270/0x270 [ 1573.741904] ? rcu_read_lock_any_held+0x75/0xa0 [ 1573.742547] ? vfs_write+0x354/0xb10 [ 1573.743064] ? fput_many+0x2f/0x1a0 [ 1573.743556] ? ksys_write+0x1a9/0x260 [ 1573.744092] ? __ia32_sys_read+0xb0/0xb0 [ 1573.744646] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.745340] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1573.746007] do_syscall_64+0x33/0x40 [ 1573.746488] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.747162] RIP: 0033:0x7f33fff70b19 [ 1573.747662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.750108] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1573.751127] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1573.752092] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1573.753048] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1573.753998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1573.754949] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1573.762445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1573.763448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1573.766891] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1573.783802] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1589.244125] FAULT_INJECTION: forcing a failure. [ 1589.244125] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.261740] CPU: 1 PID: 9103 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1589.262593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.263621] Call Trace: [ 1589.263957] dump_stack+0x107/0x167 [ 1589.264417] should_fail.cold+0x5/0xa [ 1589.264949] ? percpu_ref_init+0xd8/0x3d0 [ 1589.265474] should_failslab+0x5/0x20 [ 1589.265953] kmem_cache_alloc_trace+0x55/0x320 [ 1589.266529] ? cset_cgroup_from_root+0x220/0x220 [ 1589.267122] percpu_ref_init+0xd8/0x3d0 [ 1589.267623] cgroup_mkdir+0x28b/0xf50 [ 1589.268105] ? cgroup_destroy_locked+0x710/0x710 [ 1589.268723] kernfs_iop_mkdir+0x14d/0x1e0 [ 1589.268938] sg_write: data in/out 253104/8 bytes for SCSI command 0x3f-- guessing data in; [ 1589.268938] program syz-executor.4 not setting count and/or reply_len properly [ 1589.269257] vfs_mkdir+0x493/0x750 [ 1589.269276] do_mkdirat+0x150/0x2b0 [ 1589.272089] ? user_path_create+0xf0/0xf0 [ 1589.272667] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1589.272902] FAULT_INJECTION: forcing a failure. [ 1589.272902] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.273347] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1589.273366] do_syscall_64+0x33/0x40 [ 1589.275779] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.276429] RIP: 0033:0x7f3666038b19 [ 1589.276916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.279231] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1589.280191] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1589.281104] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1589.282002] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.282896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.283794] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1589.284731] CPU: 0 PID: 9108 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1589.285625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.286701] Call Trace: [ 1589.287046] dump_stack+0x107/0x167 [ 1589.287533] should_fail.cold+0x5/0xa [ 1589.288030] ? io_setup_async_msg+0xda/0x2d0 [ 1589.288606] should_failslab+0x5/0x20 [ 1589.293140] __kmalloc+0x72/0x390 [ 1589.293607] io_setup_async_msg+0xda/0x2d0 [ 1589.294138] io_recvmsg+0xc26/0xd70 [ 1589.294589] ? io_sendmsg+0x830/0x830 [ 1589.295060] ? kfree+0xd7/0x340 [ 1589.295464] ? mark_lock+0xf5/0x2df0 [ 1589.295919] ? slab_free_freelist_hook+0xa9/0x180 [ 1589.296504] ? mark_lock+0xf5/0x2df0 [ 1589.297005] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1589.297647] io_issue_sqe+0x3bd6/0x77b0 [ 1589.298144] ? perf_trace_lock+0xac/0x490 [ 1589.298646] ? io_connect+0x610/0x610 [ 1589.299110] ? __lockdep_reset_lock+0x180/0x180 [ 1589.299680] ? lock_acquire+0x197/0x470 [ 1589.300163] ? find_held_lock+0x2c/0x110 [ 1589.300674] __io_queue_sqe+0x90/0x9d0 [ 1589.301155] ? rwlock_bug.part.0+0x90/0x90 [ 1589.301670] ? io_issue_sqe+0x77b0/0x77b0 [ 1589.302174] ? do_raw_spin_unlock+0x4f/0x220 [ 1589.302708] ? _raw_spin_unlock+0x1a/0x30 [ 1589.303211] ? io_drain_req+0x603/0xb20 [ 1589.303701] io_submit_sqes+0x44aa/0x8610 [ 1589.304233] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.304853] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.305442] ? find_held_lock+0x2c/0x110 [ 1589.305942] ? io_submit_sqes+0x8610/0x8610 [ 1589.306475] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1589.307066] ? wait_for_completion_io+0x270/0x270 [ 1589.307654] ? rcu_read_lock_any_held+0x75/0xa0 [ 1589.308218] ? vfs_write+0x354/0xb10 [ 1589.308683] ? fput_many+0x2f/0x1a0 [ 1589.309134] ? ksys_write+0x1a9/0x260 [ 1589.309596] ? __ia32_sys_read+0xb0/0xb0 [ 1589.310094] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1589.310726] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1589.311354] do_syscall_64+0x33/0x40 [ 1589.311805] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.312427] RIP: 0033:0x7f33fff70b19 [ 1589.316908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.319119] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1589.320036] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1589.320907] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1589.321766] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.322626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.323486] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1589.335363] FAULT_INJECTION: forcing a failure. [ 1589.335363] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1589.337017] CPU: 0 PID: 9098 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1589.337903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.338942] Call Trace: [ 1589.339270] dump_stack+0x107/0x167 [ 1589.339714] should_fail.cold+0x5/0xa [ 1589.340183] _copy_from_user+0x2e/0x1b0 [ 1589.340682] __copy_msghdr_from_user+0x91/0x4b0 [ 1589.341256] ? __ia32_sys_shutdown+0x80/0x80 [ 1589.341794] ? unwind_next_frame+0x13ef/0x1a90 [ 1589.342350] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.342997] ? 0xffffffffa0000000 [ 1589.343428] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1589.343979] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1589.344624] ? create_prof_cpu_mask+0x20/0x20 [ 1589.345191] ? arch_stack_walk+0x99/0xf0 [ 1589.345697] io_recvmsg+0xae8/0xd70 [ 1589.346144] ? kfree+0xd7/0x340 [ 1589.346551] ? lock_chain_count+0x20/0x20 [ 1589.347058] ? io_sendmsg+0x830/0x830 [ 1589.347523] ? kfree+0xd7/0x340 [ 1589.347933] ? mark_lock+0xf5/0x2df0 [ 1589.348390] ? slab_free_freelist_hook+0xa9/0x180 [ 1589.348994] ? mark_lock+0xf5/0x2df0 [ 1589.349450] ? lock_chain_count+0x20/0x20 [ 1589.349959] ? lock_chain_count+0x20/0x20 [ 1589.350465] ? __lock_acquire+0xbb1/0x5b00 [ 1589.350997] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1589.351646] io_issue_sqe+0x3bd6/0x77b0 [ 1589.352145] ? perf_trace_lock+0xac/0x490 [ 1589.352665] ? io_connect+0x610/0x610 [ 1589.353142] ? __lockdep_reset_lock+0x180/0x180 [ 1589.353717] ? lock_acquire+0x197/0x470 [ 1589.354206] ? find_held_lock+0x2c/0x110 [ 1589.354712] __io_queue_sqe+0x90/0x9d0 [ 1589.355189] ? rwlock_bug.part.0+0x90/0x90 [ 1589.355707] ? io_issue_sqe+0x77b0/0x77b0 [ 1589.356214] ? do_raw_spin_unlock+0x4f/0x220 [ 1589.356773] ? _raw_spin_unlock+0x1a/0x30 [ 1589.357281] ? io_drain_req+0x603/0xb20 [ 1589.357772] io_submit_sqes+0x44aa/0x8610 [ 1589.358305] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.358912] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.359505] ? find_held_lock+0x2c/0x110 [ 1589.360009] ? io_submit_sqes+0x8610/0x8610 [ 1589.360542] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1589.361150] ? wait_for_completion_io+0x270/0x270 [ 1589.361741] ? rcu_read_lock_any_held+0x75/0xa0 [ 1589.362311] ? vfs_write+0x354/0xb10 [ 1589.362766] ? fput_many+0x2f/0x1a0 [ 1589.363214] ? ksys_write+0x1a9/0x260 [ 1589.363679] ? __ia32_sys_read+0xb0/0xb0 [ 1589.364182] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1589.364836] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1589.365468] do_syscall_64+0x33/0x40 [ 1589.365927] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.366550] RIP: 0033:0x7fa048f33b19 [ 1589.367007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.369256] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1589.370185] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1589.371053] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1589.371918] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.372796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.373665] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:29:30 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 10) 23:29:30 executing program 1: ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7002) ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x8) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000300)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000002c0)={[{@noacl}]}) 23:29:30 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f6669"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:29:30 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(r0, &(0x7f0000000280)='./file0\x00', 0x2) fchown(0xffffffffffffffff, 0xee00, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x82801) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = fcntl$dupfd(r1, 0x406, r2) ioctl$SG_NEXT_CMD_LEN(r3, 0x2283, &(0x7f0000000000)=0x1) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="001dabe0d4dc03000000000000008b2428de4d72b89aeddb2a530000000000000000000c3f089694ed90fa7c43", 0x2d}], 0x1) connect$inet6(0xffffffffffffffff, &(0x7f0000000540)={0xa, 0x0, 0x8, @dev={0xfe, 0x80, '\x00', 0x3b}, 0x2}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @private1}, 0x1c) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_mreq(r4, 0x29, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x14) r5 = socket$inet(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'rose0\x00'}) ioctl$sock_inet_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000200)) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000000100000018800020be6b0d0168212759af77caa4e61bf4f6597f4be6e88fbd6b5e411abe8522b2ef57a99745b950cdb31696afcda89eace9c3b09d233be3a6bb94ab597453211c91386a1f4ab19fa528f60c989c7a86347810e32df93765fcfbc7cc7e3298854e1eba384a0187555e000000000b3b37d1f12a7d3aa6ecefb47bf752c117d68dac3163b63b408319eef49c3652d3da2f5b32fdb45a38e9ef1c03d75c83e7bbec677f84d8aee709392263ca03de68287b798023cbe1205165d202a80f50477dadd6f51e59ae5e21621bbb758c9d9c6e754a5d46556803a746ed40f4645ed7874a3fce0000000000", @ANYRES32, @ANYRES32=r0, @ANYBLOB="00000b002e2d66690fb470117a8d16df1265302f66696ce83a3cc7f2bea95c9a99b026dae16c6b747a91a541e60000000000006089aac4c970854ac6e7079f3d181153307d803b9074aa03b10d383598b3b94609348418f84119aa4c3e2348647b094ca1ffd274f740d00f01258ce0989e69f303076df1c737f39e2874efb636270e738850ad8a66ccdcbf0c75b18c8cdbd77a04a34387e43a4c29996416085a9c82c3"]) 23:29:30 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 23:29:30 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) 23:29:30 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, 0x0, 0x0) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:29:30 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffec135ad3ffffff08004500001c0000000000029078ac1e0001e000000100009078e0000001"], 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000000)={@val={0x0, 0x8100}, @val={0x3, 0x4, 0x7fff, 0xe7a3, 0x0, 0x6}, @eth={@local, @remote, @val={@val={0x9100, 0x1, 0x0, 0x3}, {0x8100, 0x1, 0x0, 0x3}}, {@arp={0x806, @generic={0x108, 0x886c, 0x6, 0x3, 0x9, @multicast, "451528", @remote, "a4fad6a1746588"}}}}}, 0x42) r0 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x94992, 0xffffffffffffffff, 0x8000000) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/cpuinfo\x00', 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r0, r3, &(0x7f0000000180)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r5, &(0x7f00000000c0)=0x80, &(0x7f0000000100)=@isdn, 0x0, 0x80800, 0x1, {0x0, r6}}, 0x3ff) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r8, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r8, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r8, r7, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) write$tun(r7, &(0x7f0000000380)={@val={0x0, 0xd}, @val={0x2, 0x3, 0xffe1, 0xff, 0x8, 0x3}, @mpls={[{0x8001, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x101}, {0x4879}], @ipv4=@gre={{0xf, 0x4, 0x0, 0x14, 0x225, 0x64, 0x0, 0xb1, 0x2f, 0x0, @remote, @multicast2, {[@timestamp={0x44, 0x28, 0x17, 0x0, 0x3, [0x101, 0x3f, 0x3, 0x9, 0x0, 0x0, 0x4, 0xa8b, 0x0]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x8c, 0x2, [0x4, 0x9], "1e575d684cd25589e6276539803a173600d3485879a5d0fe19a8ee2d4022cd2e862abf51e68a903b99c20109456f406a12d92e55a3e0dc22930e139ba94cd5600a6ef4f06c085351a9c6514dad0e0e369e96dab9771811883e74a23b4da3ef7877edf9ac5e857c3338810b091125c9b38d753c4ba5f2a38538cd59e9cba2ec0d94ce4017193ac035ef59e0ab"}, {0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [], "df45fb4f6102ce8ac3a1098798ce64ddc43e035329f15fc8dfaa"}, {0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x86dd, [0x400], "0bc23df3cb04ffcd5d285ad9b26e17ef2109eb5497e953ee41c3c68f7881202241ace7c3741be9079a1c2daa71206d2428e2641ab59c60428e899dd7ff6e5451bf9d1f7048a912ac5a500525d7a260ed864a34c43d217af9d5b03c970b4015f7dd027903590501d4674755916473963df6042af40426aabff74be72ec00bfa54cce97bacc1d074e9ec0854506d0e045088175c0450eb56ef6b3e780bc90de7c04879323fc8d198dcdea9d513c8ca9a997c1d884ffb05983adceb7782254ec141341c9781b07819b627a90a1f09"}, {0x8, 0x88be, 0x0, {{0x5, 0x1, 0x0, 0x2, 0x0, 0x1, 0x7, 0xff}, 0x1, {0x3ff}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x6, 0x3, 0x1, 0x2, 0x6, 0x2}, 0x2, {0x3, 0x0, 0x1, 0x10, 0x0, 0x0, 0x2}}}, {0x8, 0x6558, 0x4, "dd52c5e46530378dfc9826404a59914d13000052acddd0e8094d8cadbd7024db33e44b709590e4eedfe7a4dc"}}}}}, 0x247) 23:29:30 executing program 0: ftruncate(0xffffffffffffffff, 0x8) r0 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000200)={0x0, "f038679de021f8c801000000000000009d1fa459d07100000000bc7ae631f7a54805ff070000000000093393d0e1c7391515c7ab7c8e0600"}, 0xffffff93, 0x0) add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffb) request_key(0x0, 0x0, &(0x7f00000006c0)='{{\x80\x00\\+\x00', 0x0) getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000004c0)={@multicast1, @broadcast}, &(0x7f0000000500)=0x8) r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$user(&(0x7f0000000a40), 0x0, &(0x7f0000000300)="a3", 0x1, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000780)='dns_resolver\x00', &(0x7f0000000740)=@chain) request_key(0x0, &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='dns_resolver\x00', r1) add_key$keyring(&(0x7f0000000340), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0xa, 0x0) r3 = add_key(&(0x7f0000000400)='user\x00', &(0x7f0000000000)={'syz', 0x1}, &(0x7f00000015c0)="04931c01473d9ba2e279ab76b7fd539903fb409bd6ad3ff89c90ba13d86bc6049785de426a8f8ccf23d4cf239237ef6af357ff95b1ade47792f8cfe923b83c3aeae552f2b405205817cfbf5bb6d03915df2fd840adcb5fd684893156407b66c8a2e38ce2495582211bdf5fc667ea872554e7f26f838954196fbc2466eaa4b2eafc5d838f8bcaa01133cbf024f0ae30a1fbd9a7791a908680e37ccc5d554eb2a34f22dba8167d0a9d6984ac00"/184, 0xb8, 0xfffffffffffffffe) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x8917, &(0x7f00000001c0)={'sit0\x00', {0x2, 0x0, @empty}}) r4 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r3) add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r4) r5 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r5, 0x891a, &(0x7f00000001c0)={'syz_tun\x00', {0x2, 0x0, @empty}}) clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 23:29:30 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 11) 23:29:30 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, 0x0, 0x0) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1589.549099] audit: type=1326 audit(1730849370.534:98): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.552175] audit: type=1326 audit(1730849370.534:99): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.560320] audit: type=1326 audit(1730849370.544:100): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.579719] audit: type=1326 audit(1730849370.544:101): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.596068] audit: type=1326 audit(1730849370.544:102): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.606760] FAULT_INJECTION: forcing a failure. [ 1589.606760] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.608393] CPU: 1 PID: 9122 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1589.609320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.610411] Call Trace: [ 1589.610771] dump_stack+0x107/0x167 [ 1589.611264] should_fail.cold+0x5/0xa [ 1589.611788] ? percpu_ref_init+0xd8/0x3d0 [ 1589.612353] should_failslab+0x5/0x20 [ 1589.612883] kmem_cache_alloc_trace+0x55/0x320 [ 1589.613507] ? cset_cgroup_from_root+0x220/0x220 [ 1589.614146] percpu_ref_init+0xd8/0x3d0 [ 1589.614689] cgroup_mkdir+0x28b/0xf50 [ 1589.615205] ? cgroup_destroy_locked+0x710/0x710 [ 1589.615845] kernfs_iop_mkdir+0x14d/0x1e0 [ 1589.616412] vfs_mkdir+0x493/0x750 [ 1589.616914] do_mkdirat+0x150/0x2b0 [ 1589.617413] ? user_path_create+0xf0/0xf0 [ 1589.617981] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1589.618683] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1589.619381] do_syscall_64+0x33/0x40 [ 1589.619883] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.620567] RIP: 0033:0x7f3666038b19 [ 1589.621088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.623541] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1589.624565] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1589.625529] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1589.626479] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.627435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.628385] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1589.634078] audit: type=1326 audit(1730849370.545:103): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 23:29:30 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) [ 1589.649109] audit: type=1326 audit(1730849370.545:104): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.717566] audit: type=1326 audit(1730849370.545:105): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.720385] audit: type=1326 audit(1730849370.545:106): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7aff1c7b19 code=0x7ffc0000 [ 1589.793226] FAULT_INJECTION: forcing a failure. [ 1589.793226] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.794840] CPU: 1 PID: 9131 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1589.795756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.796897] Call Trace: [ 1589.797272] dump_stack+0x107/0x167 [ 1589.797775] should_fail.cold+0x5/0xa [ 1589.798314] ? create_object.isra.0+0x3a/0xa20 [ 1589.798929] should_failslab+0x5/0x20 [ 1589.799457] kmem_cache_alloc+0x5b/0x310 [ 1589.800013] create_object.isra.0+0x3a/0xa20 [ 1589.800616] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1589.801318] __kmalloc+0x16e/0x390 [ 1589.801824] io_setup_async_msg+0xda/0x2d0 [ 1589.802398] io_recvmsg+0xc26/0xd70 [ 1589.802908] ? io_sendmsg+0x830/0x830 [ 1589.803421] ? kfree+0xd7/0x340 [ 1589.803891] ? mark_lock+0xf5/0x2df0 [ 1589.804393] ? slab_free_freelist_hook+0xa9/0x180 [ 1589.805043] ? mark_lock+0xf5/0x2df0 [ 1589.805532] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1589.806193] io_issue_sqe+0x3bd6/0x77b0 [ 1589.806697] ? perf_trace_lock+0xac/0x490 [ 1589.807215] ? io_connect+0x610/0x610 [ 1589.807691] ? __lockdep_reset_lock+0x180/0x180 [ 1589.808274] ? lock_acquire+0x197/0x470 [ 1589.808813] ? find_held_lock+0x2c/0x110 [ 1589.809348] __io_queue_sqe+0x90/0x9d0 [ 1589.809837] ? rwlock_bug.part.0+0x90/0x90 [ 1589.810421] ? io_issue_sqe+0x77b0/0x77b0 [ 1589.810986] ? do_raw_spin_unlock+0x4f/0x220 [ 1589.811580] ? _raw_spin_unlock+0x1a/0x30 [ 1589.812145] ? io_drain_req+0x603/0xb20 [ 1589.812699] io_submit_sqes+0x44aa/0x8610 [ 1589.813305] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.813970] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.814631] ? find_held_lock+0x2c/0x110 [ 1589.815183] ? io_submit_sqes+0x8610/0x8610 [ 1589.815781] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1589.816436] ? wait_for_completion_io+0x270/0x270 [ 1589.817116] ? rcu_read_lock_any_held+0x75/0xa0 [ 1589.817750] ? vfs_write+0x354/0xb10 [ 1589.818252] ? fput_many+0x2f/0x1a0 [ 1589.818742] ? ksys_write+0x1a9/0x260 [ 1589.819249] ? __ia32_sys_read+0xb0/0xb0 [ 1589.819797] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1589.820507] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1589.821193] do_syscall_64+0x33/0x40 [ 1589.821661] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1589.822317] RIP: 0033:0x7f33fff70b19 [ 1589.822794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1589.825268] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1589.826294] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1589.827257] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1589.828222] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1589.829170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1589.830061] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1589.846049] audit: type=1326 audit(1730849370.546:107): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9110 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f7aff1c7ad7 code=0x7ffc0000 23:29:30 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, 0x0, 0x0) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:29:30 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0x89, "28efa523a8558706a6569bbac6faa4910fd565183c35b0d41a3f302c238cc11e3ca2942b3fd2cbc96b0c247b119207818ee74eb48d969b6bb36766d4f7278391fdc5430d92b70015d77ca29b4603a10466f383c9e7e3278d98713ff5c94f7782e86458b514baa3d8dac8fb28375ad5d88a6837536afe0e7776d8fb140b3ab4d54b070522b3373948a7"}, &(0x7f0000000180)=0xad) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) 23:29:30 executing program 1: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001080)=ANY=[]) clock_adjtime(0x0, &(0x7f0000001340)={0x2f5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fe72e3a}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) setresuid(0xffffffffffffffff, r0, r2) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet(r4, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) setresuid(0xffffffffffffffff, r3, r5) mount$9p_rdma(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x80040, &(0x7f0000000100)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@rq={'rq', 0x3d, 0xe998}}, {@timeout={'timeout', 0x3d, 0x1000}}, {@rq={'rq', 0x3d, 0x101}}, {@timeout={'timeout', 0x3d, 0xc000}}, {@common=@access_any}], [{@fowner_gt={'fowner>', r0}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\x8e\'[-'}}, {@subj_type}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fowner_eq={'fowner', 0x3d, r3}}, {@subj_role={'subj_role', 0x3d, ':\'!{}\\]'}}, {@appraise_type}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}, {@smackfstransmute={'smackfstransmute', 0x3d, ')!,,#(#+\xab\x00'}}]}}) open(&(0x7f0000000000)='./file0\x00', 0x400080, 0x68) 23:29:31 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 23:29:31 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:29:31 executing program 0: ftruncate(0xffffffffffffffff, 0x8) r0 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000200)={0x0, "f038679de021f8c801000000000000009d1fa459d07100000000bc7ae631f7a54805ff070000000000093393d0e1c7391515c7ab7c8e0600"}, 0xffffff93, 0x0) add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffb) request_key(0x0, 0x0, &(0x7f00000006c0)='{{\x80\x00\\+\x00', 0x0) getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000004c0)={@multicast1, @broadcast}, &(0x7f0000000500)=0x8) r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$user(&(0x7f0000000a40), 0x0, &(0x7f0000000300)="a3", 0x1, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000780)='dns_resolver\x00', &(0x7f0000000740)=@chain) request_key(0x0, &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='dns_resolver\x00', r1) add_key$keyring(&(0x7f0000000340), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0xa, 0x0) r3 = add_key(&(0x7f0000000400)='user\x00', &(0x7f0000000000)={'syz', 0x1}, &(0x7f00000015c0)="04931c01473d9ba2e279ab76b7fd539903fb409bd6ad3ff89c90ba13d86bc6049785de426a8f8ccf23d4cf239237ef6af357ff95b1ade47792f8cfe923b83c3aeae552f2b405205817cfbf5bb6d03915df2fd840adcb5fd684893156407b66c8a2e38ce2495582211bdf5fc667ea872554e7f26f838954196fbc2466eaa4b2eafc5d838f8bcaa01133cbf024f0ae30a1fbd9a7791a908680e37ccc5d554eb2a34f22dba8167d0a9d6984ac00"/184, 0xb8, 0xfffffffffffffffe) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x8917, &(0x7f00000001c0)={'sit0\x00', {0x2, 0x0, @empty}}) r4 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r3) add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r4) r5 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r5, 0x891a, &(0x7f00000001c0)={'syz_tun\x00', {0x2, 0x0, @empty}}) clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1589.971438] FAULT_INJECTION: forcing a failure. [ 1589.971438] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.973018] CPU: 0 PID: 9145 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1589.973904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1589.974979] Call Trace: [ 1589.975334] dump_stack+0x107/0x167 [ 1589.975817] should_fail.cold+0x5/0xa [ 1589.976323] ? create_object.isra.0+0x3a/0xa20 [ 1589.976937] should_failslab+0x5/0x20 [ 1589.977441] kmem_cache_alloc+0x5b/0x310 [ 1589.977981] create_object.isra.0+0x3a/0xa20 [ 1589.978556] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1589.979223] __kmalloc+0x16e/0x390 [ 1589.979703] io_setup_async_msg+0xda/0x2d0 [ 1589.980265] io_recvmsg+0xc26/0xd70 [ 1589.980772] ? io_sendmsg+0x830/0x830 [ 1589.981280] ? kfree+0xd7/0x340 [ 1589.981732] ? mark_lock+0xf5/0x2df0 [ 1589.982223] ? slab_free_freelist_hook+0xa9/0x180 [ 1589.982858] ? mark_lock+0xf5/0x2df0 [ 1589.983383] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1589.984088] io_issue_sqe+0x3bd6/0x77b0 [ 1589.984626] ? perf_trace_lock+0xac/0x490 [ 1589.985196] ? io_connect+0x610/0x610 [ 1589.985704] ? __lockdep_reset_lock+0x180/0x180 [ 1589.986328] ? lock_acquire+0x197/0x470 [ 1589.986844] ? find_held_lock+0x2c/0x110 [ 1589.987389] __io_queue_sqe+0x90/0x9d0 [ 1589.987906] ? rwlock_bug.part.0+0x90/0x90 [ 1589.988471] ? io_issue_sqe+0x77b0/0x77b0 [ 1589.989027] ? do_raw_spin_unlock+0x4f/0x220 [ 1589.989605] ? _raw_spin_unlock+0x1a/0x30 [ 1589.990151] ? io_drain_req+0x603/0xb20 [ 1589.990687] io_submit_sqes+0x44aa/0x8610 [ 1589.991261] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.991918] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1589.992559] ? find_held_lock+0x2c/0x110 [ 1589.993122] ? io_submit_sqes+0x8610/0x8610 [ 1589.993707] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1589.994339] ? wait_for_completion_io+0x270/0x270 [ 1589.994979] ? rcu_read_lock_any_held+0x75/0xa0 [ 1589.995591] ? vfs_write+0x354/0xb10 [ 1589.996086] ? fput_many+0x2f/0x1a0 [ 1589.996575] ? ksys_write+0x1a9/0x260 [ 1589.997102] ? __ia32_sys_read+0xb0/0xb0 [ 1589.997633] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1589.998322] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1589.998995] do_syscall_64+0x33/0x40 [ 1589.999481] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1590.000154] RIP: 0033:0x7fa048f33b19 [ 1590.000650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1590.003053] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1590.004053] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1590.004999] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1590.005939] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1590.006867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1590.007807] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1604.983767] FAULT_INJECTION: forcing a failure. [ 1604.983767] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1604.985304] CPU: 1 PID: 9158 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1604.986157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.987191] Call Trace: [ 1604.987527] dump_stack+0x107/0x167 [ 1604.987983] should_fail.cold+0x5/0xa [ 1604.988465] _copy_from_user+0x2e/0x1b0 [ 1604.988969] __copy_msghdr_from_user+0x91/0x4b0 [ 1604.989680] ? __ia32_sys_shutdown+0x80/0x80 [ 1604.990234] ? unwind_next_frame+0x13ef/0x1a90 [ 1604.990804] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1604.991464] ? 0xffffffffa0000000 [ 1604.991904] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1604.992463] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1604.993129] ? create_prof_cpu_mask+0x20/0x20 [ 1604.993825] ? arch_stack_walk+0x99/0xf0 [ 1604.994347] io_recvmsg+0xae8/0xd70 [ 1604.994804] ? kfree+0xd7/0x340 [ 1604.995221] ? lock_chain_count+0x20/0x20 [ 1604.995738] ? io_sendmsg+0x830/0x830 [ 1604.996214] ? kfree+0xd7/0x340 [ 1604.996628] ? mark_lock+0xf5/0x2df0 [ 1604.997094] ? slab_free_freelist_hook+0xa9/0x180 [ 1604.997865] ? mark_lock+0xf5/0x2df0 [ 1604.998362] ? lock_chain_count+0x20/0x20 [ 1604.998918] ? lock_chain_count+0x20/0x20 [ 1604.999472] ? __lock_acquire+0xbb1/0x5b00 [ 1605.000052] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1605.000762] io_issue_sqe+0x3bd6/0x77b0 [ 1605.001376] ? perf_trace_lock+0xac/0x490 [ 1605.001929] ? io_connect+0x610/0x610 [ 1605.002444] ? __lockdep_reset_lock+0x180/0x180 [ 1605.003079] ? lock_acquire+0x197/0x470 [ 1605.003432] FAULT_INJECTION: forcing a failure. [ 1605.003432] name failslab, interval 1, probability 0, space 0, times 0 [ 1605.003607] ? find_held_lock+0x2c/0x110 [ 1605.005746] __io_queue_sqe+0x90/0x9d0 [ 1605.006735] ? rwlock_bug.part.0+0x90/0x90 [ 1605.007810] ? io_issue_sqe+0x77b0/0x77b0 [ 1605.008842] ? do_raw_spin_unlock+0x4f/0x220 [ 1605.009999] ? _raw_spin_unlock+0x1a/0x30 [ 1605.011050] ? io_drain_req+0x603/0xb20 [ 1605.012069] io_submit_sqes+0x44aa/0x8610 [ 1605.013125] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.014285] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.014891] ? find_held_lock+0x2c/0x110 [ 1605.015415] ? io_submit_sqes+0x8610/0x8610 [ 1605.015968] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1605.016580] ? wait_for_completion_io+0x270/0x270 [ 1605.017196] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.017850] ? vfs_write+0x354/0xb10 [ 1605.018318] ? fput_many+0x2f/0x1a0 [ 1605.018774] ? ksys_write+0x1a9/0x260 [ 1605.019256] ? __ia32_sys_read+0xb0/0xb0 [ 1605.019769] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1605.020422] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.021068] do_syscall_64+0x33/0x40 [ 1605.021958] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.023266] RIP: 0033:0x7f33fff70b19 [ 1605.024210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.028969] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1605.030073] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1605.030969] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1605.031869] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1605.032766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.033726] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1605.034647] CPU: 0 PID: 9161 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1605.035521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.036585] Call Trace: [ 1605.036932] dump_stack+0x107/0x167 [ 1605.041458] should_fail.cold+0x5/0xa [ 1605.042034] should_failslab+0x5/0x20 [ 1605.042631] kmem_cache_alloc_bulk+0x4b/0x320 [ 1605.043327] io_submit_sqes+0x6fe6/0x8610 [ 1605.043996] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.044765] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.045521] ? find_held_lock+0x2c/0x110 [ 1605.046058] ? io_submit_sqes+0x8610/0x8610 [ 1605.046367] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1605.046612] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1605.048328] ? wait_for_completion_io+0x270/0x270 [ 1605.049030] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.049767] ? vfs_write+0x354/0xb10 [ 1605.050299] ? fput_many+0x2f/0x1a0 [ 1605.050829] ? ksys_write+0x1a9/0x260 [ 1605.051340] ? __ia32_sys_read+0xb0/0xb0 [ 1605.051867] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1605.052602] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.053538] do_syscall_64+0x33/0x40 [ 1605.054672] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.056172] RIP: 0033:0x7fa048f33b19 [ 1605.057185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.059627] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1605.060621] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1605.061619] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1605.062548] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1605.063503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.064431] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:29:46 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) 23:29:46 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c65"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:29:46 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) 23:29:46 executing program 4: syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00') ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(0x0, &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r3 = fcntl$dupfd(r2, 0x0, r2) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x5e, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4a}, 0xb610, 0x0, 0x7, 0x0, 0x8000000b7a, 0x1000000, 0x0, 0x0, 0xfffffc01}, 0xffffffffffffffff, 0x5, r3, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(r2, 0x80189439, &(0x7f00000001c0)) add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000200)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r2, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xffffffffffffff94, 0x0}}], 0x200002dc) r4 = add_key(&(0x7f0000000280)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="fa", 0x1, 0xfffffffffffffffe) keyctl$chown(0x4, r4, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x9, 0x3f, 0x7, 0x57, 0x0, 0x0, 0x16a43, 0x8, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x1000, 0xb87}, 0x10, 0x5, 0x100, 0x9, 0x3, 0x2, 0x3, 0x0, 0xc56, 0x0, 0x100}, 0x0, 0x6, 0xffffffffffffffff, 0x8) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd_index, 0x0, 0x0, 0x0, {0x2040}, 0x1}, 0x8) 23:29:46 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 12) 23:29:46 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x14, 0x4, 0x1, 0x801, 0x0, 0x0, {0xa, 0x0, 0x7}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x30008001}, 0x10) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0), 0x2}, 0x0, 0x0, 0x40000000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x142613c1}, 0x0, 0xffffffffffffffff, r0, 0x0) perf_event_open(&(0x7f0000000a00)={0x3, 0x80, 0x70, 0x0, 0x20, 0x0, 0x0, 0xe9a, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') readv(r0, &(0x7f0000000280)=[{&(0x7f0000001e00)=""/4098, 0x1002}], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40086607, &(0x7f0000000080)) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/suspend_stats', 0x11b800, 0x40) pread64(r3, &(0x7f0000000180)=""/112, 0x70, 0x4) r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) read(r4, &(0x7f0000000380)=""/254, 0xfe) fcntl$setlease(r1, 0x400, 0x0) request_key(&(0x7f0000000140)='dns_resolver\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)='\x00', 0x0) 23:29:46 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:29:46 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c01000010000100000000000000000000000000b14e42640000000000ac1414bb00000000000000000000000000000000007e00"/61, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="e00000010000000000000000000000000000000033000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004c0014007368613235360000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000000"], 0x13c}}, 0x0) 23:29:47 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)=0x1000) socket$inet6_udplite(0xa, 0x2, 0x88) creat(&(0x7f0000000040)='./file0\x00', 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) r1 = fsopen(&(0x7f00000006c0)='autofs\x00', 0x0) r2 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, 0x0, 0x0, r2) fsconfig$FSCONFIG_SET_FD(r1, 0x6, 0x0, 0x0, 0xffffffffffffffff) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(0xffffffffffffffff, r3, 0x0) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x80, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r4) 23:29:47 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1605.290715] FAULT_INJECTION: forcing a failure. [ 1605.290715] name failslab, interval 1, probability 0, space 0, times 0 [ 1605.292204] CPU: 0 PID: 9162 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1605.293033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.294057] Call Trace: [ 1605.294384] dump_stack+0x107/0x167 [ 1605.294827] should_fail.cold+0x5/0xa [ 1605.295295] ? create_object.isra.0+0x3a/0xa20 [ 1605.295853] should_failslab+0x5/0x20 [ 1605.296318] kmem_cache_alloc+0x5b/0x310 [ 1605.296821] create_object.isra.0+0x3a/0xa20 [ 1605.297384] kmemleak_alloc_percpu+0xa0/0x100 [ 1605.298177] pcpu_alloc+0x4e2/0x1240 [ 1605.299088] cgroup_rstat_init+0x14f/0x1f0 [ 1605.300112] cgroup_mkdir+0x709/0xf50 [ 1605.301022] ? cgroup_destroy_locked+0x710/0x710 [ 1605.301743] kernfs_iop_mkdir+0x14d/0x1e0 [ 1605.302251] vfs_mkdir+0x493/0x750 [ 1605.302694] do_mkdirat+0x150/0x2b0 [ 1605.303140] ? user_path_create+0xf0/0xf0 [ 1605.303652] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1605.304288] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.304916] do_syscall_64+0x33/0x40 [ 1605.305427] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.306054] RIP: 0033:0x7f3666038b19 [ 1605.306510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.308748] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1605.309720] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1605.310584] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1605.311446] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1605.312306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.313168] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:29:47 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) 23:29:47 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) [ 1605.438628] FAULT_INJECTION: forcing a failure. [ 1605.438628] name failslab, interval 1, probability 0, space 0, times 0 [ 1605.440187] CPU: 0 PID: 9179 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1605.441026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.446054] Call Trace: [ 1605.446380] dump_stack+0x107/0x167 [ 1605.446826] should_fail.cold+0x5/0xa [ 1605.447291] ? io_setup_async_msg+0xda/0x2d0 [ 1605.447833] should_failslab+0x5/0x20 [ 1605.448299] __kmalloc+0x72/0x390 [ 1605.448725] io_setup_async_msg+0xda/0x2d0 [ 1605.449249] io_recvmsg+0xc26/0xd70 [ 1605.449698] ? io_sendmsg+0x830/0x830 [ 1605.450164] ? kfree+0xd7/0x340 [ 1605.450574] ? mark_lock+0xf5/0x2df0 [ 1605.451028] ? slab_free_freelist_hook+0xa9/0x180 [ 1605.451616] ? mark_lock+0xf5/0x2df0 [ 1605.452092] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1605.452740] io_issue_sqe+0x3bd6/0x77b0 [ 1605.453244] ? perf_trace_lock+0xac/0x490 [ 1605.453758] ? io_connect+0x610/0x610 [ 1605.454224] ? __lockdep_reset_lock+0x180/0x180 [ 1605.454797] ? lock_acquire+0x197/0x470 [ 1605.455286] ? find_held_lock+0x2c/0x110 [ 1605.455789] __io_queue_sqe+0x90/0x9d0 [ 1605.456264] ? rwlock_bug.part.0+0x90/0x90 [ 1605.456781] ? io_issue_sqe+0x77b0/0x77b0 [ 1605.457294] ? do_raw_spin_unlock+0x4f/0x220 [ 1605.457837] ? _raw_spin_unlock+0x1a/0x30 [ 1605.458347] ? io_drain_req+0x603/0xb20 [ 1605.458845] io_submit_sqes+0x44aa/0x8610 [ 1605.459386] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.459998] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.460595] ? find_held_lock+0x2c/0x110 [ 1605.461098] ? io_submit_sqes+0x8610/0x8610 [ 1605.465661] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1605.466254] ? wait_for_completion_io+0x270/0x270 [ 1605.466845] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.467413] ? vfs_write+0x354/0xb10 [ 1605.467868] ? fput_many+0x2f/0x1a0 [ 1605.468313] ? ksys_write+0x1a9/0x260 [ 1605.468778] ? __ia32_sys_read+0xb0/0xb0 [ 1605.469297] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1605.469946] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.470573] do_syscall_64+0x33/0x40 [ 1605.471032] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.471653] RIP: 0033:0x7f33fff70b19 [ 1605.472111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.474374] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1605.475302] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1605.476168] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1605.477041] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1605.477928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.478793] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:29:47 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 13) [ 1605.496510] FAULT_INJECTION: forcing a failure. [ 1605.496510] name failslab, interval 1, probability 0, space 0, times 0 [ 1605.497951] CPU: 1 PID: 9181 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1605.498796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.499833] Call Trace: [ 1605.500168] dump_stack+0x107/0x167 [ 1605.500624] should_fail.cold+0x5/0xa [ 1605.501102] ? create_object.isra.0+0x3a/0xa20 [ 1605.501685] should_failslab+0x5/0x20 [ 1605.502161] kmem_cache_alloc+0x5b/0x310 [ 1605.502671] create_object.isra.0+0x3a/0xa20 [ 1605.503216] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1605.503857] kmem_cache_alloc_bulk+0x168/0x320 [ 1605.504437] io_submit_sqes+0x6fe6/0x8610 [ 1605.504981] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.509624] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1605.510231] ? find_held_lock+0x2c/0x110 [ 1605.510741] ? io_submit_sqes+0x8610/0x8610 [ 1605.511286] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1605.511890] ? wait_for_completion_io+0x270/0x270 [ 1605.512497] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.513074] ? vfs_write+0x354/0xb10 [ 1605.513554] ? fput_many+0x2f/0x1a0 [ 1605.514009] ? ksys_write+0x1a9/0x260 [ 1605.514484] ? __ia32_sys_read+0xb0/0xb0 [ 1605.514997] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1605.515648] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.516292] do_syscall_64+0x33/0x40 [ 1605.516755] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.521417] RIP: 0033:0x7fa048f33b19 [ 1605.521882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.524188] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1605.525134] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1605.526038] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1605.526925] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1605.527812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.528704] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1605.558218] FAULT_INJECTION: forcing a failure. [ 1605.558218] name failslab, interval 1, probability 0, space 0, times 0 [ 1605.559689] CPU: 0 PID: 9183 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1605.560520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.561537] Call Trace: [ 1605.561863] dump_stack+0x107/0x167 [ 1605.562312] should_fail.cold+0x5/0xa [ 1605.562779] ? create_object.isra.0+0x3a/0xa20 [ 1605.563339] should_failslab+0x5/0x20 [ 1605.563805] kmem_cache_alloc+0x5b/0x310 [ 1605.564302] ? mark_held_locks+0x9e/0xe0 [ 1605.564801] create_object.isra.0+0x3a/0xa20 [ 1605.569375] kmemleak_alloc_percpu+0xa0/0x100 [ 1605.569972] pcpu_alloc+0x4e2/0x1240 [ 1605.570480] cgroup_rstat_init+0x14f/0x1f0 [ 1605.571076] cgroup_mkdir+0x709/0xf50 [ 1605.571601] ? cgroup_destroy_locked+0x710/0x710 [ 1605.572238] kernfs_iop_mkdir+0x14d/0x1e0 [ 1605.572813] vfs_mkdir+0x493/0x750 [ 1605.573309] do_mkdirat+0x150/0x2b0 [ 1605.573782] ? user_path_create+0xf0/0xf0 [ 1605.574321] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1605.574996] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.575663] do_syscall_64+0x33/0x40 [ 1605.576143] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.576801] RIP: 0033:0x7f3666038b19 [ 1605.577291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.579659] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1605.580641] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1605.581557] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1605.582427] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1605.583303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.584185] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:30:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) [ 1621.208780] FAULT_INJECTION: forcing a failure. [ 1621.208780] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.210380] CPU: 1 PID: 9190 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1621.210735] FAULT_INJECTION: forcing a failure. [ 1621.210735] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.211240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.211246] Call Trace: [ 1621.211265] dump_stack+0x107/0x167 [ 1621.211282] should_fail.cold+0x5/0xa [ 1621.214956] ? create_object.isra.0+0x3a/0xa20 [ 1621.215535] should_failslab+0x5/0x20 [ 1621.216016] kmem_cache_alloc+0x5b/0x310 [ 1621.216528] ? mark_held_locks+0x9e/0xe0 [ 1621.217044] create_object.isra.0+0x3a/0xa20 [ 1621.217594] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.218259] kmem_cache_alloc_bulk+0x168/0x320 [ 1621.218840] io_submit_sqes+0x6fe6/0x8610 [ 1621.219385] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.220013] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.220622] ? find_held_lock+0x2c/0x110 [ 1621.221138] ? io_submit_sqes+0x8610/0x8610 [ 1621.221688] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1621.222313] ? wait_for_completion_io+0x270/0x270 [ 1621.222923] ? rcu_read_lock_any_held+0x75/0xa0 [ 1621.223505] ? vfs_write+0x354/0xb10 [ 1621.223976] ? fput_many+0x2f/0x1a0 [ 1621.224436] ? ksys_write+0x1a9/0x260 [ 1621.224916] ? __ia32_sys_read+0xb0/0xb0 [ 1621.225429] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.226114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1621.226764] do_syscall_64+0x33/0x40 [ 1621.227232] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.227874] RIP: 0033:0x7fa048f33b19 [ 1621.228343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.230666] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1621.231622] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1621.232523] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1621.233420] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.234331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.235225] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1621.236147] CPU: 0 PID: 9203 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1621.236993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.238026] Call Trace: [ 1621.238353] dump_stack+0x107/0x167 [ 1621.238799] should_fail.cold+0x5/0xa [ 1621.239267] ? create_object.isra.0+0x3a/0xa20 [ 1621.239827] should_failslab+0x5/0x20 [ 1621.240292] kmem_cache_alloc+0x5b/0x310 [ 1621.240791] create_object.isra.0+0x3a/0xa20 [ 1621.241324] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.241967] __kmalloc+0x16e/0x390 [ 1621.242408] io_setup_async_msg+0xda/0x2d0 [ 1621.242926] io_recvmsg+0xc26/0xd70 [ 1621.243374] ? io_sendmsg+0x830/0x830 [ 1621.243839] ? kfree+0xd7/0x340 [ 1621.244249] ? mark_lock+0xf5/0x2df0 [ 1621.244702] ? slab_free_freelist_hook+0xa9/0x180 [ 1621.245290] ? mark_lock+0xf5/0x2df0 [ 1621.245766] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1621.246437] io_issue_sqe+0x3bd6/0x77b0 [ 1621.246932] ? perf_trace_lock+0xac/0x490 [ 1621.247438] ? io_connect+0x610/0x610 [ 1621.247903] ? __lockdep_reset_lock+0x180/0x180 [ 1621.248475] ? lock_acquire+0x197/0x470 [ 1621.248959] ? find_held_lock+0x2c/0x110 [ 1621.249462] __io_queue_sqe+0x90/0x9d0 [ 1621.249960] ? rwlock_bug.part.0+0x90/0x90 [ 1621.250477] ? io_issue_sqe+0x77b0/0x77b0 [ 1621.250982] ? do_raw_spin_unlock+0x4f/0x220 [ 1621.251518] ? _raw_spin_unlock+0x1a/0x30 [ 1621.252022] ? io_drain_req+0x603/0xb20 [ 1621.252511] io_submit_sqes+0x44aa/0x8610 [ 1621.253039] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.253643] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.254249] ? find_held_lock+0x2c/0x110 [ 1621.254747] ? io_submit_sqes+0x8610/0x8610 [ 1621.255280] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1621.255869] ? wait_for_completion_io+0x270/0x270 [ 1621.256459] ? rcu_read_lock_any_held+0x75/0xa0 [ 1621.257024] ? vfs_write+0x354/0xb10 [ 1621.257478] ? fput_many+0x2f/0x1a0 [ 1621.257946] ? ksys_write+0x1a9/0x260 [ 1621.258411] ? __ia32_sys_read+0xb0/0xb0 [ 1621.258908] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.259544] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1621.260173] do_syscall_64+0x33/0x40 [ 1621.260625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.261247] RIP: 0033:0x7f33fff70b19 [ 1621.261700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.263945] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1621.264871] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1621.265735] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1621.266622] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.267486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.268350] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1621.296683] FAULT_INJECTION: forcing a failure. [ 1621.296683] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.298266] CPU: 0 PID: 9199 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1621.299115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.300189] Call Trace: [ 1621.300534] dump_stack+0x107/0x167 [ 1621.301007] should_fail.cold+0x5/0xa [ 1621.301511] should_failslab+0x5/0x20 [ 1621.302000] __kmalloc_track_caller+0x79/0x370 [ 1621.302558] ? kstrdup_const+0x53/0x80 [ 1621.303033] ? find_held_lock+0x2c/0x110 [ 1621.303537] kstrdup+0x36/0x70 [ 1621.303933] kstrdup_const+0x53/0x80 [ 1621.304391] __kernfs_new_node+0x9d/0x860 [ 1621.304897] ? mark_held_locks+0x9e/0xe0 [ 1621.305397] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1621.306003] ? cpumask_next+0x1f/0x30 [ 1621.306477] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1621.307051] ? pcpu_alloc+0x12a/0x1240 [ 1621.307535] kernfs_new_node+0x18d/0x250 [ 1621.308037] kernfs_create_dir_ns+0x49/0x160 [ 1621.308580] cgroup_mkdir+0x318/0xf50 [ 1621.309051] ? cgroup_destroy_locked+0x710/0x710 [ 1621.309637] kernfs_iop_mkdir+0x14d/0x1e0 [ 1621.310176] vfs_mkdir+0x493/0x750 [ 1621.310614] do_mkdirat+0x150/0x2b0 [ 1621.311062] ? user_path_create+0xf0/0xf0 [ 1621.311575] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.312214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1621.312846] do_syscall_64+0x33/0x40 [ 1621.313302] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.313944] RIP: 0033:0x7f3666038b19 [ 1621.314402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.316643] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1621.317573] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1621.318457] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1621.319326] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.320194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.321064] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:30:03 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:03 executing program 0: ioctl$SNDRV_TIMER_IOCTL_TREAD(0xffffffffffffffff, 0x40045402, &(0x7f0000000880)) 23:30:03 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x46e2, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r2, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000000, 0x50, r2, 0x8000000) creat(&(0x7f0000000040)='./file0\x00', 0x0) r4 = socket$inet(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @loopback}, 0x10) syz_open_dev$hiddev(&(0x7f0000000180), 0xb20000000000, 0x402) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfe1c) syz_io_uring_complete(r1) fork() ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 23:30:03 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 14) 23:30:03 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) 23:30:03 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c65"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:30:03 executing program 4: r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) socket$inet_udp(0x2, 0x2, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(r3, r2, 0x0) syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0xfffffffe, 0x0, 0x0, 0x1d9}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000), &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x0, 0x8080, 0x1}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_setup(0x5606, &(0x7f0000000040)={0x0, 0xef33, 0x0, 0x3, 0x256, 0x0, r3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000000c0), 0x0) openat(r3, &(0x7f0000000000)='./file1/file0\x00', 0x141e40, 0x182) pipe(&(0x7f00000001c0)) 23:30:03 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write$binfmt_script(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='Bh=\n'], 0xb8) close(r1) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505331, &(0x7f0000000100)={{0x0, 0x8}}) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r4 = socket$inet(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd_index=0xa, 0xfffffffffffffffc, {0x0, r1}, 0x6, 0x9, 0x1, {0x0, r3, r4}}, 0x7) 23:30:03 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:03 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) 23:30:03 executing program 0: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x8a020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={&(0x7f0000000140)}, 0x3a20, 0x0, 0x0, 0x4, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000080)=0x90, 0x4) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x1, 0x2, 0x7f, 0x0, 0xfffffffffffffffb, 0x60496, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0xe3, 0x1}, 0x20000, 0x0, 0x0, 0x9, 0x400, 0xb4, 0x8, 0x0, 0x100, 0x0, 0x200}, r1, 0x4, r0, 0xb) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x1a18c1, 0x0) open_tree(r3, &(0x7f00000001c0)='./file0\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000180)=ANY=[], 0xfec4) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f0000000100)=0xfffffffc, 0x4) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0x0, r4, 0x0, 0xfffffffffffffffd}) getsockopt$inet6_tcp_int(r4, 0x6, 0x12, &(0x7f0000000200), &(0x7f0000000180)=0x4) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) 23:30:03 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) r2 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(r2, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x157) r3 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001800210c0040000000000000020000000800fe00000000000c0008f79fd99ab7fad8c043"], 0x28}}, 0x0) ioctl$LOOP_SET_FD(r5, 0x4c00, 0xffffffffffffffff) fstatfs(r3, &(0x7f00000002c0)=""/176) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r2, 0x4008941a, &(0x7f0000000000)) creat(&(0x7f0000000040)='\x00', 0x0) getsockname(r3, &(0x7f0000000200)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f0000000380)=0x80) 23:30:03 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 15) [ 1621.545553] FAULT_INJECTION: forcing a failure. [ 1621.545553] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.547174] CPU: 1 PID: 9228 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1621.548034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.554401] Call Trace: [ 1621.554768] dump_stack+0x107/0x167 [ 1621.555224] should_fail.cold+0x5/0xa [ 1621.555700] ? create_object.isra.0+0x3a/0xa20 [ 1621.556269] should_failslab+0x5/0x20 [ 1621.556777] kmem_cache_alloc+0x5b/0x310 [ 1621.557300] create_object.isra.0+0x3a/0xa20 [ 1621.557891] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.558529] __kmalloc_track_caller+0x177/0x370 [ 1621.559106] ? kstrdup_const+0x53/0x80 [ 1621.559593] ? find_held_lock+0x2c/0x110 [ 1621.560154] kstrdup+0x36/0x70 [ 1621.560565] kstrdup_const+0x53/0x80 [ 1621.561058] __kernfs_new_node+0x9d/0x860 [ 1621.561575] ? mark_held_locks+0x9e/0xe0 [ 1621.562105] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1621.562701] ? cpumask_next+0x1f/0x30 [ 1621.563181] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1621.563764] ? pcpu_alloc+0x12a/0x1240 [ 1621.564260] kernfs_new_node+0x18d/0x250 [ 1621.564771] kernfs_create_dir_ns+0x49/0x160 [ 1621.565326] cgroup_mkdir+0x318/0xf50 [ 1621.565816] ? cgroup_destroy_locked+0x710/0x710 [ 1621.566447] kernfs_iop_mkdir+0x14d/0x1e0 [ 1621.567001] vfs_mkdir+0x493/0x750 [ 1621.567446] do_mkdirat+0x150/0x2b0 [ 1621.567904] ? user_path_create+0xf0/0xf0 [ 1621.568426] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.569091] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1621.569742] do_syscall_64+0x33/0x40 [ 1621.570230] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.570870] RIP: 0033:0x7f3666038b19 [ 1621.571338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.573719] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1621.574704] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1621.575634] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1621.576527] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.577422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.578339] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:30:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) 23:30:03 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1621.615275] FAULT_INJECTION: forcing a failure. [ 1621.615275] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1621.616830] CPU: 0 PID: 9229 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1621.617661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.618695] Call Trace: [ 1621.619072] dump_stack+0x107/0x167 [ 1621.619522] should_fail.cold+0x5/0xa [ 1621.619998] _copy_from_user+0x2e/0x1b0 [ 1621.620487] __copy_msghdr_from_user+0x91/0x4b0 [ 1621.621057] ? __ia32_sys_shutdown+0x80/0x80 [ 1621.621598] ? unwind_next_frame+0x13ef/0x1a90 [ 1621.626188] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.626833] ? 0xffffffffa0000000 [ 1621.627260] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 1621.627804] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 1621.628450] ? create_prof_cpu_mask+0x20/0x20 [ 1621.628999] ? arch_stack_walk+0x99/0xf0 [ 1621.629501] io_recvmsg+0xae8/0xd70 [ 1621.629969] ? kfree+0xd7/0x340 [ 1621.630377] ? lock_chain_count+0x20/0x20 [ 1621.630881] ? io_sendmsg+0x830/0x830 [ 1621.631346] ? kfree+0xd7/0x340 [ 1621.631752] ? mark_lock+0xf5/0x2df0 [ 1621.632206] ? slab_free_freelist_hook+0xa9/0x180 [ 1621.632791] ? mark_lock+0xf5/0x2df0 [ 1621.633247] ? lock_chain_count+0x20/0x20 [ 1621.633753] ? lock_chain_count+0x20/0x20 [ 1621.634276] ? __lock_acquire+0xbb1/0x5b00 [ 1621.634804] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1621.635452] io_issue_sqe+0x3bd6/0x77b0 [ 1621.635946] ? perf_trace_lock+0xac/0x490 [ 1621.636450] ? io_connect+0x610/0x610 [ 1621.636916] ? __lockdep_reset_lock+0x180/0x180 [ 1621.637487] ? lock_acquire+0x197/0x470 [ 1621.637989] ? find_held_lock+0x2c/0x110 [ 1621.638493] __io_queue_sqe+0x90/0x9d0 [ 1621.638967] ? rwlock_bug.part.0+0x90/0x90 [ 1621.639485] ? io_issue_sqe+0x77b0/0x77b0 [ 1621.639995] ? do_raw_spin_unlock+0x4f/0x220 [ 1621.640530] ? _raw_spin_unlock+0x1a/0x30 [ 1621.641034] ? io_drain_req+0x603/0xb20 [ 1621.641523] io_submit_sqes+0x44aa/0x8610 [ 1621.641779] FAULT_INJECTION: forcing a failure. [ 1621.641779] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.642077] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.644073] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.644661] ? find_held_lock+0x2c/0x110 [ 1621.645158] ? io_submit_sqes+0x8610/0x8610 [ 1621.645689] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1621.646294] ? wait_for_completion_io+0x270/0x270 [ 1621.646882] ? rcu_read_lock_any_held+0x75/0xa0 [ 1621.647447] ? vfs_write+0x354/0xb10 [ 1621.647902] ? fput_many+0x2f/0x1a0 [ 1621.648345] ? ksys_write+0x1a9/0x260 [ 1621.648808] ? __ia32_sys_read+0xb0/0xb0 [ 1621.649304] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.649951] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1621.650580] do_syscall_64+0x33/0x40 [ 1621.651032] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.651654] RIP: 0033:0x7f33fff70b19 [ 1621.652108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.654355] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1621.655279] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1621.656144] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1621.657010] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.657897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.658767] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1621.659656] CPU: 1 PID: 9234 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1621.660521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.661549] Call Trace: [ 1621.661906] dump_stack+0x107/0x167 [ 1621.662369] should_fail.cold+0x5/0xa [ 1621.662846] ? create_object.isra.0+0x3a/0xa20 [ 1621.663415] should_failslab+0x5/0x20 [ 1621.663889] kmem_cache_alloc+0x5b/0x310 [ 1621.664396] ? mark_held_locks+0x9e/0xe0 [ 1621.664902] create_object.isra.0+0x3a/0xa20 [ 1621.665445] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1621.666096] kmem_cache_alloc_bulk+0x168/0x320 [ 1621.666669] io_submit_sqes+0x6fe6/0x8610 [ 1621.667204] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.667820] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1621.668419] ? find_held_lock+0x2c/0x110 [ 1621.668926] ? io_submit_sqes+0x8610/0x8610 [ 1621.669468] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1621.670080] ? wait_for_completion_io+0x270/0x270 [ 1621.670681] ? rcu_read_lock_any_held+0x75/0xa0 [ 1621.671255] ? vfs_write+0x354/0xb10 [ 1621.671716] ? fput_many+0x2f/0x1a0 [ 1621.672169] ? ksys_write+0x1a9/0x260 [ 1621.672640] ? __ia32_sys_read+0xb0/0xb0 [ 1621.673147] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1621.673795] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1621.674443] do_syscall_64+0x33/0x40 [ 1621.674908] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1621.675541] RIP: 0033:0x7fa048f33b19 [ 1621.676003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.678297] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1621.679239] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1621.680120] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1621.681000] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.681897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.682781] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:30:18 executing program 4: r0 = syz_mount_image$iso9660(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0xfffffffffffffffd, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040), 0x0, 0x8001}], 0x10000, &(0x7f0000000040)={[], [{@subj_type={'subj_type', 0x3d, '~ont_appraise'}}, {@subj_type={'subj_type', 0x3d, '\x00{\xd1'}}]}) r1 = getuid() openat(r0, &(0x7f0000000300)='./file0\x00', 0x402, 0x20) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x9, &(0x7f00000015c0)=[{&(0x7f0000000100)="c739a6ae345c8eeb3dbde71892369eb380079b3e639fbb37c01e61e08b65af0a5b0f41181c0acff5f8650c8ed1dcf5e7ab7926f924f8cf6207680048843f1f18e792dec1668c4d88d6d35b2b91a69457ba8c1254971b21718b82d3c8d9ed75c5ffd7c942fc2e78e1bb219bc41b155bdfc115852458e92e639a631b543bd1ffa00b89c4191db56181baceb579aa067d9c1abc618f4fc87f22ec7b25183a3e77132e83a3fcf3559b6c45ed79fb8f829825340d55dced4446c931f7476749930b18a566b1c6619161d1c494e010d1ba993fc6cba30815d78f564259d312dd57226d1ce8004a035b5d84f1bd523c8f6b87e97930a73cb7", 0xf5, 0xfffffffffffffffb}, {&(0x7f0000000200)="fbdaf1f3430a0d2a1fb3523f6fae7a34190c0da10aaf0cbc74aa93fc3c78d70c2562af41a8c648436e65e433f88c0ed8f459504d6e8b089a9d9d339d59e2835959c735acbecbfcccce6bdd49a473fcf7bb6cdd49b9da8b4a4ef022109f4feb5efcb1561bba745e10172e54d5ef48eed8b936656c9f7674335260a0184c581268b948d5cd13c55fece2d09806730bdd6e1e975d534eacd36c2b190014eb4e5b721fdf07e2d652e6eb1d6fcb3b9798bb393e136dd5b4b356004f3242b5dc07e570398ffedf1a9587a5904a3cad481dee0c29b8d6c075a69a83f43129e090450a28f89f134d210b586dd839f0f09c649035", 0xf0, 0x5}, {&(0x7f00000017c0), 0x0, 0x7fff}, {&(0x7f0000000340)="b3ea67320d7bc554fa0857e1c107a21ae07b51db120905c0a86ddfe22c38420d347c2a0be6af8023ba4d3760a2a2", 0x2e, 0x5}, {&(0x7f0000000380)="4b1296995c11413ded66790daa29a3", 0xf, 0x62b2}, {&(0x7f0000000440)="57d45da51cfd77bc4af936a03d3d4c9af2bff5138c7d166976870cd73aa3d6ee9fdf044d947f593095d13590346055f8f933c9787e89a946692cb86c2eea294df913326ecff20c95c2f44ad1e08bb22bf656b1761fb9dbf95b43ff752ca691e2b22dabf25b79f27457769f439314840e813915", 0x73, 0x4de}, {&(0x7f00000004c0)="d0f262c4314f14223804c3eb3ff36690e91a1c8e18b27cf0dd2b081b3ec2e7a28a96c3a643b500a29de98a7b59535e082bdadca464746ec99a531b063ba0c834294f94cc62c040431f52c28f85f150bf2a5412bac0462c183ca36bd7843c4df0b3e7d182d3001f3320be3ed6661421493df9c53919cfefac196ba8978857af4dd1a9744ff23e51665bac76fafdc9b71790b6326f31c651e8270aa1dcfd4b760febb880b4fecc961d3b89d2dd211b0813b27ae313018e45f55bc79c9efbb56988c16e2ded528317e6099243e3066055c6106d82a7c149df2d9aeed8632ed194755388aae66233fa30f94525484b6510147c91f0df6483c6acd0d8028b86cb7532dc035cc8b89e827b2646167f985b891a5fe35a1c0c071c28e898f1a5bcd8fad99cc7883a267505cb9cb19833353fd6d3f1e509e2864a97d6f583d5a7eb258ef5a0e6141ab7d149227df1536a387d56a53c0ebfce5c61a05ad8a7f752dac29f99dc18613b739607a2bed6276009ae1cde35be10ca21e64d413e782b170f5604bdaece2fb604e677ec2cb3605ce6c1f17b4978d7283a59705fe22001710355aa781e32d012ea82a163f22ccb4949dd2ea3472ec5b53029d87ccdbbad8d2b597babb67e77c90263a455416e5e36fb0df7a77627e83a977c2727dbb2ca3cc7a0ca660884c457046766dda45738d19ace0fd1c1ee7a6adb76bf784662bcad5423a0b3eb6a30cfe3b1184605006ed4c116ffd687d5fd8f91301c0b256cb0423705897344addd6e4f7bd70e347d5be5f08db8868cc7bddfec9d95bfa6950cdb33aa6c7d64d497368e78a611c96adb4c472eb9a37aaf684d2f94811b05aa290edb068427979fd2f11d7184d95f9b923746405288b3f9a77aeef086e4cec6f26622f051a674f964537f2189ea2ac9f4856a6e5e30988a72942b72af123f47ba9cfdaff51bcade453ae97b9d90b1a4b087625314d4cd31ed9059179ade075e03508597cde18a18b099b5505cf83a0c9213a14ca3b9a57bb89199f110bec0ea05e68eaa5ac950eb77db79e9e282d452adc8057eb75b1c3bf3f61d55508ee74633361d10ddfa8a42a378377193fa02193fdec85d37522ece7e325e29a7730da29f6a892a9fc045b4c24f13a917269d6850b7a28dcc9ae1c7549fb82ea871fd0de189b785020c0e37ad2012e6cd8e04ccde584143bee80e55b3fbba552576eaccf56117bc6095a7d67720ecb20fa7621b29c26a6421e40af2bbdff939996d7250414e0f401aee4f3c34cdeff4bb239567fa27a5f9c3428b7edbeb9d17f87e6e0070dfaaf964ff17aca42a6575952d0393b2f219535431298aaca19b8ad57537a9f68a4902ecf1ed2f6d602760b959b52fbe0dfea27503a09ae3d28003919b716623a16aa6095188d532bc7710dd3d722146eca78026a4412814b134ea49c5a3d5c3b01eaff7d68eed4edd78bfb942bbb3907c134cb324294ff7d4a20fee61b6afa66a374408edd1a6988095027fe8e26bd89b7781d115e82def5acc3ad1f2d868a517576df3d41ea61e59061f0c4dc936df7b57c657c4fb89a28896d25e14f1c179327be1f7aa533f2597add39b2a7758a0b7771793e86ba466095108bd3513125e60c8f4d86691e8610a5bd048ceeacd3532dcc7c7a7b60d1b206a85b362b8a2432ed11276281623b56a644328c1e8494db80d639ddeae7ffad4bee7909ad72da28df99e7becd1fc7cc91320643511cae03ccb9b8aa0ea94a95b50ae45881fa895e0fd5048eafc05ed62f309eebc6465eb8e10c8d6a1dcfa695e2f27221d842cbd449b9d9bf0828762fd2cd27afb69545c25043284c5087c7ea8f4139ec1a0bf031513e12d3e3dd9e9ad24ff07296d48c348b7dbfdae6989373172a6c13fd3e8516645d24a22015f086944afbda5448631ab960fc91010119c3caf57adf493fc6cfd8b35c0e1079e01d9fa2acd602d319f4190b2342578d27183c15447a8cc17c329e116d8d89d2ef47ab2682f5b9e64ca00ee948eb92de6871a39044246dbcc56ecb7ded4d5de632e2e063813b82e97fa847190fa857eca1e70bf89ba128ddeaa64756ef945b5259fe686ce8ff3b500ef0cf21b8385df8cdc7503ad8dd6855319ef7de58adadc1e6299500cd1daf01acf3bdac192d468d8f08b79eb885cbdd544958874c7ed4e8025cfd3c55526b1361fd797f0cfc47b2e29fe880247b2a460dea527f12372f475dda509ae6c53f05fcc01b888e4ced820ab69b1b69a788f91ea2defc02c85839c46af424fe3336119d4f9e76b768c4b15113d538e74607b07364f5b8de657fd5fef14fc699968a7237880493f5ae931fe72a4e8e98b8310d49cd78599a005cb10530786403d2914a5b23aabb32cc0058d89c1b5835b07c3437b216ee269ac5f4b408e3945520b7cbb47aeb20ea3cf5e80ecc500644c0479a7ca7666693b4ec5a362cc435ab4316b2d95227c085764ea1c2ef0ef4403a3051361b800ca81146e419637454c7b77a3bb86f5b7448c40e8f83ecd1e036f8a7d3348a14d51e9a9f71e4255cfa2ad71a60a8d52f92653766d4855e3b6645f2c5353c4187613dca0c1f7f83c1eec38597c849da941b2910e079ed12e544e378bfb8640c9520072e1d3c6839f739f73fede7b1ffaf6c6620880ecfa76d7646d685f1f5d7096825cf913ad133e0fce89deb4d72d3a81df52eed47b07e3289a2a3a27aa398b61777d98c31aac96a3f012f9cbd31d53b283470a8f0342c5ad48801011660cf80cf5d62e200ef6ce707229a08ef4ef113137f27abefc88efe5e739e607e8b8d3e473f0aa6d605ae7efcdc57a3618e95a299b8eb320372723218a0281492e57773954e0f493de96e1591e9fa107d014504c8f84aefbf55bd03c88925744faa83ed38b1a6aa41626440532bb9d2177b8ba3248d76774168e01de89b53b50506f02c0f26b089b0c2fdbb14557152d4360b634f998bc2c9d6cfbe9abc2beac95741a8ecc8d6e2c6937213a252927a5cbc11a8ae5d5dbb9c351fd8bfbfc30d32211a86fbeb3b089a6bbcd3b2c8b1f9f7ff6f5606647d8283cac9b4157802e3e937d552ba5524763b121109294ee1a9af4acf114454556b86f835d4d3e69a28ab6010c14df09caa6d5b28415917be22ae660f36483822143314b495ce5d3a4a7c4434a9f178ff0d9ad1184597f50e009806901123e5d21a9df0543d07b51d54ed2ef6ef3caa15ac4743fae645eb31726fc69022a6515e6811c9f4b65b42662e583f18332b63ce4fa3b8495158e930f128ba95b4c775a79eb91db27a952363545ecee1f236d979c0bd6e2d15b93bb2068e573eb0b18565525cafd1f1fb5e85d298ffb6181b50e07fdc3d5b24764236679328a2c5f1b0d75666a375524aab0a65bee6d0f6c748eccf9fc1820a0386da23b60750acec33420f9de8971319b58df7263986d083c0608cf2078ca8879b0fdb3dc3dbf07bdb359e534df755eca1feaa0dabdfef28727181c3c0ef6fdc13c471eaab1f8d276e889b6a04c8ae983f9db018856f676c07d95ce56705b18e6c4887cd5ffc52af106636be091391f83ba788a430bca7890d6213b5676a833e2751da96b25a2f13bd4305e0739edf6e56fc57e33f476f8019335f578ea10be8e54b457d49423ba2530fae0832b6a7c4e749bf8ca5e8dcf3d21c8da4578cbf46ecc6d4d2e4618bab221b8d333fa035b5e14044fc05dac3feb0ce934bbac563ebf57f02d3edf48f006640afd5893113adabc676121705eb77986b28c8daf3d87e048d11e13a8a05843dc03e387fef7aa5573bdf3aa6336fc3acbd02d29ba3bb789b08622d31acc67a1f832a63c1b61754b375d9227f6cc8c952bdfc31c561a9b87f1c5b662f548e3c762e0db6e3a99f2f9f2106a2f5221b68627712f726e87b675a2985af87db65cbd98a5d27af2b1b29814031cfa2a2b6a7c3969148cf123cd0d9e546c36352010bde68f90bfb3c3e69d8500d3aa773a81fa057a06118c4e7e72c799abde2658fa7a22d76740c147f69233fc799a1f343b4a1509a7f20784e9cc2f7e1b61cc71cc2d5ecba7df88484746441a3f3d9d3ae25b0de52c12e25f620e763b00b8c3881254d28e06d407120b64213d731fc112ff2deb5e4581eea8a0cee9cef20a7dbdd512f3714367b4588fbe158dbd0c33cb0eefdfe8d9c6585a8a6576dca366956e4e538ff09b2b48daf1a0e7d9151e359c8175a8f6f57cef63c699b1b08f1d5356e79a0a914afa727ac44b2e4db4237261bd72945bddf48fdad25f9b2d71df3a21e4eba72150b9e4a0220f5415fcf26586f363c668c64a457b2a6395c7df59b932e81dd51e9ef4024fededf73e2e293528a737d503cc9fb6b08423e4a3aa84a34ab16984bc1b529b76d1774dc92202d49c197710f12ed79cda2dba1aafd17960492641ad81ea392b2707a344bac2262b4402a34e99211e88bc2bbc63ed8665e08f75b78c6bed65ffd945d2d4f46ef52fbc89a68ac706f0e5c5a06019791207437c372f27cce170eb6af71569e19951984cfaf7dbcdb7bb33a9c75b2b63bc0425ed7e2fa7b31bd4c9b4b99f6ac59d0013d55a5a3dc4ac4881869948901418f56726a2e57fa54f898e293e820012d2007c0bd06d4c961ef937fa5b0c1d4c605cc4caa4997577e3dcec392f461d8fd7d415375bafbcd44b0af59b29d39577e816becc28ec956ca4e2acbbc661c028eed62546c714fd983bf40e9dd7dfb3aea1237218f00918b1720639a9aa77334fd3fda55ad0d9dbb42e89da51eb7410a7c19fb8315ab21de26c21884f7241bd36a9fca4cac55fabc20edb5cf835a6f7b0f1f8473c02e933df59d5e26f59b0bc3698fe9f618a7b32927c79b47e4b0d6b80d2944d2937ab7df108c838db57d45d9314313b7ec64d39cfbee9f5d5372693844265c3647959c383ad40037aef0b766ba1593f07498b15d3c6fe342cc32fda6b7e6089252a2ce94398b35a8debbb850334d90766538d44c5273d312ef72751f31d4fbe521ec3df8ffed352c7b97199db599328d2ba84814f3d3b36769fa623c0f56d43638aeaa058ff94e5e63b10adab951db24042d0e28be89446735477125046422c0de0d2a54893ad6fd2e8062c67d213842f8b8565f5a501e00c0846a4a42f0d1e8a4577fa2b6e1329fd613f890c9a2626ab94201ae32db19cb2b208099c90632f8de89b7d49b6102b4ae62ce425da2620ee73d7ecff7e0f8667923e5467bb3b4850cb0f384de518ef86f599d68d82a73166a0479dabc9a4a2659572832e0c747b61bf74ce2408e911fd787ce056ab6eaac508c7f3e4a135fd2f3752f8fcd082e8b5bfd5f70239c6d779fe97244860ad1d12cbb4f4ef347d79fbee0534980b77563f967a59263612a829436009eb45b59cb949f990974b317c1a23e5d556df7e81a70262379d2407efef16096cc0c109439ebec7ae4da0811b7e2fcb25c5a1fd435426c276311576bd84f5548ae550c24efc7b2c69c441cba7cbde05528dc496de29c901fc48d2913b105326d57c7945447939024c463663ae53d0f7b6712258f34e982a8dbfc6d96c62147231f873b6aaf6a1e634b83ec4ae032a99db86494d3f11f78b895e06b8b830dec68e276461951829a6c367d7c06adafa0640972d3bd88b18be2909cc51f315a753a92d2bb03e40c16b36dd0065e246a36f2cd14ef2aaacae3ba74cb983a457dff48991fa6fe37331f168747ced4423866a17f6ddadd654be49a6fcb76c58d1cf4b9848c947f51c8cd04a17102be7df50d7e54b51081a15120c7c3ed74fac6b25995077af1f86ca321836fd", 0x1000, 0x6}, {&(0x7f00000014c0)="ea214a2e6dcba70a4700fa0f063ab5ce599fa86496e26a889d6f46a5b5ab4748a8350f146cbf5abc68979492613d78e0ac21ec6998ad4b503a830808dab676e6cbeabda9cf63da5a4cda1c4aea647da24c8fd599361f7ab676530c4cc0da26c2773a9fc38ac9472ec766ae9796095600ad99ce7dca", 0x75, 0x1000}, {&(0x7f0000001540)="826bbd3582ebdb9024d2327a01bdcb1a8312dbbe54e76dac33a256ba6904a51db0f039915a3e27dc3eb4eded2bb0c873889507f86fe01e849b3b265b3fea3795345c44cc43c0af82693f4e8c6c743abc5cf89a9d0e14779b5cf56fa15ad2ee43537aa4bc44a8b5915bf452012129605b302e90bafbcd", 0x76, 0x4}], 0x2805801, &(0x7f00000016c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xc0000000000000}}, {@auto_da_alloc_val}, {@grpjquota}], [{@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@measure}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@hash}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise_type}, {@euid_eq={'euid', 0x3d, r1}}, {@dont_appraise}]}) 23:30:18 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, 0x0, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:18 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 16) 23:30:18 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 23:30:18 executing program 0: r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[]) r1 = syz_io_uring_setup(0x24, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180), &(0x7f0000002a40)) r2 = open$dir(0x0, 0x402200, 0x42) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x100010, r1, 0x0) r3 = openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000280)={0x101200, 0x38, 0x1}, 0x18) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000380)={{0x0, 0x2710}, {r4, r5/1000+10000}}) socketpair(0x2b, 0x6, 0x0, &(0x7f00000002c0)) inotify_init1(0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000300)=[r2, r3, r0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x7) openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x200002, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x1, 0x10, 0xffffffffffffffff, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007240), 0x0, 0x2404c000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x6fb9, 0x6122, 0x2, &(0x7f00000001c0), 0x8) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) 23:30:18 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 23:30:18 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c65"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:30:18 executing program 1: syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20000050}, 0x4000080) syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, 0x0, 0x40) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000940)=0x4, 0x4) r1 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000340)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f0000000000", 0x49}, {0x0}, {0x0, 0x0, 0xc00}, {0x0, 0x0, 0x1600}], 0x8010, &(0x7f0000000280)=ANY=[]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) setresuid(0xffffffffffffffff, 0x0, r2) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x800080, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_user}, {@version_9p2000}, {@access_client}, {@access_client}, {@version_9p2000}, {@cache_loose}, {@msize={'msize', 0x3d, 0xff}}, {@msize={'msize', 0x3d, 0x100}}, {}], [{@euid_gt={'euid>', 0xffffffffffffffff}}, {@subj_type={'subj_type', 0x3d, '[-['}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@subj_role={'subj_role', 0x3d, 'nl802154\x00'}}, {@fsname={'fsname', 0x3d, '#V#@'}}, {@uid_gt}, {@fsuuid={'fsuuid', 0x3d, {[0x37, 0x34, 0x34, 0x6, 0x35, 0x65, 0x30, 0x30], 0x2d, [0x34, 0x39, 0x63, 0x31], 0x2d, [0x61, 0x37, 0x38, 0x36], 0x2d, [0x35, 0x31, 0x65, 0x32], 0x2d, [0x33, 0x30, 0x61, 0x35, 0x63, 0x61, 0x61, 0x65]}}}, {@uid_gt}]}}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x24, 0x0, 0xe9f1e96205d7de07, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x24}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x40, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x40}, 0x1, 0x0, 0x0, 0x6000}, 0x48051) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000980)=""/4096) ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x8) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) write$binfmt_aout(r5, &(0x7f0000001e00)={{0x0, 0x30, 0x6, 0x1000cf, 0x3c6, 0x1, 0x30f}, "8d882cd4edf05f83e7416199561f41d4d148bb6945e5b7e48ac675112b88d2d1cffe81f1f05cf24fa5b10fc0622e4152490b3ef5970ff9f3e85056b4cc8870dc2eee52ada97c9f160f5030f8a55e0fcd0edaf5534cc58ca7bce53ac2e6d57665fc2f8408d7acfa8876b6c8025f39401fd913ec7bf2510e469b2fb486f217564aac4c0a273ba44d6c30d648269047943d81a303dec059df9cfd7cb14c84e8487336c2f2672fc2f8c82167f56fed979575d002f490bf3d3344d3e41600485ddc80e50c34060e9d62f24baf2c3f329c8d473f32e32299407f7fe26b89176a459328bbece869d00b8402dadd2784ecf928387ca33100312994f45de182562fd5282bf3d054b7e910b33568e7d14b5d933b5edc5cc0ae9047e7270946422ec2feca1017c9f3d24dc3976768939d66508d75e835da860cafa4e0c139effcfc09526d5bdb76ce3193f9f2288eb359572ff8cfd0f03098bb68cfddf79cf9297b678e9c32bbb9116714adbe38a4858eaafb9f339c0072fe1747346473289cbc44d6f86788e7a056747bb5a73e0aba34cf41e4a4bcc22eca8f37bd3e23d92dfb504ee602e675f528a767479e84fe956348d737f0794ca4a61bc03f3f68cebfcf1c6b5955cb6ea6f31d389fe5952f51739e24fd34640a1c7fb4f5113738dabef1d78b4122250d98f57d16eb8f957e6d9253697b7c08f610063204840514b96980936227cfc004a4992eb48aaf0851d821b9ea9e580194a18524f06f042eb0de8fa8812e7f39fcbd0c96684d947377cd42fd56120500a12293513e4bf9bd591bbe5382acc4e5d746d0ba95f03cd7555e76102fb4030ce984be187d1228cb88427a33aa7ef85d581d0486abc852c439fd937f9ba8636e7a7622574dcb9248ff1997b932ce70039b8164ef743a840925385d1f72174bb1932696ed8475a88f8e616e0058b1c0d2ab15db740cd6d44d740a26a0af5db410c06a49746df4ef5a6a3857491d4e9deda9d0ad7dc8bac8b51e96c22e56ab792ede5b21e56e46e680c4e4d865b57b48e0b01543bb58427d670f22e5811f207ea4c81177b6d7f5878c122fba163cb2efb3cae97736f4fc4d267baed96d2bf79c9fc3f934586ce8cf83ed68d96917c61f3d0ec8a794c152614fdddd1dc2440e75be6cdfe0a6d6e7cc77de01e4ac43e93bc0ec898b635cc24dd39b819fab4caae44188084701e329e49ab9d8b5a6e558dff6dc3d3ba828314891b25a8dd8c7e6ddd4b919cb95cd93f05c0a7b2c557d66b97a376d496f1ae532fbdb9c80e847a7b6a6de218d139454fbbdf921356672e0732727625729e6779d3742e7b89ef82882b10243d04443e9ce71479d868d2f4b906fc9d2d25d222b2c93dff8e253e950ea9e5fa7e8f4b22d2df152dada9827be3460cf34d09d9b1684f13bf9b419495a380a0f7ba47b79966657950a7334682106f399f1b8defe757a85227577924e2c2b3c587105377633641be64acb44c781c20b46b6166cf8517effd46006fe674b2a295a8e7c9ca5f88b3c0eceb5a90367348356625cf691657d4be471544e28bff132d0f3bb8fe861d6063d1b1501d21c6be9e52236fc8c93323673da919f443e59749762612c172d5ff86f42020e074620d991c6af33e2610667294c78826883665b9dcabf87bb13a38c169af003950c8d8dedaedb2304d12c501c6f31651a75ed5cabe67bd53c0f422679bd1b631df185dbce07ca7b0c95ae076fda1c213692b90be6ec291f28b5742cad76b214215a54851fc4975d2e36375329aff94db0726fc8876522551243a51352a9fa0ccb0a2de420ebf0b0514ee4da62bbab22921c32c75de26625d2edcfe4be7abf95e0ec19d40c05efcdf23ee983b2a87921f040afa166679c85b3dfd243e4adc6bc79af2cdb3e9e4ad5df225f9a5ff450d4ca820bfc94cd1934ec18f28f7b9f8790011773bc1c482aaf8c358852b5168841f96fbb2ee21a7ba2e45c161f9e4c43a966647c683c3ff6237f797c3cd68d04461d7d048db8716c861bafd8e5680ef9bb6ca44353e4292e1b4a08e63e0eb6453dad7a4d159534b0bf4de86be628d11517bdfa6cc999e78fa30684a0f4800796e249fac53ff4999c970efcf2b8839b309987f00df1782f5b43055ab050c92e5ff9bcd70032a7add82bb22af430745e156c2d2399972ade8f09ccb07be8fb0b48f2344dbb3028f02f339a1fbf2b78e848da6d228cfb99303f8851ff81afdca0cda9e5ca8a797cf5faa1fa202f3b5d8d41a1df25a17ed63604379b38d10d3c98c61017b2ba3b57e319c36c467af4a5d228b8f5d075a5ee4dac17a9669e1405f231d6bd2d53cb2d2180a0e3f1506e9d805b4fc2bc7b01e5f98773f4625beb80a54aaaf4918dd6f7b9dc9c1c0ab58b0b8b3708ae51005af01568feeb98fabd56bc5d227b5dd61446a0b9167d200f235923b8185919633237cc303d537f1fdfc0ba715a55176e032cfb13a6d0657d103682169d2869d35705a4cd7ff915641b05fb1d991cee4babbc37b61657a8e7c6ebb931f4054965eee183d0dcfcde7a10a0a6c330e11b80457ea5b4cb180ed7f4a5166e65e4b9288a37f26c3cc948272f0695097f6d272d72e7c24f673dc52c2e268eb5ef043a50a93d145229d8317359ea57daf1134fed28e4f88c177b404c23b736a4911a4496da2647946a115121dcb050f4bbd52798d38754737f05794a5c8fc58712c2d60260d11cef72decc74021616a24c8f725de169827e3a53c7a540984662c45a216dcc74418fbbbe7ca5147f5c5f018aba4e952809495417de28755cde4d5f39ef1af35d7050454b0673c43ae165b1881448464db26f14996a9fbe2b0463d8bed17fab43221f921f4da2539d3bc9331b2cf78cc9722ae82fd1fbcc2affb7893d604130d4ea53001f3de6f57d31f6df6e525ffb2291421dc568c4a3e2b6bd812b4de4192c0d49ba50b90357fc3bf8b85fa9f81d23d4897b39bc01aaca362e916f7a19a6a1430654c2ed16f55d858872c7056cf757153f0453cc61e7b800c30815ade61807730258c8f629472fff29d9dfd674bfcb567b2e8ad17c99c5f82b62de62233103c7ddc47f862927fd5d6e6ddd4d507e55cbbee9930e07d29057b7827131f134186eba1a7324d4e2d85f577977145dc4af8d04fc0139714ae7a81455d2005f3ce2d420f3bab5f32d688eb40a8c8dba4814dd1133379c7410459631286d03162d3fd4266477f556206376ae58694ca876651fbe3b9dd5d9aeded54478851c87e7a2317016812a8f5189882133e7147588d18d00d1212e61401936494ff8d28597c852cf969de448855d531013989a51111540b41a20ceca3ada12d921223301fec1f15482919dd806a6e8cf4b7fbb25d5de585a5dfdaab401ae8e7a8dbc2cf34e7b27f13ce3cddc028d7b31a52395f365bdbb3f1b669febce5e9e650d930760acb138934577b200832ece77988a0cd40bf4532f1a8aabb54fb6b24c73a82df78d92a8f4961b0667f22a6a49cbd15f59d62da485355bbf488c187df071be0def840c44f7164d2216219bdc64ea7c6ad3e7915554256c051182f3f0a077e18eee8b640350f000ac9f8a27e8e2c19acbe580b0be0f7a2b1d35ef67c63b0879d6181cb7f5da7db842ea590a3ed6ce32d4b1b0f0eb8587f4a99fec30d7e75b220207d3f922d34cd795f39b217fe8d2644018d24a376768003da27489c12bcfe51745943334d3d368c3216875a446f44e19c0cb70ecda83548c6a02065e710dacc1ecfac03259799be39f3232a46de8e01b2815e0bd45b6a5a871beb84bfd5cf308af1f72077690d56af7e80a5756c4b78c2584803bb4cc01785ccab95d60e712a3b2764ffaa8f108a0a012d53f25137814254ea2d2ad47637ded1ff2ee735e79b877614a2ffd4d2c8407788c4256d04833ccbbda887382e7cabcdb1ac63e424ca09cd6ae6e1ad3ac952d0fdf615e7dc5310d435723ede3fe077e2fe2df6a54f28cfffdee6ad9839f00ff0d4ebe40b21dd69bc8a9bcf1dcb7298dd1021f93a8ce9111948511de403de7d7087ae5e173e9dd4a1cb00a550be84ba5383153a756d57b6e58a6719bdf5d565d06ea3819941c8d8eabb3f27070a94171003db91ccc10d50062fce0035bade3def38a279259212249bd88c0047ba8fc23b9687cf366ba65b3f068af54e39aed2dcf12c85f95f64519c5602621975e9fa4d1fae37878f8b98ae775d5be456ad97f03b289a9e0a3387991cea957a59cbda24ea04fcce1406b63a076940f90153f7f7b9b249496f46c1d351c894a63ed18526516f14fe9d8a8df7ef46ecdea34e84deaaa925ec94e21ac912add89a57e61e5e4c22cd406abbcbfa0ec4bba09ea66faa9992baa3cb34b622ca274a03442e88c188b3f2fffc00d5ba70ca1d23fffcd4b28ae66090f13a278a2ead9374b464f6acaf91b5cc302d769af2001fa55b787d6cd2114144221bafb1e17b6ebc6fc9346c4cc2641936b35aa46a08e7028b2939a7b3e13884ea0c285f04d8268f7054dd00fca7183b55b28f542e05b0cdb109b984538504f58a7d337fd27d01855203d61b7903e9845ac3cd94df933fa895a7f07197541d7c691b884fad34f5812d2d4dc8662249656a18f3239c42823f2893cf0d5f30e38acfd6881435ebb4bb43986fe37c79880879fa48b903c93191fcde4005cbc6cb60775fd2d60b9a83acf6391b307480a7a716c0197fb8bd2cf92461f73ba23e73f4d1bd00b627399921d87d785ed970d8a23f52aacac5c9fc2cdb84a60185ae10f78328dc835307f24ba09bba865eeeca856b0b079271005ade3e1745e492c589822f50f1ac0d20de5f95d36b6b9ac8c6807ce20b8e989f0398bc6fca094820cd85e6a06fd5402926b27513f659d9ad1bc57dfb1560a012cc3a5dfdc564af4ace56c92a645a64d3567f527b6d4ca99e0a624d3162bde6fc3b075ac7e434cefaad2b4d33be88d4069a3a3cbcb8045d3920de89c911b80dbd6ab06f6b1c867aef47eb878ea4dbbfac8a3cbefadf55951e774f212b058eaf2b29ee6a266551100272d77ccb969ecb75e2a78bf72b5fb4035e4aec0ffe4a23677eea5a9e3946691f1ea1da9e59266a5e3786b4fe86e1409f0c880b87e7181f68229a75d065321112ba47f8f135fc936a603afe60baf760aaacbe720120bbda3fd6a58a357a552f74cb5f7775d41a30599aa2b44c6582076015f44deb4b0070b8d17cf5f58df50e457c81b53314d5b5e29257c7353142bd3b20b996bc5ae0af6d5d16af59d681303a4e1d0f9585441e4387709f449a74f655170e743fb5565a8488b1e7cfe83f5deae22c8dfce3442955a8aac09f2420f72303d3ee97e81891cb09156376647be595ce0adaa2182690343ceb054c6c093d931a9dae16e2d2d1707a4b46787f22ea9a03f1bc549ae80ba0a08bf23041ee64f986ddab3a606621fb1e885f7c78c2b3c18fb766744fab8f28f8ac1798569f78b28488baddc1f578ec9d601a740bd6122419cc5e83ac1cf3d4137622e5c3e1bba92b343231ba39c5d50c6d193e6686ce3c0b140e54d73c565decdcde9565eee5d71bd22f80e58cd76d42bf04bb8807b07b54e7a15ea1623a09eaa9ea7e545775d6f7abe4600dea9fb20f7ddc6d46c6f0de32a3e2634fbde8a1a8fdb259d025600acfa9280727f6446911c587d5293d3a8fe7365f75ebc28738d41e95532b7308247b5f1e998b8be33cee651a9a986c51c4b8ea845e7d2841b87d8e3969d03e28f15b3c05f012c8395c6e9ae8daa11b43fbe9d3c8026147a"}, 0x1010) [ 1636.218394] FAULT_INJECTION: forcing a failure. [ 1636.218394] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.220003] CPU: 1 PID: 9257 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1636.220851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.221951] Call Trace: [ 1636.222287] dump_stack+0x107/0x167 [ 1636.222772] should_fail.cold+0x5/0xa [ 1636.223251] ? io_setup_async_msg+0xda/0x2d0 [ 1636.223803] should_failslab+0x5/0x20 [ 1636.224281] __kmalloc+0x72/0x390 [ 1636.224719] io_setup_async_msg+0xda/0x2d0 [ 1636.225247] io_recvmsg+0xc26/0xd70 [ 1636.225708] ? io_sendmsg+0x830/0x830 [ 1636.226188] ? kfree+0xd7/0x340 [ 1636.226627] ? mark_lock+0xf5/0x2df0 [ 1636.227097] ? slab_free_freelist_hook+0xa9/0x180 [ 1636.227702] ? mark_lock+0xf5/0x2df0 [ 1636.228192] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1636.228858] io_issue_sqe+0x3bd6/0x77b0 [ 1636.229368] ? perf_trace_lock+0xac/0x490 [ 1636.229890] ? io_connect+0x610/0x610 [ 1636.230376] ? __lockdep_reset_lock+0x180/0x180 [ 1636.230974] ? lock_acquire+0x197/0x470 [ 1636.231471] ? find_held_lock+0x2c/0x110 [ 1636.231714] FAULT_INJECTION: forcing a failure. [ 1636.231714] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.231991] __io_queue_sqe+0x90/0x9d0 [ 1636.232005] ? rwlock_bug.part.0+0x90/0x90 [ 1636.232019] ? io_issue_sqe+0x77b0/0x77b0 [ 1636.232030] ? do_raw_spin_unlock+0x4f/0x220 [ 1636.232044] ? _raw_spin_unlock+0x1a/0x30 [ 1636.232054] ? io_drain_req+0x603/0xb20 [ 1636.232072] io_submit_sqes+0x44aa/0x8610 [ 1636.232106] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.237632] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.238239] ? find_held_lock+0x2c/0x110 [ 1636.238771] ? io_submit_sqes+0x8610/0x8610 [ 1636.239324] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1636.239935] ? wait_for_completion_io+0x270/0x270 [ 1636.240544] ? rcu_read_lock_any_held+0x75/0xa0 [ 1636.241131] ? vfs_write+0x354/0xb10 [ 1636.241598] ? fput_many+0x2f/0x1a0 [ 1636.242058] ? ksys_write+0x1a9/0x260 [ 1636.242555] ? __ia32_sys_read+0xb0/0xb0 [ 1636.243070] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.243728] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.244381] do_syscall_64+0x33/0x40 [ 1636.244849] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.245494] RIP: 0033:0x7f33fff70b19 [ 1636.245970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.248307] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1636.249264] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1636.250160] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1636.251073] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.251970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.252864] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1636.253794] CPU: 0 PID: 9247 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1636.254715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.255735] Call Trace: [ 1636.256074] dump_stack+0x107/0x167 [ 1636.256521] should_fail.cold+0x5/0xa [ 1636.256992] ? __kernfs_new_node+0xd4/0x860 [ 1636.257523] should_failslab+0x5/0x20 [ 1636.257989] kmem_cache_alloc+0x5b/0x310 [ 1636.258508] __kernfs_new_node+0xd4/0x860 [ 1636.259020] ? mark_held_locks+0x9e/0xe0 [ 1636.259520] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1636.260102] ? cpumask_next+0x1f/0x30 [ 1636.260570] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1636.261140] ? pcpu_alloc+0x12a/0x1240 [ 1636.261622] kernfs_new_node+0x18d/0x250 [ 1636.262121] kernfs_create_dir_ns+0x49/0x160 [ 1636.262717] cgroup_mkdir+0x318/0xf50 [ 1636.263188] ? cgroup_destroy_locked+0x710/0x710 [ 1636.263766] kernfs_iop_mkdir+0x14d/0x1e0 [ 1636.264274] vfs_mkdir+0x493/0x750 [ 1636.264717] do_mkdirat+0x150/0x2b0 [ 1636.265164] ? user_path_create+0xf0/0xf0 [ 1636.265674] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.266312] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.266960] do_syscall_64+0x33/0x40 [ 1636.267415] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.268040] RIP: 0033:0x7f3666038b19 [ 1636.268496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.270737] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1636.271665] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1636.272532] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1636.273403] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.274272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.275156] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1636.297276] FAULT_INJECTION: forcing a failure. [ 1636.297276] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.298822] CPU: 1 PID: 9258 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1636.299712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.300812] Call Trace: [ 1636.301177] dump_stack+0x107/0x167 [ 1636.301669] should_fail.cold+0x5/0xa [ 1636.302183] ? create_object.isra.0+0x3a/0xa20 [ 1636.302808] should_failslab+0x5/0x20 [ 1636.303321] kmem_cache_alloc+0x5b/0x310 [ 1636.303873] ? mark_held_locks+0x9e/0xe0 [ 1636.304399] create_object.isra.0+0x3a/0xa20 [ 1636.304952] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1636.305596] kmem_cache_alloc_bulk+0x168/0x320 [ 1636.306180] io_submit_sqes+0x6fe6/0x8610 [ 1636.306742] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.307372] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.307982] ? find_held_lock+0x2c/0x110 [ 1636.308499] ? io_submit_sqes+0x8610/0x8610 [ 1636.309052] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1636.309661] ? wait_for_completion_io+0x270/0x270 [ 1636.310273] ? rcu_read_lock_any_held+0x75/0xa0 [ 1636.310875] ? vfs_write+0x354/0xb10 [ 1636.311344] ? fput_many+0x2f/0x1a0 [ 1636.311802] ? ksys_write+0x1a9/0x260 [ 1636.312284] ? __ia32_sys_read+0xb0/0xb0 [ 1636.312797] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.313459] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.314109] do_syscall_64+0x33/0x40 [ 1636.314591] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.315235] RIP: 0033:0x7fa048f33b19 [ 1636.315705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.318017] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1636.318992] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1636.319887] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1636.320784] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.321681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.322601] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:30:18 executing program 4: r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x3000563) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) r3 = accept$inet6(r1, 0x0, &(0x7f00000000c0)=0xffffffdc) dup2(r3, r3) setxattr$security_selinux(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140), &(0x7f0000000000)='system_u:object_r:ssh_keysign_exec_t:s0\x00', 0x28, 0x0) 23:30:18 executing program 0: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file0\x00'}) perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffffffffffe, r0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000001500)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x8, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x800, 0x0, 0x40, 0x0, 0x40000000, 0x8200, 0x38, 0x2, 0x7}, [], "bd957fd92f411ce18f895838cbaa4d10431d6f1ff91416ba3d46d46f9806d0d4794ceeeea2a5db653d90fb7d492f9319d402b6e737a65be0d6103a89d9fb0225245ad48f3efc11c748601e2c14070aedcf8790cb988fd9a9dc42560687a7ca8bdb9a4308453cbc1b30fbefed1014e06c663745c9642cd44c9b61cb210a3f9f879c67c210929c75380a32e7910a5057b77e7bd0079d943a44fa0493ff131383c73cac8ae601866e27e490ecdc05fa94e4e033e84ef40df030f991b72629e4b699180c2d59c227c254c29573c7ebe968993b2a808c7a7de46d4a28b88d3878dfcbe3e00ac859a44cc29c887800fd41813956894a5d446ed437c8d0d676163a0fe17faa72d9de2df6acb5bcfc7762dd38fb695d48b7615dd10595f5ce86bdbd42165a492854fd58fa33c189830c186cebc7f476d8f6d340a562e9a0087c1df70c3def99bb7da2e037056bcf01b6b4611021423894cb4fc49280bd814897e99effc5a6f739c7297475fc7ee6abfc739e4245326c052d4a25ff71a919639b9ec609800d000eb7b48a143081004422ab2b0c93f52f13c21fe3a69891899cddf448266e7c6c2a44a6b168b690710fa914cf98d5a4f1d2c69b15bca663d4665dbbcd7b391ad8744d8180fa9b590bf9292e69f810bffe0c7098de8c8c2ffffa7f71487a00ae4e228b96cca3de846df5ec2d175f6ad40f8f75c245cf54f6a110d2feaa211d303b13daf2ce54082d6c41e2bad767a6f7e1508cae12f6"}, 0x257) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000040)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r2, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) sendmsg$IPCTNL_MSG_EXP_DELETE(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x2, 0x2, 0x301, 0x0, 0x0, {0xc, 0x0, 0x8}, [@CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x318c}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_FN={0x8, 0xb, 'sip\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040065}, 0x20000001) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x4000810, r4, 0x4bea0000) 23:30:18 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, 0x0, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:18 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) 23:30:18 executing program 1: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3ca3, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x3, 0x0, {0x0, r4}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x3, 0x0, @fd_index=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r4}}, 0xb6) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) stat(0x0, &(0x7f0000001c00)) r5 = fork() ptrace(0x10, r5) open(&(0x7f0000000200)='./file0\x00', 0x200000, 0x140) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x5, 0x81, 0x81, 0x2b, 0x0, 0x1, 0x14, 0x6, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000140), 0xe}, 0xe2, 0x3f, 0x234, 0x6, 0x18c6, 0xffff9f30, 0x7fff, 0x0, 0xffffff6c, 0x0, 0x6c2}, r5, 0x1, r0, 0x1) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r6, r3, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:18 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 17) [ 1636.479615] FAULT_INJECTION: forcing a failure. [ 1636.479615] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.481186] CPU: 1 PID: 9274 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1636.482071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.483156] Call Trace: [ 1636.483519] dump_stack+0x107/0x167 [ 1636.484009] should_fail.cold+0x5/0xa [ 1636.484521] ? create_object.isra.0+0x3a/0xa20 [ 1636.485128] should_failslab+0x5/0x20 [ 1636.485638] kmem_cache_alloc+0x5b/0x310 [ 1636.486181] ? mark_held_locks+0x9e/0xe0 [ 1636.486738] create_object.isra.0+0x3a/0xa20 [ 1636.487292] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1636.487936] kmem_cache_alloc_bulk+0x168/0x320 [ 1636.488518] io_submit_sqes+0x6fe6/0x8610 [ 1636.489063] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.489691] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.490302] ? find_held_lock+0x2c/0x110 [ 1636.490833] ? io_submit_sqes+0x8610/0x8610 [ 1636.491391] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1636.492002] ? wait_for_completion_io+0x270/0x270 [ 1636.492616] ? rcu_read_lock_any_held+0x75/0xa0 [ 1636.493200] ? vfs_write+0x354/0xb10 [ 1636.493670] ? fput_many+0x2f/0x1a0 [ 1636.494131] ? ksys_write+0x1a9/0x260 [ 1636.494628] ? __ia32_sys_read+0xb0/0xb0 [ 1636.495146] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.495803] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.496456] do_syscall_64+0x33/0x40 [ 1636.496925] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.497572] RIP: 0033:0x7fa048f33b19 [ 1636.498042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.500371] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1636.501336] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1636.502233] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1636.503148] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.504044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.504942] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1636.523707] FAULT_INJECTION: forcing a failure. [ 1636.523707] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.525234] CPU: 1 PID: 9280 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1636.526088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.527148] Call Trace: [ 1636.527484] dump_stack+0x107/0x167 [ 1636.527942] should_fail.cold+0x5/0xa [ 1636.528424] ? create_object.isra.0+0x3a/0xa20 [ 1636.529000] should_failslab+0x5/0x20 [ 1636.529478] kmem_cache_alloc+0x5b/0x310 [ 1636.529992] create_object.isra.0+0x3a/0xa20 [ 1636.530560] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1636.531198] kmem_cache_alloc+0x159/0x310 [ 1636.531726] __kernfs_new_node+0xd4/0x860 [ 1636.532252] ? mark_held_locks+0x9e/0xe0 [ 1636.532767] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1636.533371] ? cpumask_next+0x1f/0x30 [ 1636.533855] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1636.534466] ? pcpu_alloc+0x12a/0x1240 [ 1636.534968] kernfs_new_node+0x18d/0x250 [ 1636.535485] kernfs_create_dir_ns+0x49/0x160 [ 1636.536046] cgroup_mkdir+0x318/0xf50 [ 1636.536534] ? cgroup_destroy_locked+0x710/0x710 [ 1636.537131] kernfs_iop_mkdir+0x14d/0x1e0 [ 1636.537655] vfs_mkdir+0x493/0x750 [ 1636.538107] do_mkdirat+0x150/0x2b0 [ 1636.538580] ? user_path_create+0xf0/0xf0 [ 1636.539108] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.539767] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.540419] do_syscall_64+0x33/0x40 [ 1636.540887] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.541535] RIP: 0033:0x7f3666038b19 [ 1636.542013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.544338] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1636.545293] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1636.546187] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1636.547095] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.547997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.548892] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:30:18 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r2, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) dup3(0xffffffffffffffff, r3, 0x80000) write(0xffffffffffffffff, &(0x7f0000000100)='?', 0x1) mmap$perf(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000008, 0x10010, 0xffffffffffffffff, 0x6) lseek(0xffffffffffffffff, 0x0, 0x1) syz_emit_ethernet(0x103, &(0x7f00000002c0)={@random="67856f93ef03", @remote, @val={@val={0x9100, 0x3, 0x1, 0x2}, {0x8100, 0x3, 0x0, 0x3}}, {@x25={0x805, {0x1, 0x4, 0x9, "9731f296efc77c2db7ea22fcdb65f7e81d54a63549f315e4b2dd0af59dea0d41a8bf855c71d77d33975eb4f9bdf14359d79585f8ac114aaae3530532089a16c847e3087d3f0fdb31d53450494d1e6f443b4871f3dfa4ee4e7bccced59fcd2ab006ec43a57c6789e9ba0dd6b91e603a241d6e545655a80b6ef54d1e1d100764a7652da7cdc5ffed2a89c08932b91b918634e2eaf954fc9c53d63e7dbf8b94e47c3f13463de034dab5a0f1344a3bade9ff3bd67214ffbea25380f762b680bf186ff20f7c6f766b60b265d03adc9a37b8b034a36ff77f67457722853d69f8d1a2e5287c5085d321a25a7ca4"}}}}, &(0x7f0000000180)={0x0, 0x2, [0x7a7, 0xbe8, 0x0, 0x9a2]}) acct(&(0x7f0000000040)='./file0\x00') sendfile(r1, 0xffffffffffffffff, &(0x7f0000000600)=0xfff, 0x3) unshare(0x4a060400) 23:30:18 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 18) 23:30:18 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, 0x0, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:18 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) fallocate(0xffffffffffffffff, 0x2, 0x1, 0x5) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x75, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x5, 0xffff}, 0x1890, 0x0, 0x0, 0x0, 0xd73, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'gretap0\x00', 0x0}) r0 = socket$inet6_udp(0xa, 0x2, 0x0) syz_io_uring_setup(0x3a74, &(0x7f00000000c0)={0x0, 0x3281, 0x4, 0x4000, 0x284}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040), &(0x7f00000001c0)) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x1010, r1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000240)="c07cc77e472b9407c7d4b74a86fa40ae573520d32e2a53259cd6da9b4921", 0x1e}], 0x1}}], 0x1, 0x0) accept$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, &(0x7f0000000280)=0x6e) dup(0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000007780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000080}, 0x20000000) perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0xfc, 0x5, 0x7, 0x9, 0x0, 0x742, 0x4, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x81, 0x0, @perf_config_ext={0x4, 0x907d}, 0x104, 0x3, 0x1, 0x6, 0x7f, 0x1, 0x3, 0x0, 0x1, 0x0, 0xf}, 0x0, 0xf, 0xffffffffffffffff, 0xb) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) [ 1636.665089] FAULT_INJECTION: forcing a failure. [ 1636.665089] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.667169] CPU: 1 PID: 9289 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1636.668030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.669075] Call Trace: [ 1636.669415] dump_stack+0x107/0x167 [ 1636.669882] should_fail.cold+0x5/0xa [ 1636.670371] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1636.671119] should_failslab+0x5/0x20 [ 1636.671603] kmem_cache_alloc+0x5b/0x310 [ 1636.672127] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1636.672836] radix_tree_extend+0x231/0x490 [ 1636.673385] idr_get_free+0x623/0x8f0 [ 1636.673880] idr_alloc_u32+0x170/0x2d0 [ 1636.674388] ? __fprop_inc_percpu_max+0x130/0x130 [ 1636.675011] ? lock_acquire+0x197/0x470 [ 1636.675514] ? __kernfs_new_node+0xff/0x860 [ 1636.676067] idr_alloc_cyclic+0x102/0x230 [ 1636.676591] ? idr_alloc+0x130/0x130 [ 1636.677064] ? rwlock_bug.part.0+0x90/0x90 [ 1636.677609] __kernfs_new_node+0x117/0x860 [ 1636.678142] ? mark_held_locks+0x9e/0xe0 [ 1636.678672] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1636.679272] ? cpumask_next+0x1f/0x30 [ 1636.679755] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1636.680350] ? pcpu_alloc+0x12a/0x1240 [ 1636.680847] kernfs_new_node+0x18d/0x250 [ 1636.681365] kernfs_create_dir_ns+0x49/0x160 [ 1636.681925] cgroup_mkdir+0x318/0xf50 [ 1636.682424] ? cgroup_destroy_locked+0x710/0x710 [ 1636.683029] kernfs_iop_mkdir+0x14d/0x1e0 [ 1636.683556] vfs_mkdir+0x493/0x750 [ 1636.684009] do_mkdirat+0x150/0x2b0 [ 1636.684475] ? user_path_create+0xf0/0xf0 [ 1636.685024] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.685687] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.686341] do_syscall_64+0x33/0x40 [ 1636.686828] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.687476] RIP: 0033:0x7f3666038b19 [ 1636.687945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.690267] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1636.691242] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1636.692141] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1636.693041] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.693939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.694848] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1636.698845] cgroup: fork rejected by pids controller in /syz1 23:30:18 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 23:30:18 executing program 0: r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000015c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000001600)={0x30000019}) prlimit64(r0, 0xa, &(0x7f00000000c0)={0x100000000, 0x10000}, &(0x7f0000000100)) prlimit64(0x0, 0xb, &(0x7f00000017c0), 0x0) syz_open_procfs(r0, &(0x7f0000000040)='mounts\x00') perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x80, 0x4, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080), 0x4}, 0x10912, 0x0, 0x0, 0x7, 0x7, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) io_setup(0x2d47, &(0x7f0000000000)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.usage_sys\x00', 0x0, 0x0) pidfd_getfd(r1, r4, 0x0) [ 1636.775118] FAULT_INJECTION: forcing a failure. [ 1636.775118] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.776665] CPU: 0 PID: 9338 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1636.777498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1636.778521] Call Trace: [ 1636.778850] dump_stack+0x107/0x167 [ 1636.779296] should_fail.cold+0x5/0xa [ 1636.779767] ? create_object.isra.0+0x3a/0xa20 [ 1636.780330] should_failslab+0x5/0x20 [ 1636.780796] kmem_cache_alloc+0x5b/0x310 [ 1636.781296] create_object.isra.0+0x3a/0xa20 [ 1636.781829] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1636.782468] __kmalloc+0x16e/0x390 [ 1636.782917] io_setup_async_msg+0xda/0x2d0 [ 1636.783437] io_recvmsg+0xc26/0xd70 [ 1636.783888] ? io_sendmsg+0x830/0x830 [ 1636.784356] ? kfree+0xd7/0x340 [ 1636.784769] ? mark_lock+0xf5/0x2df0 [ 1636.785227] ? slab_free_freelist_hook+0xa9/0x180 [ 1636.785818] ? mark_lock+0xf5/0x2df0 [ 1636.786299] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1636.786968] io_issue_sqe+0x3bd6/0x77b0 [ 1636.787467] ? perf_trace_lock+0xac/0x490 [ 1636.787977] ? io_connect+0x610/0x610 [ 1636.788447] ? __lockdep_reset_lock+0x180/0x180 [ 1636.789024] ? lock_acquire+0x197/0x470 [ 1636.789511] ? find_held_lock+0x2c/0x110 [ 1636.790017] __io_queue_sqe+0x90/0x9d0 [ 1636.790509] ? rwlock_bug.part.0+0x90/0x90 [ 1636.791029] ? io_issue_sqe+0x77b0/0x77b0 [ 1636.791536] ? do_raw_spin_unlock+0x4f/0x220 [ 1636.792077] ? _raw_spin_unlock+0x1a/0x30 [ 1636.792583] ? io_drain_req+0x603/0xb20 [ 1636.793077] io_submit_sqes+0x44aa/0x8610 [ 1636.793609] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.794219] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1636.794827] ? find_held_lock+0x2c/0x110 [ 1636.795330] ? io_submit_sqes+0x8610/0x8610 [ 1636.795866] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1636.796460] ? wait_for_completion_io+0x270/0x270 [ 1636.797056] ? rcu_read_lock_any_held+0x75/0xa0 [ 1636.797626] ? vfs_write+0x354/0xb10 [ 1636.798085] ? fput_many+0x2f/0x1a0 [ 1636.798547] ? ksys_write+0x1a9/0x260 [ 1636.799015] ? __ia32_sys_read+0xb0/0xb0 [ 1636.799518] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1636.800163] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1636.800797] do_syscall_64+0x33/0x40 [ 1636.801255] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1636.801884] RIP: 0033:0x7f33fff70b19 [ 1636.802342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1636.804613] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1636.805548] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1636.806430] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1636.807309] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1636.808185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1636.809066] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1636.840746] kauditd_printk_skb: 18 callbacks suppressed [ 1636.840760] audit: type=1400 audit(1730849418.896:126): avc: denied { read } for pid=9285 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 23:30:33 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:33 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) 23:30:33 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x1f, @private2, 0x1}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$sock(r0, &(0x7f0000000840)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="b8", 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40) 23:30:33 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 23:30:33 executing program 4: ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000500)={{0x0, 0x5, 0x4, 0xa14, 0xa0, 0x5, 0xfffffffffffffffd, 0x800, 0xfffffff8, 0x2, 0x401, 0x1, 0x81, 0x7, 0x100000001}}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x10080, 0x0) setsockopt$inet_group_source_req(r1, 0x0, 0x2c, &(0x7f0000000340)={0x1, {{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x4e22, @broadcast}}}, 0x108) r2 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000140)=0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x6, 0xe051, r1, 0x8000000) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f00000000c0)) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x100000001) ioctl$KDSKBMETA(r6, 0x4b63, &(0x7f0000000080)=0x4) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:33 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c6530"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:30:33 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 19) 23:30:33 executing program 1: open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x10000000) r0 = open(&(0x7f0000000140)='./file0\x00', 0x100, 0x1) mkdirat(r0, &(0x7f0000000180)='./file0\x00', 0x2c) r1 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000100)) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xff, 0xad, 0x4, 0x1f, 0x0, 0x10001, 0x80, 0x4, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x67830, 0x1, @perf_config_ext={0x1, 0x6}, 0x20, 0x7f, 0x1, 0x8, 0x7, 0x8, 0x6, 0x0, 0x9, 0x0, 0xe1}, 0x0, 0x0, 0xffffffffffffffff, 0x4a6c41ff100eaa1c) [ 1651.491061] FAULT_INJECTION: forcing a failure. [ 1651.491061] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.492633] CPU: 1 PID: 9416 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1651.493491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1651.494334] FAULT_INJECTION: forcing a failure. [ 1651.494334] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.494523] Call Trace: [ 1651.496272] dump_stack+0x107/0x167 [ 1651.496733] should_fail.cold+0x5/0xa [ 1651.497220] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1651.497947] should_failslab+0x5/0x20 [ 1651.498426] kmem_cache_alloc+0x5b/0x310 [ 1651.498968] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1651.499680] idr_get_free+0x4b5/0x8f0 [ 1651.500172] idr_alloc_u32+0x170/0x2d0 [ 1651.500661] ? __fprop_inc_percpu_max+0x130/0x130 [ 1651.501269] ? lock_acquire+0x197/0x470 [ 1651.501771] ? __kernfs_new_node+0xff/0x860 [ 1651.502318] idr_alloc_cyclic+0x102/0x230 [ 1651.502835] ? idr_alloc+0x130/0x130 [ 1651.503313] ? rwlock_bug.part.0+0x90/0x90 [ 1651.503852] __kernfs_new_node+0x117/0x860 [ 1651.504382] ? mark_held_locks+0x9e/0xe0 [ 1651.504896] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1651.505492] ? cpumask_next+0x1f/0x30 [ 1651.505968] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1651.506552] ? pcpu_alloc+0x12a/0x1240 [ 1651.507103] kernfs_new_node+0x18d/0x250 [ 1651.507615] kernfs_create_dir_ns+0x49/0x160 [ 1651.508173] cgroup_mkdir+0x318/0xf50 [ 1651.508654] ? cgroup_destroy_locked+0x710/0x710 [ 1651.509248] kernfs_iop_mkdir+0x14d/0x1e0 [ 1651.509768] vfs_mkdir+0x493/0x750 [ 1651.510220] do_mkdirat+0x150/0x2b0 [ 1651.510677] ? user_path_create+0xf0/0xf0 [ 1651.511215] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1651.511874] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1651.512523] do_syscall_64+0x33/0x40 [ 1651.512989] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1651.513628] RIP: 0033:0x7f3666038b19 [ 1651.514096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1651.516404] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1651.517355] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1651.518247] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1651.519151] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1651.520039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1651.520925] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1651.521843] CPU: 0 PID: 9415 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1651.527390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1651.528392] Call Trace: [ 1651.528722] dump_stack+0x107/0x167 [ 1651.529169] should_fail.cold+0x5/0xa [ 1651.529636] ? create_object.isra.0+0x3a/0xa20 [ 1651.530199] should_failslab+0x5/0x20 [ 1651.530662] kmem_cache_alloc+0x5b/0x310 [ 1651.531179] ? mark_held_locks+0x9e/0xe0 [ 1651.531678] create_object.isra.0+0x3a/0xa20 [ 1651.532208] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1651.532825] kmem_cache_alloc_bulk+0x168/0x320 [ 1651.533385] io_submit_sqes+0x6fe6/0x8610 [ 1651.533914] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1651.534516] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1651.535112] ? find_held_lock+0x2c/0x110 [ 1651.535608] ? io_submit_sqes+0x8610/0x8610 [ 1651.536138] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1651.536724] ? wait_for_completion_io+0x270/0x270 [ 1651.537309] ? rcu_read_lock_any_held+0x75/0xa0 [ 1651.537871] ? vfs_write+0x354/0xb10 [ 1651.538322] ? fput_many+0x2f/0x1a0 [ 1651.538764] ? ksys_write+0x1a9/0x260 [ 1651.539245] ? __ia32_sys_read+0xb0/0xb0 [ 1651.539739] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1651.540373] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1651.540998] do_syscall_64+0x33/0x40 [ 1651.541449] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1651.542069] RIP: 0033:0x7fa048f33b19 [ 1651.542523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1651.544748] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1651.545669] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1651.546531] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1651.547407] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1651.548269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1651.549131] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:30:33 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 20) [ 1651.563953] FAULT_INJECTION: forcing a failure. [ 1651.563953] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.565358] CPU: 0 PID: 9411 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1651.566189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1651.571198] Call Trace: [ 1651.571520] dump_stack+0x107/0x167 [ 1651.571964] should_fail.cold+0x5/0xa [ 1651.572432] should_failslab+0x5/0x20 [ 1651.572893] kmem_cache_alloc_bulk+0x4b/0x320 [ 1651.573441] io_submit_sqes+0x6fe6/0x8610 [ 1651.573966] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1651.574570] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1651.579185] ? find_held_lock+0x2c/0x110 [ 1651.579685] ? io_submit_sqes+0x8610/0x8610 [ 1651.580215] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1651.580804] ? wait_for_completion_io+0x270/0x270 [ 1651.581391] ? rcu_read_lock_any_held+0x75/0xa0 [ 1651.581953] ? vfs_write+0x354/0xb10 [ 1651.582405] ? fput_many+0x2f/0x1a0 [ 1651.582849] ? ksys_write+0x1a9/0x260 [ 1651.583333] ? __ia32_sys_read+0xb0/0xb0 [ 1651.583830] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1651.584471] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1651.585098] do_syscall_64+0x33/0x40 [ 1651.585551] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1651.586171] RIP: 0033:0x7f33fff70b19 [ 1651.586625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1651.588879] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1651.589801] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1651.590671] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1651.591555] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1651.592421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1651.593286] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:30:33 executing program 1: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x4389, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x11b3e) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x11b3e) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, {0xf, 0x40000}}, './file0\x00'}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x35, 0x5, 0x80, 0x4, 0x0, 0x101, 0x40, 0x9, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, @perf_config_ext={0x9f7, 0x9}, 0x4, 0xff, 0x7, 0x7, 0x2, 0x1, 0x9, 0x0, 0x6, 0x0, 0x9af}, 0xffffffffffffffff, 0x0, r1, 0xe) dup3(r3, r0, 0x0) 23:30:33 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}]]}, 0x28}}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r4, r3, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x20, r2, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x39}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x4091}, 0x851) [ 1651.674867] FAULT_INJECTION: forcing a failure. [ 1651.674867] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.684457] CPU: 0 PID: 9434 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1651.685296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1651.686298] Call Trace: [ 1651.686625] dump_stack+0x107/0x167 [ 1651.687089] should_fail.cold+0x5/0xa [ 1651.687563] should_failslab+0x5/0x20 [ 1651.688031] __kmalloc_track_caller+0x79/0x370 [ 1651.688597] ? security_context_to_sid_core+0xb4/0x890 [ 1651.689243] kmemdup_nul+0x2d/0xa0 [ 1651.689680] security_context_to_sid_core+0xb4/0x890 [ 1651.690305] ? security_compute_sid.part.0+0x16e0/0x16e0 [ 1651.690977] ? do_raw_spin_lock+0x121/0x260 [ 1651.691505] ? rwlock_bug.part.0+0x90/0x90 [ 1651.692028] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1651.692619] ? do_raw_spin_unlock+0x4f/0x220 [ 1651.693159] ? _raw_spin_unlock+0x1a/0x30 [ 1651.693670] security_context_to_sid+0x35/0x50 [ 1651.694235] selinux_kernfs_init_security+0x19d/0x4c0 [ 1651.694865] ? selinux_file_mprotect+0x610/0x610 [ 1651.695463] ? find_held_lock+0x2c/0x110 [ 1651.695967] ? __kernfs_new_node+0x2ad/0x860 [ 1651.696506] ? lock_downgrade+0x6d0/0x6d0 [ 1651.697017] ? rwlock_bug.part.0+0x90/0x90 [ 1651.697544] security_kernfs_init_security+0x4e/0xb0 [ 1651.698168] __kernfs_new_node+0x531/0x860 [ 1651.698691] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1651.699286] ? cpumask_next+0x1f/0x30 [ 1651.699753] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1651.700326] ? pcpu_alloc+0x12a/0x1240 [ 1651.700810] kernfs_new_node+0x18d/0x250 [ 1651.701312] kernfs_create_dir_ns+0x49/0x160 [ 1651.701857] cgroup_mkdir+0x318/0xf50 [ 1651.702328] ? cgroup_destroy_locked+0x710/0x710 [ 1651.702908] kernfs_iop_mkdir+0x14d/0x1e0 [ 1651.703432] vfs_mkdir+0x493/0x750 [ 1651.703869] do_mkdirat+0x150/0x2b0 [ 1651.704316] ? user_path_create+0xf0/0xf0 [ 1651.704827] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1651.705467] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1651.706100] do_syscall_64+0x33/0x40 [ 1651.706556] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1651.711209] RIP: 0033:0x7f3666038b19 [ 1651.711662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1651.713887] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1651.714810] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1651.715692] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1651.716555] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1651.717420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1651.718284] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:30:33 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:33 executing program 0: r0 = perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x17}, 0x29}) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x7, 0x92, 0x2, 0x5, 0x0, 0x1, 0x98, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffa, 0x1, @perf_config_ext={0x80000001, 0x6}, 0x18, 0x10001, 0x10000, 0x0, 0x1, 0x7, 0x7, 0x0, 0x5, 0x0, 0x3}, 0xffffffffffffffff, 0x7, r0, 0xa) perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 23:30:33 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x2, 0x0, 0x0, 0x7ffc0000}]}) r0 = syz_mount_image$tmpfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[]) symlinkat(&(0x7f0000000180)='./file0\x00', r0, &(0x7f00000002c0)='./file1\x00') renameat(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00') 23:30:33 executing program 0: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r0, 0x520, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x20040801) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000040)='.\x00', 0x2000003) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000100)=ANY=[@ANYBLOB="b969c203ae010000400100000018000000", @ANYRES32=r1, @ANYBLOB="ff0f0000000000002e2f66696c653000"]) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) inotify_add_watch(r2, 0x0, 0x4000040) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0) getgroups(0x7, &(0x7f00000000c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0xee01, 0x0, 0xee01, 0xee01]) lchown(&(0x7f0000000080)='./file0\x00', 0xee00, r5) r6 = socket$netlink(0x10, 0x3, 0x7) setsockopt$sock_timeval(r6, 0x1, 0x43, &(0x7f0000003f40), 0x10) r7 = socket$inet(0x2, 0x1, 0x0) bind$inet(r7, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r7, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) kcmp(0x0, 0x0, 0x2, r7, r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) dup3(r4, r2, 0x0) 23:30:34 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1666.472969] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.4'. 23:30:48 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 21) 23:30:48 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c6530"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:30:48 executing program 4: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x81, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x1328}, 0x0, 0xf, r0, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="60010000100001000000000000000000ff020000000000000000000000000001fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8800000000000000000000000001010000000032000000e0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000019fa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000031f1595d000a000000000020000000000070001200726663343130362867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002001000040000000976ae46d07d1812fd0664e95dee18310217fc71b4a41aacc8d9d93d44e14b91df2e10ff9"], 0x160}}, 0x0) r3 = syz_io_uring_setup(0x21, &(0x7f0000000240)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000140), &(0x7f0000002a40)=0x0) io_uring_enter(r3, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @dev}}, 0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0, 0x3, 0x1, 0x0, {0x0, r6}}, 0x1ff) r7 = socket$nl_route(0x10, 0x3, 0x0) close_range(r3, r7, 0x2) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) write(r2, &(0x7f0000002e40)="1d78e1a04c05b7487545de93abf05586516f18a4caf945493d926e0a0f74668a05ac749ad1a33db135f15281e932ff25d6dda2ccfa61a40b906b12533804a91a15e41f83ccdc657972eecd6eb09bb3239bf707210ac3bf1d2f59f0bc380c7a38331ceef8220928beb38f08be296dd4c0d36bac9157fac38012e2081e21b8d227c751e9084d46294daabd7235d311612dd21c112ce1b348799fc6b2b34da91d2a47c57a624eec6bf33170696b1fb2145193d4ae9f0db55ba244e1e2afeed68612e0a487d212816a713ccf60727457fc580d262d248c37cad2732456bd70367cd4418dea8fced633d195af4b2a236e4f9152c32c1f85a66b22d08e9b02b736b4f5706a8d68a5af6590418c94f2fed535c2f3bb72408c2c1c325f9d0db23478dd4885ba5e4d815035bef11228d334b365e1de8dae273cf738c49a44b0e3cd0d8960b86ea19ba23bccd9a5ab8ab6032c2507669186eae315bc93ef666bf369a4e3e923ee587178671c046ed9a7df863f74e42a7235348296640daed066440f2613e6936181f774e89b826436cbcf05b3a269c5127cab79815bed422446a94615cece82113a29b6e4b229ea15ac75245caa90a34b12914d4ce58b5aabce4685de4b2534b1cd65ee337debd6a19c6b9b91edc6c77bdb98301ca93393f9fe1524772fdbd1215d4b871fd863d3519b0f70404ff00a62304c27bf151e289959f4cecbc0875de26ed46f45f2eae83c4c57434f3ba3f6ce47589c23ef0508fcb5274eb128cf8e49391eb45106a179c714ce5d68adbb5f52b9ee676aebb7cc135f7e6711f3a849d3648b45067062288224881ceec5abb70b4aa18b853a88b89253b55d770442804832d3f09a5d31d8cef917e4bf2b35583b92236bbdb05996dce3b753ecca7a919f0c07d7c04799ff01514f770f4ceac4362d7b5819f42bed768903d3afceb74de4964888dffacddc0f93f744fa396ac6893245ec7502e283dad1e4819f94ddac9143349a760a991a626af8b4599f1e90e1432560b2b38fcedec0bd246eb8b417b08329de596a53f1052ed12685a401f8e24e3fffd098782a8605e9b98d6a96b585c47f3993b3468f920579a6e31c545b0b827b89cbe837cccaec3a2ec9611b477da059da06952cd4686f2a7f4a0936f5bb6dc6567e247ac6d0848504d93dee484ae187c49b3b8066173e82ecb7a3456b76f2ea31b12841f1c384dcbed1e436164473ef50f0157b144c84528b933af8fef388beff0dcdbdcfe6812e8fc107b1efb7891473a07ca16cbfaf186ab9cea8073fc649ff0f85e2ddafe41f5d0070045965d2d0b725f299d7772d8d30f8b73549d4cf795e4472ea334802fc9c27e35d581efbaaac087a70bb2ab95723f683be50e2c5c6cbff83b86980a77a1fc840328011d8b80dfb3417c699aec571c6d77dc7935cfdaa3a46ad7838af75e7f5542612320b0523b1f9828dd6fc2945631d0de2c81612cb1e1e0df25ed98a58f1085105287171ae07b6bed9683688cb1b9028962315d076833a2825d27e93a1ae26db585307f5e52ee2f8cb61dff4c553c9485179970947d9ba641ac00b0c4dad3e0028d94a622f249b107e3d1bc72bfa74da045d9d0f133ff51d78ca74d203b362c94137113d1005ae4784e4b4de963c7d6703a9a5f07e5f5849b5cc3e172a5e61177b6bca0c507072ad640138010e22ac2710a3065d55f1adaa2b2b2d8a05353b377d7ba7bf14bc764bb92d5fe6bcc75c3c98eb4166685d62114d9ee10c44ed70155e5dea9c87129882b9bad01e896bb20469ad8d31d10227218e4f9d8175407e25615ddce5dca50723bd0b2ff36f215f1ab04478f77b25937d5d5ebb7dc9da41ca9e26fdb188d6b7386f5c568de3f7109933484dd1236297859c99265af683d0a7d91a4cf429e1d62b2e54a4a41946af1ebda69206c57ea70c7ed04b98822fea7fcd15f8d09cfa2049f71f3ab2f06a019a0caa55d42d185c67db6a7749918c15bc57a5b67716a86cca86e7f5f41d0dea5885affd67bc357f74170869b9b8d42bc6b2e5316a8cbae0bf60f34e2acecda3cc8d6e56fcbd78b16471e9def7d2f259c36c8392564e6a6dc2f7af7db81e402d392a053aa6cce17945313a5befa8c3794cf421ffb507e5feced0fdb74cc61296785524a6eaac0df475329eda2d1ffa700b693c7d4457c39bff99bbddcd7a2c75c8f930d63a2a4e8f3b6bc008cb1b537eb839abef2500f5954fa716b6de744d9891ac63edc8b00c8f21b917d77555242a90aa0c015bcd577a5e1e4b5f9720cd01973a3617f72e708e4e64ddca8c996d6dc251c8acb6b8bf0034e37afa90fca03ccd48e428c4efba0713a7d0a992a4f8bc07c37d1b04dce4d635cf11f2436521b5acdf6c752cfa50d1929d047a96a344e842ac8ca4e2969e2d4bd6f7fd2e0d821c7c3f49ee7843461efa7f6cff9cd80ccdcca6d8d0862158892fa28db109f147cc5e200993a5964488e58c6b82806c80096f713b424bac7b29fe29e619f22c262b7df599127e145f2eb49a0e14e1aa272a12e41f30f75a1fba59776a9fe850cc2280af709ad336046ec72ac646e203b663f243a0f0eaf6a0994968cba7c493778f17a47b1158826206e3ee8923facce562f6ee970074da498f49dc893660e00828943e383ed25ef57808adbccdd4d79ff263f5171cf39c35944c5993d13aadf9881d07cac027db4c3c5d939ef8c36a3d6adbf34596b19ba6f37770fe5e8d89b491ef50114f3e66746973cef56ce9c635c98fc62b609e0ed17b00e741a993dd5362a5e93e9369603dabac1c21907f5df702ea92381a8a72648f161ab91eef07daa7da76fcadfd9e7dc0659a19d6439606032403d780a94e030e0fcc8260a08d56d98e1f6ea3fe802cf04107929fd2c657ecdd6226039f38f41e8fa7e939e2ae4ef4b8803a1cee700c842c42556172daa98f8e0441c6e83ea4c66577a77f642231f08ef77e47bccc70e5cb83c3ba4f880cc48339a330183d8131d7e0a5d6e90d635db71b9581ad81cfbfc2e7b6b7555b511492d0bb7d9596f9f412c48a8a47004c67ec94cc5146422c70ff0c625eec8d2cb1c1c8f6efc01c719be4744a7d6d1103ce173ee00d47bd2ac8ad8e4773b4b2b3453cfc516d1c96e1d288be2e8d8cb7c8cd04c5dd228e0f9c1fe0ddb1ce43014a15b46e95f44b2961718f2716b28c209ac54acebafd09457a7737e6c44cc2e8c4e26b5791008ae174b390778d5c3b644cb2e29078047bf91f95ab14471903e47699851bc351399dad77c73805c1ac54e3d42b26509e47e557ef9efba78611ef7c1a9b9151c03d47fa3b26b9f45f53b9a707af9797e75d2cc68953d1fa28ebe52ca062ca3ac9f338f56f0fb19db5e675b389b91d4c2245786b35cce5f4878110377541d74c8cdbcd3c28362c879e07217dd1c3026b8fb49904c11fd90a6d8dfe643fab8c84b648e6db75d9cbb326f2641d43553cda4e72232354896e9745495273fabdae3f55e8904d74a437c4a854bdda4783753a24cb110fe980448b02652ca92bc21be1d1bfc4a3e97973afec7b3c8a671c7e2fbcd09865bf052d1fda1dc98a75b88f656b98b039f1e7354552d5777ab4327ca6d067ff4be78286e37623712edb790df117124c751f7cedbddaf656471c82c3ae2db276485a93e9c8851fa456cd666440db11ac756d09581a978eeb965691973e4e5ebb075fd6409037f55abccb0b86184136603ad556d5329ab642bebbbfd06d384a1f283676a2516f7c3e6290ecdf21eb5a3a96fbddb51ed635cf05eff57cf43afce851696a8c8ef979b1b10bd505c953cd58606a38c7586f90beeff33729d34183b9cca7f99d8503affe29a17cf96df28cf354fa342f448152acaf2b165230edd7b74f0f5c5aee1a03a5d16c183ff3cfbac50621ae0bced303b19396bf8e6d2813ec35a3f5dcd29c79a7ee4b30136ef0d9413349344faa8deb2198a1b4999dac29c378e7802fa9fa0489bdb7b084eac36648d1d3a6b013702dec3e32a156308027af6c55fd2ebb01dc416bfc8a17b8fa5614e8d781aa9b55a5b969a19c20614a218b24ad54cea4dd7f52cd02ae2398c830d36f98d6639ccc9c410c9e5c838a933a56f6e6e99def357f2cdb43d78322a7d5f896ef6f7b63fdc460128db73c7e69d0b12a35f6843c30c6b2eaa080473c3281f72378225eebe2b221b960a26ded268093e2b43c32ef4455bc5f51bd71f3c7797928dc5897526c786288e2bfc81bb36af82920e029b6c5928a22f10362df0cba14df863ce3f9f63c8077956e83cea769bf8626fab9795cd167f13f234445b50eef620f6ea802c40197eb44880b62e013fd96bdb8cb95f4df5f1b5650f4ef853d76371c1e45d7fdb7ded0412ceaa8b6d57532521731b2789cd717014d8328f045ca98e5c9ad1a373e66a9887bbad48992bbd3ee05a184b81f2f2f2230028cf9fa5b7d0be399207955fa06007f55f3ffc87bbbf11ebadac03dca1d86ac4e9b9de0b07573d3a778e58bc6485e0785b0d51d1e522ad8370082a21b2e78f1f8189015451f348e111bca1c5d087b38bf959bed8956f9b8b296e13c6fecc4e7baae2387bb69388a6ecda68713781f222ba93ee6a2af9e7eaa07cfaadbf374c2e0b376ed01f306d6ff00eb95977a186df79ddcf40c7d4a13cbdc73a7ed8b4c9b38d79bffc92abfed5328091ac15b2868f686c86fdb965cacf4abb1c32a38673ef6fdeed467f7caecfc4de7a18f8a32a880e1c63d8d8693770c5fdaa3894be9801fba637bdc97e05de604b52a306dd790baab3bdd7b6e8dc19b4994df2cb1d99be9aaadcac505083daf2e70d9b7d1e4bbceaeb6bc7242fe3b8c94240312b1b68469185a48994e62a1322a07ad7cfcbeddddcfc24c4c0573a28ea85426f7c3d375c08007e906f5d4d4748da53c0bbccb995342391c39f2730232ee9b1dea5fb69ed088c66f5d222d5d557f3223490e4948724ee8797ea152d679a44cd262574fa244d27f367d921f1ae2a7cb2fbc68abb1404a84281737e98a122fc69e8038fb5faa291fd31885a0a9fead8f94604e2eb9885e572fe27d66f2dd977dc67a1218995cbeff4197b7eff3ff6024144b0cf7305aa968e6fe88d8f3a2c2df71c3808d94888c9cda1c13c27771029b5a1a1eba6c4fc723220202929ad642d61d1c6f901cd670ba2a3f8add36c45f4b2cca713ae4fdcabdab6182bed4d2a40ecff50d21d8aa54eb2df48f6043128a4b03d353dea12d1feed07bec669353abc7dfc47d4a4105ce148de432ce20bdc5e6bacf803e8e4a4912c3bdf4fb76592dacd46c2dedcd254c3c959945d60d22ac439523eade0b92d050422b4e40e73716bcfc40cfbb98e40f2e99eff174f94e5e30131bc05ed55319ef9d89a76b571a6549e75d355aa3c9d05fc9474bc5fba6dd4b23a6fb70baf54517a92a113d533fe0e9fe812535e968ace612981a07d5bf831f913e993443439aa4a2f1363699fbce0bff07c0cfd8e4d0976ad9045fd7f38e5877ebdbee85326481a95867268d53e4aa89e667baf243eac7ed4dc2efe5c2e05d977844d887a29fdf95c19b36d1e27622756532af31e2eb9e25a32b6fba21ba459d5a27b6a2ba719178b388076da3ec2ed44ebdd4fe5c909bca675c494c9809d6f74d9c0e04ec40ab8ffc72f46a6a52a4136ca91b2738f714d8c8c532aba4ca0763a650e9bb7bdb09afd7988062a147af5646da6f4724ec18ea918def73113fc338f9ffac9967a75c7b9e639403a2a28527d6ef361f565a03f5935d7cdfe4c0a255a328ceade503ed99bcba4df8e941fa36825d9a41", 0x1000) sendfile(r8, r7, &(0x7f0000000040)=0xfff, 0xffff) setsockopt$inet6_IPV6_HOPOPTS(r8, 0x29, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000000ff53616a565c594550a94defc906686af13e19468a735ae4f01cd63c51fda512d38d164ae390a1bee324e8c7e691ea969d4a2bc2703314c4f47a88361142bd6c543f1e178903ffe17075e5c2710e007378034c16ebfef81f667a5ddc19be9910e31df8b74f26c890335cba89eba3173fb59b37105d0a27c921bc2fb4b102d7df7814371e6392a09900dd77b9b3cf19733521a36298f13feb5704aaa8a3a85237cc90aba850bf4c7ec66cbdbc409704ee005ddccb347e409f78ba29925bb25399cb557eab74c4da84466777c0aa3434dd17ccff8f1ae89a810d224d5693dc3f4268f4d7dd1dc9782a63e8e0d73920"], 0x8) setsockopt$inet6_opts(r8, 0x29, 0x3b, 0x0, 0x0) 23:30:48 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:30:48 executing program 1: ioctl$TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000200)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) r1 = fork() ptrace$setopts(0x4206, r1, 0x10001, 0x3d) rt_tgsigqueueinfo(r0, r1, 0x11, &(0x7f0000000180)={0xa, 0x81c, 0xbc12}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet(0x2, 0x3, 0x6) socket$inet_tcp(0x2, 0x1, 0x0) close_range(r2, r3, 0x2) r4 = socket$inet(0x2, 0x1, 0x0) r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x100, 0x0) ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000003200)={0x8, 0xae6, 0x1000}) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f0000000040), 0x4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc018937e, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @in_args={0x4}}, './file0\x00'}) sendmmsg(r6, &(0x7f0000003140)=[{{&(0x7f0000000300)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000380)="52aca7755a45e1bd5cade39f32ba0e7a624f143bd39a65bd59e74acb60aa14c4861676379ceb79f79f147183f84a8891eb71ca3464bd855afbd20e64fbf1492609c7d957cfadf852d4045a00ab3428e07704a866ca387115f3fb98a8fd112321681a0e7c", 0x64}, {&(0x7f0000000400)="56a6cf1a91adf1f727f9282ce7332812b60a5cb97908efa528feaa1cecc71aac31d29a4a26494dbdf31b219703591e88e11ef0c8c8a95ebeba175832ced302f5f133cbd631fbd89d817c0c0d5f123865c8a09681db8aa9", 0x57}], 0x2, &(0x7f00000004c0)=[{0x28, 0x84, 0x4, "c3bccf4327a25d26c0ff48b64521c77fffe886ff9bfab1f2"}, {0x80, 0x118, 0x2, "84f73ee63821493cbfc4c75dd451cd404a2136709dc55f203e2428c422e07318826f6df7290bd1dae23cfa6ca8091f9ca4faa2af6d27a5cd9071f71388a9e84b1b3eeff236a50f811929775a91e9712d184520b92fe1265d6a130bdfa1e3ee8f90067a1bfa55b5dc5d"}], 0xa8}}, {{&(0x7f0000000580)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x40}, 0x80, &(0x7f0000002840)=[{&(0x7f0000000600)="2cc0001d7a44e12b18858f31b57a5d1b07ad1d92ad19e8fdf751c7ce21ff073b36c42139dcbaa35787b605e5e7ea60459341ed780a5f6988", 0x38}, {&(0x7f0000000640)="1425898a7c2a58540ad129e9a5e3815d840a3e8bd262605ba95338bdb9c65999efc714f53dc0b5d9ef722353077563d9ea5494bc240ff33fcd9ede9e35087be5fac66612de37a2c4dcd487ab32c7ca32a7", 0x51}, {&(0x7f00000006c0)="3ff7dc6a5002232e99bbc7420996af7697138a1157360264c9b56dd19fced324985cfc504ea4c373ff694962572cb170903cbe22ccfa9dd59ec0d058ef8ff704e2cea8ad52bf855eebe7a0d9caa2b2a83fd87623a891a308a6e330964aae4cdd2fc4a31eca209953e4f55826c270b0fabe1a6bfb7b8d1da45c1b4e28de3392463af686a84ae8daeff6f09f9c05685265d612a6c28f16a664718ee3c2920386bd8c9631962f9dd7acec7d917edf3db797599867454878b59391691df5f97bf0c1fb911d54edb3ce3b0cc74c9b6c01926ae2290830763a0129b4e1c081c6d7fa3c08f4ca1293697b12f830740df5d61caf6855e18e89f4e82b5b28", 0xfa}, {&(0x7f00000007c0)="fd20849bc056938ca47de66aecdf2264766382ef302aa74082fdfbcc1a38d45069a9e7db60b3209233c1abeef34e827076505848a54c1069126192b6260ca689172cf927d55d86a1cbe223d539bb814b36b3eb63692498b8a02809562acdd9fb14de726d06364b7476d2ed2adc53cd5ba9ce8a015888c5ff3e391cc2", 0x7c}, {&(0x7f0000000840)="32944b9336b88614059b29c29effcbbb50830023b731090f523334f52de6e3d64114e96c8e4e6d38ac0043bea9924812a3b960f1d09875d3791e2c68b267998cd3951914a6a730553132c6567f6b3316b4a55028edbc923ace3295fa5392567d51e65eae7190469bdd9023fe2105a98ea3c5de3673cc1604ee4e0cd29aae365af5df376142aa435998e95d71d14c7a39c306879caef3146164b68d23c9eb49632da30136e4508bd4fb783fb7c226b4279b645ee6a79139a393b586c92151cc38d7043374683be41aaf47b0969b310c066df02a0b31c999395a297615eb9f6c6311cb31f2e33fd3759bdbcfc2c51d6cd770aa8a7585f7178d8276db9ba398aef29c2fcd66e6fda8d76ac2b238850bb544afe305dbcff5da520ea270c8836e58bb4b4788e3f15fde5cced89220dccebfad78f4bd2944057116ca4f09eaa2d92892c0f09690b573b740f41371115d0b8e5cfc8490d72f12a3ace34ed62372cd94114a47eb8a1e7464dd22a8218beaf22e5ce6a34b35c11853d5b184f4958d04c83b9229826bcda56345a1c6faf9502c2c1597ac7790faaaf08cd24e7defdaef4173b4b3c7822ecb47021533f19aeb1686b665bf0ee45fed80020ffca2f49882a87afe96a166db72a3cc0c0ec87ef9965fc20ff3b39bca49ca6e0e97730bbfc0ce88038d75c5cb885d26ded80fe002cac2d1d9744e21220ee714f798d79cdcfdf1bc40199166d63918a9c04322c98ff11a1e69ec87150c330e11eacb55685f91b23e5bdbdc2cb02d7b7c1ef1c646023ef0a3f1fe33eb4c16f797fcf6e2e84aaaa8bac256672a2f7a50e58c9c3d34c6f6a7843c8f7a97e83e39b67f2d303463498ec0f14717c78fb527a8470c1175223d89e4954b6aa2bc2883b710579d4f72cec87071d00fda832e51ffd6f5439e27d5176cf4f31b52044279dd63ce2fad60eab800aab0c01e372b0021be98a4fc5a0e06f61804dcb53fc0061534aa2d452c4194d79cc36e8075a5895e9232fac3f941114b3fddcd1433f176921a19e1632c2ff054a14655f6460ea363576c09455739f9918e8b2a24b9e0e9c1dc6cfcd9cc4c2eef74dbaa3371aee2e28c37509ac291248d219e0039f70fddac5f470c431a5c29f1239c60f051f04ebd599a61f1996b98202e85e60ef64a67d6a59507b2e56ea1016f22f0162b208c9373ccb9a706b78118654dcced224708d35c6738e0cc74e943b309f561959116a3793165b540188e3ea4f622e7bc6a08364bb8d594e37af8d42b1d2e5b029b84518fa3787a1d317b40642ef954dff4441b4fe0dfe5785068d75c8a83d0c6bc836df1d5e08cb9ef46b5843a88ef31dad7e37095bb16caee1f503d048ffa29a49d28be553618375a9e7a7be7f82f98c97b3be287c888c7c27da475c2489ab9973718591413318f5945880019d650a0369a76b1d45be43599adad44560e58ef00e2fff5ce06e7ef530293ae82c00a21f2b0f1df2f2be91d6a0b2324c205dcab9bdce9ba28c506d97a1f38e5d6382a3a1b5f5c55cca620b168f39caea44ab296537145aeb576097ca73f7a75be4312251234832b4a6996a4f874c132f6b3a2263bf0c9167e30c8d2e793522f3b1f0294a4a2006fce99c547f357e9198022d31537e6262812fed7d2d41ee9d25f087b72fa328148718cc225c6ec3e97cc5929cf30dad1b88c14a6db1fd4a467d6226c0f0073039a210a43d647af37fd9c0118a558831ff0810ade5453d3b59ba7a64b22ad5bae805ca4a8e600ca0f4b8bc17c5eeac852312525ef5ede2e729790144ddd32759be688c2741c4859f039c0370e7ba057590f55d1b5f23b8fc6b2210b4d18f51616aa23133229832a9e571d0336b0aa514224daf2242a2fb64b01f1d639cd212ef6039c8cf235cacec07f3bcd7e39de7eb6c85e12fd5aaaf98227d8c8049280144db1ab8e4256aa96b45620f1b5c108f5c1ba7ce52b27c9869660332faab103e7501023c24b25fcd9b6ef902b70f2e261fc9bd0bf3330df13866e008e181e7c0e8cbb2fc4e44674d58d0cc376339bfe8da54d0119937aa6df518b63b97b70d7033638f16de01ac46388ae5d37b8fd25a4ec3400d74a5c6486542e2084be82ad8eced8c516ee594c28ffd2c903a9e6a7feeb52f8d6c2da62412f3d44dfa170a3061832110b9e40c6b68afc1b61db09619f6671c6157b6362fedd2bc1b068e95383c7eecb6c9ba3128bcdca421b35f1b61ed46ce13b4a8dc7fea686504c9cff2ce633caec62bae7a8d32b0d4a8c90d0053a870b16cd1c4c7b52ceda568b6db5d354308b2442479707583ed83530b804757f0a1bb8927e95583e4537172b13a871fad4f0e665029632edaa58650fdb458eeda279d6299cc54435bf8d28bb668c523fb6c941f1719b237bc12ab9b2256c8fc2bc413139408b86ef4b4b50d69b46d082b9f0b697bd8bef6811483e05dfb661a019b569ba3fc8ad1792c3ce5fcc5ca02613bbcec51e3db44d9fd551f399f669d4b6e0d79de9c27736fb5edb4575a31928475ddebbfb88c6a1d8fb976eaed14b75bfa446b7e6be146b1e611f8770dc7c643a877b0aebc3139afb7a2dda55c16c727349f9a9c0ef76c72775718d3ee24d649f301189224b58d7493148ccab86c87e1759efdcc098151a6abc22976ac245a02110cd8aea64a56c8c8f1164060e0c2d63865cd9348227cd0b5fe48349ad1b8c292d2eebbc02c0f695623a4ddbbef9b41eaee20b90314c7eee9c2f9edcfd7484f13e05c95f669405b4fa5aa7f4440b090815db3f4b1c95a6a399f2bd45a581dd7468d0748feb223b456b3d0597a33c913d35d6e2be871285c84477e9b7e39eb1b03c77b4e03ca1640723ef3f51afbe9cc1e47b01f5fe503abca06469121604f58fe5a4bbe45d970543bed40fe07430bf7549767136a267182c3cb412de85d482adb11227d2ab219d1a7b99d784968069983b5fc5674f4967c81bfeeb5d024f3b4a3960e7030d177599f0781a74e5e138b69807d364858d87148e11e93d4f8ce0b028648e1c874f9f17851dfea0cb62ac11e82549ed4c6283974d407a4e5992d41b2ff2f87d470ef4974d7b1a75ffccf0f80a6979798300667de5afd64d07a42d7e0b119cf23805788b3829bf6fe237fb90070c2115dab962df0a86c85cc7983b942c5822d65274d47fd9caaac2ba248bf92dfa4e09e72967725d9751ae099d1082239ad878f174bcdd2e53532f45d1402a8666137a257160f12fde55cca4ee756603d5ec9d197a1264765389d5a1d9c137c11fe5466a4ce35093946f55b0f6e9b02ce134fd250b79606b4294c93f26ee37176b52ef80c3b460e8da653424bd942467007d021b9de93c190f97e1c6d6051c21d649aa7a4412d47535eebd8e0e29959554035b2b266583acfcc0bb88c44c85f6e04b4c31f26d01360d8eda1d2f9d348cf2100c01e75dfdc428953bbbcc061d15d8b3e7f40e356908dbbafdc2646c2109948bc5d15a4a98c5b25b5d1685bc866ee7d13507536f34add09382b582580c5d92f686ba4645f2f16f8cd668f5fcc1f1068ca5fd208034645c1458de464eb82718b750cadebfcaacaa720fa7bdbcbf652e2b0ac56f63590dcd3050a3cac37e304fc57a0e2a255b4bd6d299d7adf78a4142210832c01dab5734992e567e4d290736aed169a5924e8e982c139142331e860ea0bb0fabd4bdd854fa7867f1d62bafcc4c8e90e4cad750282c14f2c17f78a068f67b53565a89a08321aee5bc66ebc1ddbaa6427f87d1a8841662ed4d83720b078ba6c34353a237bedb46900b72fd981db2f66dce0de89a0e91255a86c8d893515a605568af79fcb085988bf7173f7dfcdbc1ff6aa826e22350a0defa1b0528ddf91152596fd8aaafefaaeaf736e4ebfc045885a76af552ab715ee561944032a77f42e83ede93336cbde6683c112bb4e983d4b3f1b7ceb07ed11425cf3f5821a1913a51315ba57a83f87ab4d53cc7d00220630f3efb9c82cc3c12879f5aca8a5164a034710a30e113329a32134124e26418747d063ff67601f75352e2777a23563f96fad018efe6df4735b0a2c556b95e879230cc8802112b83404aa71c5d91c34671fff1d5f9b5a5f4d0036827824e8c0610f565bbd0dd2959c287a6f3280aa72425f325d01a6618d9c758d7fdb0544004b0b13ca3bee4cc881a6c7f438969ea0d32b9222ff6c2ff42b6e3efab2fd9105476fd3ea4c98893924b6f91133915c7a75605123e1d5cd0e0deae0890b1592c392438b8dc1bd56a6a786f367c2cc43649364bf3a8a003e1868e8e8295203343b38029463ca2bbc8a879b36f5a260468d177e2e95bc0a96a7b947892f048edad6663959bc92158d5e00e00705cabafa13828b67f73a96c154ff195e0abb85c80d81fe77964fc9f6eea9b8f2ed5322a6f0a1694fd3ba3528a5ad69aa09a9f93daa70974ba9bc59a59efeff36c612a85e4694d01942696d0417b260a0d254cad573e549c254c21d0883ecb7dfaf269c5709538d0131112047658b041d5cffb5eb9788dca85745fb3922b6b0a8cf684bef4fc145b85f97b13de44ef0b42aaf355b5789e1783f97f1eee14357862674b98d08ca8cc58c8454da9427708d67dd516d06de9d68de3e7a17233ce2c327b9cb8e4d2fc678b5a14dab0b0fb84e134144a772db60558dc43ae9406e115565a28728ea308e9d9c0385341613370cbaed723e029d0e18b0f3de3fa0b5a8f94971826e6bfb9bc057474d04880ca05365547a7b4fabdcf2075c655dd7434532921dd5fdcc2c05ec50d97695d5553d7a05a891cad43be084bcbeb22249e7fa5d9f9bc412515f83ad060154892d3a3c43034322da548798cfd30a8620c5403c565d7af9e12f772c6a6552d34022371dfbe1ed5cedee4133f10098814fccaaa92b950f3519e4f735ee3755a3efac8dc0ecfe3afe346862ce0e4880ba7961e8e9627a03cb69b27788fec7daf2512bf179d9fe5b6d89ee0820d8828a66fa66cc91efbff877c3af5610ea7a749ff7b3a8ca52ae2cfdcbc9584380b4a3ee162cb1c7ac76a9dff57a9e6d8354f9f42f14bead0c0863339c704a1478ea348cce58dd1c58404c49eca362fe220a96b0ec3d9ba621f46f1455f0af77199214ade3bc0ef018263197ef1ea45b178c178a7db6c02b6e84a5420135dec079a68c86011d608c232c75ef2ed2526a7630c75569db817119522e66aa888ab9404f1b8ea29a1d41420dbe3d365cdfff9ffa69dbeb2fee9e3711e342f7631deeb2aa3f59b1f9eb2a0b4f14945d8f479107ab45c126ed2644b2d59e3cef8a8c32df9a80fb32ee9bc486ff968944c9388c0077a584d22bd299bbc744d93f4f0c39ddb0d4d3764de3c119009aa276ed7b1951f9a2d1cc757ae9feef65d41f4c8c0e782065bdc2be744189baea1c3d8d1f10932865d1d2552d75f24babf5377f5c16ad2b46d8e5627c34c370b1f04c56fd1f910d3f0f20e5d95a742591b940cb30dbcc6074bde419105ecddbbfed6175b7282cbaefbfb8f3645d03597ae90aba8ef9e8dbb700daebc81591111bce3c41c46c6c7d3bb0ac14546d3700aea3e1cbd07b2b7a1ef6f61f847aca8ae48cd296144b00878c2006bf4a60b69688397ce239d206ec5fb7a33e65113054f7e11f23790a3f9c10c52f0727653fa3e0ef68897fcc5dc66d781b1ed773d45e99b08e4f1e3948e0ff1a287d1aeec7da1270eddc51f85f1afdd65a126838f736b125f8b67b76af30942505bd5bdfb3065d7880b8117c29fa7ae29e671e968efe248fc906826a35cdc4556a507f513fc4b91e74a05b2d6923e2d", 0x1000}, {&(0x7f0000001840)="e8feff61715b7aef85ade782d9804d6dc56331eee4bee4487d5922b642975ed87b91a6cad6568a6ec1b4641007c618ce3730cfac98bb6b9b947dcc0a8f5ec6abb10c3ad396053a918124ed2cfe6258988c41df454a84e76564d469109fa097920acbd835a9b4754ba0275b23afb3491c5a67f299f3a7d720d2ded15357fec15af5296f83e6748213d415e1e76cd6e7369d395d5a6f916edf3f2b0bc2221e29f934a81a5930fb1caf3e60d152bc743ac9fe0c5f2c5443918f85e78546f91a435be5cfc760758cdbdcbf1f2b8e6e8f638b0af4aea89b88916952e10de8a461ee0d7572ed79aab07c84929276fbb91cfc4bbd16c1d3b140a454951f4c6b8f733f6150650d64dfde7bd2c6b951ea8b50b16550a5724df5664c3e8d60bb35b93d5e897f556cdc15529596dd9cf34fd309ee0d776a88040bcb1e4b5543bbbfec32ae5de6d2de7070708c5da5c7042a27b5b09d0bd5c7fa260dfbfbfc53d95aba55891ce4c44dff4910f3b95f74a85a02aefd2c3a4c24f4c9b6688208662fa602f1454f083722f06f0a0349a39e8ccd4ee634062a2ac01d14921c72b262d152f41a93688fae4a1a3d33aeb5a506fec7cce36370cda5b205984cb92361f601c0c21d6d8275a7baa8f97da4d5408d604847650eea674f374af843af78fd2de42709a176b59f0f432cb98ec0210d4ba31a3b95d464616fb0fb703347794a6ff84d7d6b0a738803005ddc963187e8242e3d0e1645ee4dcd073472bda49b57b7682f502d7735f5c41185ac80cd04a88069fe8614131c84b0bb446421d4ad587d43a279ba7bd775664dd0009b3344eeb11f0015923aa470e31d7058ba763e333705311e636a989c0b373956a1fd80a9e4d5b3db07c24e7f16b332bd2e587012812beaf1618679bde016fb4a542429376c77366d1bbf7c7fd8e4baabdba698c770a81b2b1592e51365fd56234f249d979f8ecfb44db31faa6ff4959e2499128a0f169d6863766e3ba5da5bba0d98594bbd19b1740b39c7e96841ae50d19e77b311e1b84609bf0314d6d21ebe7a57848ede1551fdf0d813effc69b3be286dff4c190dc538648e090d7cc9e0f68de386da1bc1b4c2b7340980e82f54a06d26b76f6e6b285752722bbd152d7dc04e9a63ba8345d7beb3b98129a36cac0e3eea20e5b5690e607522888e722a66f5e1a6663fcf79fdbf750539ee373afe11a4efc9643a1daf7455f38a0a7e47fd4ed38c3cf785229182d0c9ba3e0f582c9fa3e08be1651a8ff1399142a4ecf2c88452c4360c06d0fff4df6efde445e422c6699f796df22c64691c78a64e5e49542b38384c5fcb9ad0d1dbb29ebbdb6024641e4a20f070fa49243e6998e4f86e3ea591def987326a194c658fb0ba609aa4122290a0c07a631ba3b95a42ff0c59b1b9531b411540df2f9f7b0fe92ed4f3e6b0daed09e65f310a6c905867c23a16a6e76cdd13064be1d9a99cd55bafc081612db0b0457cdcdc83d22f39aab03b9029d245436645cfb6b28e663dd97af55f26c070c797919faa4e79356858906dd0253bce5ff86c89d0a4a334da84f83e6d9b993d5bf0d5381cf668c9e98e3cef941694422cd8ed93782bc5ba43415711b2babbf26fe4f360b472bef905bf7e4f9405ac6ca7880b4b63a0a4045616f35f3157ea58001cb350a94ab96fb7e3643116e5bdf9ae8e2a8df341f6a3c0e9896ccea10ea1766c8365fdb8333b744fa9f314b6c6619ff404c624d551e78ce9ae972a2b6cfd02f07ab21d5b7ad2df4d91d15be4f8364bc80d37b0d1366335d91be3c6048d5febe2b2be5b0a443161234f2c2a1635d47884a8752fe5571fb002d7b7cfb4cb807f67231de8493d200a10018a1c3b6fc60afb02958e508e0bf72212f2e9e1fa70bdf6782688fcbb4d6951af4d131ea118f45576a6f1a83e51495854fa208e4ea9ceac117a4f0809313ee700c11f64287dc3350b96ecdfad9dd269766c443484bbf99b4658bccf7d38e50056858e730855562a6839377326777b2f62ebfca343978d8d3e745ac315c78ce4881dc5263890bf40eb2c4d68bfbea9a61a9f2f278aadc312c9483c6796ea2dca67d16a1d759bdd6df1a6f67f89fdf6b25e021fb35aa6ed81591e56160fe22a31d5a160ae7e30340ef74bb2113be8d0c39376f3224e98afb8ba399b19edae0983386438f23dc6ac4bad4c8e2de5f7d01cfeaf508f3580f568f5a3be5323c1b794fb45f57446a979069a8d3634aeccd0c5719b2e2e5d0067cb7566b13109e94ef62e6ba3a23415b2d23757552778cb379825a333c4f98e21dbb5a7b05d3997b90c926ba108fb2bbdd4f7f254f9a4de8deda781224d14d9c34011e81abf0fe64783a40795167ac7213e6bfd0b4a36ba1160f6b6ab4fe4cfece7c91388b1a88fcf0c9c33113771a38ff9170e19fdf8ef4b8423f6b85f63938094780823b632a84de595afb5c46ab686b0a641730221da2b85dc198b2510e480d1cea619b4798ebd7501f308cc20012ff8ccbdbffa1a65f91d9006f84a077e4de85fa0956b81f3cc35f4a95bb11cfc26da45ae7a92bcae9893f006054693b33230b0aa05c26959467a10126617f0d575fa2f1978103bb0aa662b25716172489af4b9b7e9b0078e1a6296cd802764a9c874032638e7943fc269daf570300220f8649193619a59d9ee86c450ba69997112ca50e48d087de99a90c3611f6d887b93e0f1e03b9119aeef8e77c3bd91131ed4c6d59f38a8cb070959768ee8908737be9a65f3f9c6989f0cc1ad0ad44d67d925628dbabbc702f2e72406bdc15fe13f4fa0736617222f36d74b46435ae1dd27c98c2b65e8d0530411c352dae4397f6452cc086311f13a07db820a6a8d947a660fe80b05193f2cf4be2060fe964b63ad8f6d6d2680d4c2a74a813b562c31dac6be3914ad08542a2a99e7d424d0e55fdf0fef228216117cea78ff655a247ae2712124d6a72a8ec05f0ba57c2fc6c0bddd56ce19852f87f365e17f088bd3f092a757913f6bc92499d751add88aefcebf146283ae9f4025969ec3facd12e7adf6ae6ba5b11fc0469129f6ec3514dff0ea8fda086d0f38b1ca357e95d6b9d6651602812e6e2715ea5eea736029a6f21b917ae94a2c87d1429219fe38c519301da63a0af5f1ba1a7292cf383165e1cecddb89b4da093e18f45ebcfe798fa8c5bd8b9e134693c75fbb00bc247ecd68906fbaa067db744524f8b79b88b6cbe7f05e00a1a2bdc913ae47ac4c67d138b6ba7163664dd8fb93b7c1cffc005a53723607eff2a7a67c862479c40d2c6d78f4b690c45b5a374138633afd77102f9689e93a9be58fb630968438eca86f5419f17f345f6243efcaf05ba31d7dd40d9885fbe6c2edd6228bd8804aecec83728500d6db6edf8fb631d4d74a17650d4656333c0bcae5efa7312931fdd32e32b301d3597b6129de1c50b6e129a0d8a306ff9b2cd0c55f890922e51f7461749caaba471b49aeb1f73be557d81c79784c0a2da9cd56c45aeeed71656f65815483d82d354a333d9e9f9b885355734b8055fc811f4a683eee5305bf964796def94cc2dbaf154e381f7e0427cf58796aef4b9b428bfaa38e8f663d7aacedefffc0f5fe44b4777896bf3b08b1c3da46e7b80d15db0d03224a88c8db93b75bbab3b620071814d117473e931a0d93a954b09b5972b0d2d593b78de7869c2a08b73f0f3b62097ac3689eeeb298194188bf3fc72a7abfa685f99a6e4b4ff5e32f8898db9d350b2ed15f94515a44490cad42f1366ebec8b231b0a12d18a46339290175b14ce16a26189cebd9d4122a483aade74c2e970d254e3bed824eb5c37a45a188ac7d2035c55ce9ae1b2ea28e526d12d943f4a4368e37adf0054236a7ae7b71f4ca2524951c788d6b26dd9c8cb18a0604444f50ea15e341e2a94450ba489ae79d416d8b10610f35f818f7c114f84711cb5c8e237bb1152b51ba4dec2c3cbab663de4f744234a68c1d78d993c44cef7f09fdf8ba1875d11db2a1b42dc3cc356c151fea73f6aadadfabff63d219acacb976b230afafddd25cb55b8527e16d4ea911d41927db41418f331f695ccbc022bf53c8c50749fad8c40a41ab7cacc889350ba79963307918e860e84747e3aca5fe849936f0a74136c0513bf8d6cb6e86714f1ea4e6b37e43f60cfc655adcc774267985e0e26b5361b4817b8f05a8ae80275557a147888d5aad9e317218a51f1e631e5db916a531ab1ed6853eba7b0f9c59fe5db67aa40c6aa68d7fbc730b7ef993d701107b58d12842725ace0fc5bdae5e3536f751244491446bc1c594069c723ac040486c273c31d594812219a7346ca9856706496a96fbc3dd48f632430459332eafe97d1e0f8b6ae60c654bf833b170d48cd626ef63a90fbc513c3c80184081ed6b1b6c92411319ceff04226961428ab3c3740b5fc42c0b7b3460acf73ae6b9995c705cb2d5e4d01f9a5ce309b9b0228048c60abbc1736e8345495d40870e70ee19bc7570349c637128c3dbff3e6759b5a4a04f0579597dfee555056974c2360ca99055b98812fa84f4820185e47fb336b4e7ea5d2ebcffa33413a947316dc0ee80d160ee0d87f41cea8068fcd5a7b73ebb93c5447690407031c987c728518e906d1c7e2cd6bd0bd4a6241fad34806e4424e27ba2716d141c476cf857006b96ab63cd0577727f7fc7b976880f4c3dfbe63d617d318326e0f0c224b16b144646ed7a0b3cd8a244ebc81f7f9de1bf764efe54d47e9a969cf691c3a9f1fc8339b5b524ddc13cd2a48bb800a2f7851bffddc25af72ccda2760b32c5c1181ab1720ee742e6efbd74f07dc6c8208ce9b2f04a98e9d1b29159610248f82d2030f839b91f7902df808cdf261038730c2975f3248fd88cb31f4b144862d5fadd87abf8dd0be554502dd8d60ed9840c3773b81ed30a26d16b96fb184519ed504ec2a7a4d27bfbbb31e535f3c7404eb1c071d066786788e302da06f6e7dc64326415a2d42b5075ac3a077a36e27b690794f54d99a1ad3553cffd6fcdc9083a0100e7215bf9f325064ecf0326ef8fac4d15a7d727c0ed4caa5693d1201eb039d21ca72eaf5b59a05307afdda2fd652e7c9fc0086e45a3a3f4b0494249d16b84938a1cda524d4f0fd02c4fc2d90f515fd26eaeabe26eebad760105cd170f4d7d94a993f755c01e0ac61e69ff770b8c54de684c875af875ed8b5186b837cdc6bdfb649142e51ffa8166f0c11cc4480ead442654e1690e45f6a0f242299b9b784c74f32569f6e090ab451ff43365e34867f8633eca35aba180f0b31459e35242393104725a72b7307b8383417bcb37e076d1590773ca251a420677f358a4770c8aacf1478040559124fd5437766a680fa03f31a27cfb89d0f1c4b2b460f835c8d16f7109b883a64b3d8b0c580f6a51bd8b3c86e567d591aedb10637c8c03c924a255944615971641bead99641ac63c0831a1cff14ee5ee17ec65987d401d132f2fb643c71197ffb2bf222187064e1e7890a440bf9c499771328a729dbdd6f557bd58296f19428dd2b9b3ed73844ddec9c305a3f5d1f33cfd7f88f8a28fe068ceb1054a7d93cd4872812a64f4caa400ed455add240790e474ceff00865e13550bb79e40a98e971e3223b7dcc5e7b5549b1a44fa0e2547b93b87d713c16b3e97a8097f1314b1d81ced876fae2705d7aa1a63c61ab663a40aa0012d14dda27d13300d970151402ce99f1d228604d27fb4af8097d5663ba4d02e1ed71d9f4bbecc3e0a7dc7dc9a5a076e2542f18a8a6ed1bad409e22a278b8ecc1ca922077055843f0dd9ff2e8939518d6a0df5", 0x1000}], 0x6, &(0x7f0000003240)=ANY=[@ANYBLOB="d800000000000000ff0000008100000087a05a01a3a13a95b671c67a3664c4276c12b423997d37c4ab9160b24434068f209054d0575879908c621b953cbd78805a76c3ac65a2a4d3000197da2fda7d0f46bf94a2fe179be0add1a42d4cdc518738d6458d4542de7279dca4b61b1e56a517420982964a50c552ebd870ec663274a63e9c108580d076b77755e0f344fb4ec3606e654dde264dec8bfc83cca924bcaadcf702d12fc3d8f264e565c402a540123977cbec8772cc9a6fa94e0a79d9f6665fd39d6716c8575d9b829e8b06f1ef31a1ea8cc07433ebe3b21296fd4429c4074d5257592f2303149e2a71f22b173bd8faeb764e97ca9cbb107045c5f6d4ab6c1e1baf"], 0xd8}}, {{&(0x7f00000029c0)=@rc={0x1f, @any, 0xe5}, 0x80, &(0x7f0000002bc0)=[{&(0x7f0000002a40)="052e0633366ebc911246fb875fd8574b6edcb10bebd97b3c9cdebc0a4f9fea9dd2a836fb1067e072f8af549494e1004e3ee760cec4c6aa47a50320239c78f8fe0ac31043e06b38336d4f4b282876dbcd", 0x50}, {&(0x7f0000002ac0)="6beca8cd631506fd82c012e730fba68ee2940075f337ad4418cddcfde6798cd008f7391a1598ad1bee8716736085d1ab2fb96ad2fcb793453842ea0478f358bc744c8e17d7e9eb8b300e87b97bf45c14a02ac19013000ec6137eb7990c9955c6230e0895672e19ce3d7f979841f7bac0c5d7d3b8aae5a1e3e54dfb48d0f3a1457cf2d1ef6067b81cd035decdc10b5fc0e3c2f3ec5fee80f66d8a07784e45f6f6435fb5dd797bda8195971cd44c64f40912461e82e1851757bc5386fe388f9cd710b34a836d6a2f3483f70d005c2218f714d2068fdee1a77fbe37647c8d1be5d9439212b9219fe24e72b61a", 0xeb}], 0x2, &(0x7f0000002c00)=[{0xd0, 0x113, 0x7a9, "1843bdd7011bc0a848d28d74be706a1a00653bdda4c074cfd3f4efa4d31a2be21a588680e59bbc942eff2d893bae25c3766d39bda4a66cbf9dc7a3984c40af0fb6ce612872e5c570dc9877eef70960affdb99c8dd5f339f81f788a2d2091bf2f180e4b4bb58e31b623aca83dcb3f93d82d5cb8fff86bf60e092d415ef34b4dc5562ce4f5d25ca684a55dd7317e356c86d18d5e38388fcdb824db39d8a48303aa840c5d1ce540b439ab63b4ce733a68d9cad8bdaaabd56aaca2"}, {0x58, 0x10a, 0x7, "66c539d51f10e7c6ebdc5a62949938af5b895e8280e4f216b93aad5ced746030c0800ddc29632b617f3285af27951e78a7a64e777df5746f11c28e811bca8541c5f4ba"}, {0x58, 0x107, 0x7a7488a0, "ede98f99f00b6fd3acae23b9167fec01bc7bf6039d0627af821dcf8f2512b454998b686c170643cac3bbe9b8a70dc192726c5251fda349e7c2161f803b7c08a387f8"}, {0x70, 0x116, 0x3e, "14b4d92e4a8ea7aa5b59ed55991c91bea6e98908f0a41023a2da5d4c7a62c126dcfd8f258cc778815df01c6ac01f71ffc4e61bad841ee48f0dc6c409b30bbc25796872bc0f01444cac727be2f2f201e5642e83cdbaddff13d082453c25c152"}, {0xc0, 0x88, 0x400, "d02a55aa658cd9f4d87b2f72e14cab338a708b2aae7fc0f0a44201c98852ab58edbd8c2875da146feb050455f7704ef1a759aa56682f794ad83bd8d6035ea25add452a7a0099ba49d4bf820ceaa48a4d0cf32b4a1e88873901bb9528ceec16526ae58736a49bd2db000d08bcbea509fdf4d3ea75f8e0a8eb79f10299fdf3b9fb01b7a2d1ebcb98948d2dfb9ad030bea532813a80a1b8e648476c916ffb4cd852a2dbc2be00e5949975"}, {0x108, 0x107, 0xffffff80, "648e2f75af42d8c73a279dfc8a188f87056f75ebfca411f84be826ca701c2a9b51bc0ee67c3e5c1a3be756c9e224cb70c51e01eec625f1f5e93eba76cb1f5e9e6326eec4c8e72d552e769189eb187f78b43e61d321b2eca02806de3db02638c3c41284a533534d1a244fb68d1a10360c9ba531587bad2d3d211f93559656013284c04455b2a6be6d6ff41c61ad7108ac963f84ae5ae9bec9497eb43fdac3b2b0f443a8574067ff015ec4fa69e09faa4e480747dee4f953306c49d81a0d1c551d427929778bfe302eb7cc8c75efb4fa39a69ca5ce12da240014aba07d7facee5e8fa4cc17aa35f5e9b9b9c37c43a0efe3a5cfd8e05c9ddfce"}, {0x88, 0x101, 0xfff, "88e5e4565a01642ba06e475392eff79c8cb685a38af61156a497da22fa71c2c7e99fedf8bb6208a606ec25ce22497eabedd973dba2ebc7fa7041387f49f469909570804ae23fd7d60789c648286c1693d4eb8907b27bf1f34a11f47c08d9cb294ba310ddbd92c7feaeafea1ede7296a389c36114df2d03c1"}, {0x18, 0x113, 0xcc70, "118557"}, {0xc8, 0x112, 0x100, "ab1addb3422f74b0c2db913d23df47731aa809ea3f4f8ca5ccbed7c921b3aa34e93486948f1f6a3fec4949a76d4bff885906654282f6698c2e7f2ecc826f7f205e2536cc57e474847ed87da51639c65af2f1caf78045a8a864634f2394da7f36c5adeec66228761da78a6d092b8af621626dfd9396dd7ddca11e9834478aee544ed54fa0984fef3f0be1f9358aa93e9f8caeb3278f6272b6889fbd61bad0ab9eeee34227a8a50b176ab6101be8254c2e45c689"}], 0x520}}], 0x3, 0x4800) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r7, &(0x7f0000000080)={&(0x7f0000000000)={0xa, 0x4e23, 0x800000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c, 0x0}, 0x20048005) 23:30:48 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 23:30:48 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) 23:30:48 executing program 0: syz_emit_ethernet(0x178, &(0x7f0000000300)={@empty, @empty, @val={@val={0x9100, 0x5, 0x0, 0xffe}, {0x8100, 0x5, 0x1, 0x2}}, {@x25={0x805, {0x0, 0x7, 0xcb, "9181d88d883125eda8d0961908fb4936b99f35ee055dfea61d5007f493671883b681f61b4587fd448fd6460d7c4db4ca106c8d6e8dc43cae4522b1bb4107e2e3fe4ff5cb398bc5a26172b668a9120cb3ff5e38ba397e0574ad39c00c131a592fa2502459e86693ae2ec890d6b835a9bf9c2a09b26a36df15efaf98bcb0db37889828e5900470b9063684cb6ea93417ddd44bd2a1bacf27ab1672d3f7f03755e684305e5ff3220206ad5d91e9d083fb4bdc0d0164bf2daeb0a0261defd9f3e3322960989a7c136366da4717a029a35e664440701cb3c9ff55f5d2d449692663aa57d3d59d506844b3d927a61eb1c59fc8719dff29f7a85891dfc8ab680fb8b0467d7ed3a52518e98d3dd86623fc0898a0f05ffaf6df852e8f9bec49e6cf0b68fab155d3a32c92c124e81276f79b7f55cba895586f779bc60ad7dc2d406232f5fec769a458c68eea4778c93d4067a55ecd4eadcc047952e5a52cb6d43c4c5c93"}}}}, &(0x7f0000000140)={0x1, 0x7, [0x426, 0xb1a, 0x94a, 0x952]}) syz_extract_tcp_res$synack(&(0x7f0000000180), 0x1, 0x0) 23:30:48 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000002600210c00000000000200001b1f00020400000000000000", @ANYRES32], 0x2c}}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x78, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'macvlan1\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xffff7fff}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x81}]}, 0x78}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) [ 1666.537442] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1666.542134] FAULT_INJECTION: forcing a failure. [ 1666.542134] name failslab, interval 1, probability 0, space 0, times 0 [ 1666.543575] CPU: 0 PID: 9475 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1666.544427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1666.545515] Call Trace: [ 1666.545887] dump_stack+0x107/0x167 [ 1666.546345] should_fail.cold+0x5/0xa [ 1666.546824] ? create_object.isra.0+0x3a/0xa20 [ 1666.547398] should_failslab+0x5/0x20 [ 1666.547896] kmem_cache_alloc+0x5b/0x310 [ 1666.548406] create_object.isra.0+0x3a/0xa20 [ 1666.548951] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1666.549592] kmem_cache_alloc_bulk+0x168/0x320 [ 1666.550172] io_submit_sqes+0x6fe6/0x8610 [ 1666.550719] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1666.551342] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1666.551980] ? find_held_lock+0x2c/0x110 [ 1666.552490] ? io_submit_sqes+0x8610/0x8610 [ 1666.553038] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1666.553647] ? wait_for_completion_io+0x270/0x270 [ 1666.554254] ? rcu_read_lock_any_held+0x75/0xa0 [ 1666.554830] ? vfs_write+0x354/0xb10 [ 1666.555297] ? fput_many+0x2f/0x1a0 [ 1666.555770] ? ksys_write+0x1a9/0x260 [ 1666.556246] ? __ia32_sys_read+0xb0/0xb0 [ 1666.556759] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1666.557410] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1666.558052] do_syscall_64+0x33/0x40 [ 1666.558515] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1666.559153] RIP: 0033:0x7f33fff70b19 [ 1666.559634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1666.561999] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1666.562947] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1666.563859] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1666.564390] FAULT_INJECTION: forcing a failure. [ 1666.564390] name failslab, interval 1, probability 0, space 0, times 0 [ 1666.564748] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1666.564757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1666.564764] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1666.569049] CPU: 1 PID: 9470 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1666.569932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1666.570989] Call Trace: [ 1666.571349] dump_stack+0x107/0x167 [ 1666.571834] should_fail.cold+0x5/0xa [ 1666.572318] ? create_object.isra.0+0x3a/0xa20 [ 1666.572893] should_failslab+0x5/0x20 [ 1666.573372] kmem_cache_alloc+0x5b/0x310 [ 1666.573881] ? mark_held_locks+0x9e/0xe0 [ 1666.574392] create_object.isra.0+0x3a/0xa20 [ 1666.574945] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1666.575603] kmem_cache_alloc_bulk+0x168/0x320 [ 1666.576184] io_submit_sqes+0x6fe6/0x8610 [ 1666.576725] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1666.577351] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1666.577959] ? find_held_lock+0x2c/0x110 [ 1666.578472] ? io_submit_sqes+0x8610/0x8610 [ 1666.579028] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1666.579651] ? wait_for_completion_io+0x270/0x270 [ 1666.580260] ? rcu_read_lock_any_held+0x75/0xa0 [ 1666.580841] ? vfs_write+0x354/0xb10 [ 1666.581308] ? fput_many+0x2f/0x1a0 [ 1666.581771] ? ksys_write+0x1a9/0x260 [ 1666.582252] ? __ia32_sys_read+0xb0/0xb0 [ 1666.582768] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1666.583426] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1666.584089] do_syscall_64+0x33/0x40 [ 1666.584561] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1666.585205] RIP: 0033:0x7fa048f33b19 [ 1666.585672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1666.592004] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1666.592955] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1666.593844] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1666.594731] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1666.595638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1666.595837] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1666.596527] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1666.617738] FAULT_INJECTION: forcing a failure. [ 1666.617738] name failslab, interval 1, probability 0, space 0, times 0 [ 1666.619231] CPU: 0 PID: 9468 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1666.620099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1666.621132] Call Trace: [ 1666.621545] dump_stack+0x107/0x167 [ 1666.622004] should_fail.cold+0x5/0xa [ 1666.622487] ? create_object.isra.0+0x3a/0xa20 [ 1666.623065] should_failslab+0x5/0x20 [ 1666.623562] kmem_cache_alloc+0x5b/0x310 [ 1666.624084] create_object.isra.0+0x3a/0xa20 [ 1666.624633] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1666.625275] kmem_cache_alloc+0x159/0x310 [ 1666.625807] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1666.626514] idr_get_free+0x4b5/0x8f0 [ 1666.627005] idr_alloc_u32+0x170/0x2d0 [ 1666.627508] ? __fprop_inc_percpu_max+0x130/0x130 [ 1666.628124] ? lock_acquire+0x197/0x470 [ 1666.628627] ? __kernfs_new_node+0xff/0x860 [ 1666.629178] idr_alloc_cyclic+0x102/0x230 [ 1666.629701] ? idr_alloc+0x130/0x130 [ 1666.630167] ? rwlock_bug.part.0+0x90/0x90 [ 1666.630709] __kernfs_new_node+0x117/0x860 [ 1666.631239] ? mark_held_locks+0x9e/0xe0 [ 1666.631782] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1666.632378] ? cpumask_next+0x1f/0x30 [ 1666.632856] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1666.633440] ? pcpu_alloc+0x12a/0x1240 [ 1666.633931] kernfs_new_node+0x18d/0x250 [ 1666.634440] kernfs_create_dir_ns+0x49/0x160 [ 1666.634995] cgroup_mkdir+0x318/0xf50 [ 1666.635487] ? cgroup_destroy_locked+0x710/0x710 [ 1666.636135] kernfs_iop_mkdir+0x14d/0x1e0 [ 1666.636658] vfs_mkdir+0x493/0x750 [ 1666.637110] do_mkdirat+0x150/0x2b0 [ 1666.637567] ? user_path_create+0xf0/0xf0 [ 1666.638088] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1666.638742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1666.639389] do_syscall_64+0x33/0x40 [ 1666.639876] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1666.640515] RIP: 0033:0x7f3666038b19 [ 1666.640979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1666.643272] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1666.644246] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1666.645135] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1666.646030] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1666.646918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1666.647832] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:31:03 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c6530"]) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r5}}, 0x8) dup3(r1, 0xffffffffffffffff, 0x0) r6 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r6, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r8 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = openat(r8, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r7, r9, 0x0, 0x100000001) r10 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r7, r10, 0x0, 0x80000001) 23:31:03 executing program 1: openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, 0x0) sched_getattr(0x0, &(0x7f0000000040)={0x38}, 0xfffffffffffffdd0, 0x0) ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "e35e91852b1941028300000000000000002000"}) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) fcntl$setlease(r0, 0x400, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000080)={0x1, 0x8, 0x9}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = dup(r3) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f0000000080)={@local, 0x78, r6}) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r6}) sendfile(r1, r0, 0x0, 0x4000007ffffffc) 23:31:03 executing program 4: ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000540)) pipe(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xe, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x4e21, @multicast2}, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3df, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r2 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc244, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x2, @perf_config_ext={0x2, 0x6}, 0x0, 0x0, 0xfffffffd, 0x2, 0x0, 0x2, 0xffff, 0x0, 0x2}, 0x0, 0x3, 0xffffffffffffffff, 0x3) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r2, 0x40189429, &(0x7f0000000080)={0x1, 0x5, 0x2}) fstatfs(r1, &(0x7f0000002e00)=""/4102) r3 = creat(&(0x7f00000001c0)='./cgroup/cgroup.procs\x00', 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r1], 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f00000009c0)=ANY=[@ANYBLOB="04001b0000ce7c00cd97d723f5bd14b2e26fa82a4f7f8945ae13f8c51ab684c8e62ebeef1081452d57bfa1f641e5af396f4e2c68036e9988c1755e35e7a09934208d28305ed2fcca68ed59183fed04f085402a7f3911c95b760063c687f17667de280cb61e9c1c98fd525244f8e4b4fe6bb43ffa15aafdbf649512d59ecf98f66b19d7bd4cda094822781974418c375f1b849f069e00e2b761df9e4e576ac32264bcda821d7e0aba2d72f1341654a2", @ANYRESOCT=r3, @ANYBLOB="00042abdd200fcdbdf25070000000800320000040000080031000920000008000b31000400000000000000000000000000000000000067bb80e29b3eca71df776d6cc88280429b6e4b7b8d525c54ebcfee66da90deb82adea6679f1a6f578fb52bd7b21469f4770b1b653ab691033e519674480bc7c6e79e4e96a878a006d03e3dfed7abdd0307c944d0ce9df10217bd9592947dfe261134245abc107efd55348223281b255e2657f752d1d42613306890b90d82cf2545d40080065eb81238dd005ddaaadbaf505defbe7c61fc0f920400000000000000db5fc0e05968d7b6c3343485ad8f216fe745fbcf07d7ac0b7480700500008209c68bd14802e817b22be0c7a84e432e0e1e30ccc37d071c34a23c0c4a01000000000000462acd501091c3753751e7b77814ca23caa130d5a7d0a92ae4a73b7eecfe23ee49c46fad55d09e53f52f0078954a00"/339], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20004800) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) sendmsg$NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000425bd7000ffdbdf257b0000000a00060008021100000000001400fe00fa3ed6c06a593ffc7441039f16a67095cc53da09000000000000001100000000b744a2dd00ffffffffffff0000"], 0x4c}, 0x1, 0x0, 0x0, 0x811}, 0x40) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000002c0)={0xfffffffffffffffe, 0xf4, 0xfffffffffffffff9}) ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd}) 23:31:03 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:31:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 23:31:03 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) 23:31:03 executing program 0: syz_genetlink_get_family_id$nl80211(&(0x7f0000001180), 0xffffffffffffffff) syz_mount_image$nfs4(&(0x7f00000017c0), 0x0, 0x0, 0x1, &(0x7f0000002c40)=[{0x0}], 0x0, &(0x7f0000002d00)={[{'/dev/full\x00'}], [{@smackfshat={'smackfshat', 0x3d, '@^--'}}]}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = fsmount(0xffffffffffffffff, 0x0, 0x84) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)={0x24, r4, 0x109, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)={0x144, 0x0, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x0, 0x3c}}}}, [@NL80211_ATTR_VENDOR_DATA={0x45, 0xc5, "5afa4f6a9415664cc128b88810c4b9de2ddccf3739ed8267b0381fbe41c6313faf9b9fe91b2afb282d2e5d70eaa785743e77157b4d7f3a123e38dfb25fd07f4db1"}, @NL80211_ATTR_VENDOR_DATA={0xcb, 0xc5, "bdba2c952ecde8eea9adf4a3b3bfb28fdb1bfd9600ad27ea14edd3e7f370c1d6e099baa741cd185a6febd9d48d805e3c2433ed1f97d19fa1749d969bc736e22d3a1f7f5a356fe88e27b5f466809a35619e62c9f7ec193992a2b0a3c61142b0cdab566ac9952582bdef37023633f72e71024f33e808ea0516625532aacad7785adcd1a121948cf0729837a08da6222695ee6213e30872a546d2059376a44558df8621cdf5e127413c48ce3d3c6acb8e75af81aa264ce663e2c6821ba1383c2d06ddcb3ea961cab3"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x6}]}, 0x144}, 0x1, 0x0, 0x0, 0x800}, 0x44000) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)={0x8c, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x10000, 0x11}}}}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x6b}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x10000000, {0x6, 0x3, 0x10f3, 0x8}}}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x81}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x10, 0x2, 0x6, 0x0, {0x9, 0x1f, 0x0, 0x379, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x8, 0xbc, 0x1}}, @NL80211_ATTR_USE_MFP={0x8}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_WANT_1X_4WAY_HS={0x4}]}, 0x8c}, 0x1, 0x0, 0x0, 0x95d6d4eceaa3e686}, 0x20000800) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r1, r0, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xfffffee3, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r6, 0x400, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7ff}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @random="ca8c1282a351"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10080}, 0x40) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000240)={@in={{0x2, 0x4e23, @rand_addr=0x64010101}}, 0x0, 0x0, 0x1f, 0x0, "8c0c42cba959439ac644a501fcd7d5357c1c091182466513d97491ef594e5cb068a5dae5639c9ef718e7e8345ff005149300afb3db654e48dfa3440c0c1e2808fb9ffb09aefab61f51cdbea851c239b6"}, 0xd8) 23:31:03 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 22) [ 1681.343052] FAULT_INJECTION: forcing a failure. [ 1681.343052] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.344979] CPU: 1 PID: 9506 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1681.346629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1681.347549] FAULT_INJECTION: forcing a failure. [ 1681.347549] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.348813] Call Trace: [ 1681.348834] dump_stack+0x107/0x167 [ 1681.348849] should_fail.cold+0x5/0xa [ 1681.348865] ? create_object.isra.0+0x3a/0xa20 [ 1681.348881] should_failslab+0x5/0x20 [ 1681.348894] kmem_cache_alloc+0x5b/0x310 [ 1681.348907] ? mark_held_locks+0x9e/0xe0 [ 1681.348923] create_object.isra.0+0x3a/0xa20 [ 1681.348933] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1681.348951] kmem_cache_alloc_bulk+0x168/0x320 [ 1681.348969] io_submit_sqes+0x6fe6/0x8610 [ 1681.349004] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.349015] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.349031] ? find_held_lock+0x2c/0x110 [ 1681.349048] ? io_submit_sqes+0x8610/0x8610 [ 1681.349069] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1681.349086] ? wait_for_completion_io+0x270/0x270 [ 1681.349102] ? rcu_read_lock_any_held+0x75/0xa0 [ 1681.349113] ? vfs_write+0x354/0xb10 [ 1681.349126] ? fput_many+0x2f/0x1a0 [ 1681.349140] ? ksys_write+0x1a9/0x260 [ 1681.349153] ? __ia32_sys_read+0xb0/0xb0 [ 1681.349169] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1681.349182] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.349197] do_syscall_64+0x33/0x40 [ 1681.349210] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1681.349219] RIP: 0033:0x7fa048f33b19 [ 1681.349232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.349239] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1681.349254] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1681.349261] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1681.349269] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.349276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.349283] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1681.385412] CPU: 0 PID: 9505 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1681.386472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1681.387760] Call Trace: [ 1681.388184] dump_stack+0x107/0x167 [ 1681.388752] should_fail.cold+0x5/0xa [ 1681.389351] ? create_object.isra.0+0x3a/0xa20 [ 1681.390063] should_failslab+0x5/0x20 [ 1681.390658] kmem_cache_alloc+0x5b/0x310 [ 1681.391292] ? mark_held_locks+0x9e/0xe0 [ 1681.391920] create_object.isra.0+0x3a/0xa20 [ 1681.396610] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1681.397409] kmem_cache_alloc_bulk+0x168/0x320 [ 1681.398153] io_submit_sqes+0x6fe6/0x8610 [ 1681.398820] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.399587] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.400348] ? find_held_lock+0x2c/0x110 [ 1681.400985] ? io_submit_sqes+0x8610/0x8610 [ 1681.401636] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1681.402384] ? wait_for_completion_io+0x270/0x270 [ 1681.403130] ? rcu_read_lock_any_held+0x75/0xa0 [ 1681.403846] ? vfs_write+0x354/0xb10 [ 1681.404426] ? fput_many+0x2f/0x1a0 [ 1681.404976] ? ksys_write+0x1a9/0x260 [ 1681.405562] ? __ia32_sys_read+0xb0/0xb0 [ 1681.406182] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1681.406992] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.407789] do_syscall_64+0x33/0x40 [ 1681.408349] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1681.409136] RIP: 0033:0x7f33fff70b19 [ 1681.409715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.412534] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1681.413714] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1681.414816] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1681.415906] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.416867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.417812] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:31:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) [ 1681.496406] FAULT_INJECTION: forcing a failure. [ 1681.496406] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.498087] CPU: 0 PID: 9513 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1681.498997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1681.500096] Call Trace: [ 1681.500547] dump_stack+0x107/0x167 [ 1681.501060] should_fail.cold+0x5/0xa [ 1681.501627] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1681.502515] should_failslab+0x5/0x20 [ 1681.503284] kmem_cache_alloc+0x5b/0x310 [ 1681.503868] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1681.504552] idr_get_free+0x4b5/0x8f0 [ 1681.505001] idr_alloc_u32+0x170/0x2d0 [ 1681.505468] ? __fprop_inc_percpu_max+0x130/0x130 [ 1681.506097] ? lock_acquire+0x197/0x470 [ 1681.506626] ? __kernfs_new_node+0xff/0x860 [ 1681.507206] idr_alloc_cyclic+0x102/0x230 [ 1681.507761] ? idr_alloc+0x130/0x130 [ 1681.508269] ? rwlock_bug.part.0+0x90/0x90 [ 1681.508840] __kernfs_new_node+0x117/0x860 [ 1681.509402] ? mark_held_locks+0x9e/0xe0 [ 1681.509946] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1681.510569] ? cpumask_next+0x1f/0x30 [ 1681.511082] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1681.511704] ? pcpu_alloc+0x12a/0x1240 [ 1681.512245] kernfs_new_node+0x18d/0x250 [ 1681.512794] kernfs_create_dir_ns+0x49/0x160 [ 1681.513385] cgroup_mkdir+0x318/0xf50 [ 1681.513901] ? cgroup_destroy_locked+0x710/0x710 [ 1681.514539] kernfs_iop_mkdir+0x14d/0x1e0 [ 1681.515091] vfs_mkdir+0x493/0x750 [ 1681.515574] do_mkdirat+0x150/0x2b0 [ 1681.516077] ? user_path_create+0xf0/0xf0 [ 1681.516631] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1681.517332] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.518012] do_syscall_64+0x33/0x40 [ 1681.518511] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1681.519193] RIP: 0033:0x7f3666038b19 [ 1681.519690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.523788] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1681.525875] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1681.527807] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1681.530273] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.532549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.534786] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1681.589129] FAULT_INJECTION: forcing a failure. [ 1681.589129] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.592941] CPU: 1 PID: 9520 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1681.594634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1681.596835] Call Trace: [ 1681.597586] dump_stack+0x107/0x167 [ 1681.598475] should_fail.cold+0x5/0xa [ 1681.599412] ? create_object.isra.0+0x3a/0xa20 [ 1681.600541] should_failslab+0x5/0x20 [ 1681.601468] kmem_cache_alloc+0x5b/0x310 [ 1681.602460] ? mark_held_locks+0x9e/0xe0 [ 1681.603452] create_object.isra.0+0x3a/0xa20 [ 1681.604675] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1681.606159] kmem_cache_alloc_bulk+0x168/0x320 [ 1681.607492] io_submit_sqes+0x6fe6/0x8610 [ 1681.608739] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.610193] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.611594] ? find_held_lock+0x2c/0x110 [ 1681.612793] ? io_submit_sqes+0x8610/0x8610 [ 1681.614050] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1681.615451] ? wait_for_completion_io+0x270/0x270 [ 1681.616871] ? rcu_read_lock_any_held+0x75/0xa0 [ 1681.618221] ? vfs_write+0x354/0xb10 [ 1681.619301] ? fput_many+0x2f/0x1a0 [ 1681.620374] ? ksys_write+0x1a9/0x260 [ 1681.621547] ? __ia32_sys_read+0xb0/0xb0 [ 1681.622727] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1681.624287] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.625800] do_syscall_64+0x33/0x40 [ 1681.626878] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1681.628383] RIP: 0033:0x7fa048f33b19 [ 1681.629458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.634866] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1681.637102] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1681.639189] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1681.641378] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.643458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.645698] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:31:03 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:31:03 executing program 1: openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, 0x0) sched_getattr(0x0, &(0x7f0000000040)={0x38}, 0xfffffffffffffdd0, 0x0) ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "e35e91852b1941028300000000000000002000"}) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) fcntl$setlease(r0, 0x400, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000080)={0x1, 0x8, 0x9}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = dup(r3) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f0000000080)={@local, 0x78, r6}) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r6}) sendfile(r1, r0, 0x0, 0x4000007ffffffc) 23:31:03 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x58, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0) syz_io_uring_setup(0x3550, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0xfffffffffffffffc}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000001a00)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000019c0)={&(0x7f0000000440)=@l2, 0x80, &(0x7f0000001900)=[{&(0x7f0000000640)=""/222, 0xde}, {&(0x7f00000003c0)=""/2, 0x2}, {&(0x7f0000000500)=""/112, 0x70}, {&(0x7f0000000740)=""/128, 0x80}, {&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/166, 0xa6}], 0x7, &(0x7f0000001980)=""/63, 0x3f}, 0x0, 0x40000002, 0x1, {0x2}}, 0xdc4c) r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) mount$9p_rdma(&(0x7f0000000200), &(0x7f0000000240)='./mnt\x00', &(0x7f0000000280), 0x4010444, &(0x7f0000000340)={'trans=rdma,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@timeout}, {@sq={'sq', 0x3d, 0x9}}]}}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000580)=ANY=[@ANYBLOB="37b50b7f09c124e5237bd827a5ff3c85f44cc2197d7a1336652365a1eef58b8c42f6874e14c5097a38a26b9f2741b75f9a958021021141fef703aa8daff58dc6938dc5f7b7cdefe372668b1f8ac9983fac658810693ba952f49103a13ed5a59dc648108a743a0eafa62d5518eec424887ccf890f08dc28a27068da03e30ad7cf253faa327105ba6764bbfe0a2caee0fafd85d05371be674f7604ff5f06be1c691c9f659f3609c6066ea410", @ANYRES32=r0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00./file1\x00']) chdir(&(0x7f0000000300)='./file2\x00') futimesat(0xffffffffffffffff, &(0x7f0000000000)='./mnt\x00', 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) fcntl$notify(r3, 0x402, 0x180000030) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x5, 0x0, 0x0, @ipv4=@empty}]}, 0x24}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x10001, 0x0) stat(&(0x7f0000000400)='./file1\x00', 0x0) rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f00000001c0)='./file0\x00') [ 1681.764309] FAULT_INJECTION: forcing a failure. [ 1681.764309] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.767437] CPU: 0 PID: 9531 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1681.768487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1681.769760] Call Trace: [ 1681.770178] dump_stack+0x107/0x167 [ 1681.770743] should_fail.cold+0x5/0xa [ 1681.771344] ? create_object.isra.0+0x3a/0xa20 [ 1681.772073] should_failslab+0x5/0x20 [ 1681.772669] kmem_cache_alloc+0x5b/0x310 [ 1681.773289] create_object.isra.0+0x3a/0xa20 [ 1681.773982] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1681.774776] __kmalloc_track_caller+0x177/0x370 [ 1681.775527] ? sidtab_sid2str_get+0x17e/0x720 [ 1681.776243] kmemdup+0x23/0x50 [ 1681.776762] sidtab_sid2str_get+0x17e/0x720 [ 1681.777444] sidtab_entry_to_string+0x33/0x110 [ 1681.778162] security_sid_to_context_core+0x33c/0x5d0 [ 1681.778974] selinux_kernfs_init_security+0x239/0x4c0 [ 1681.779789] ? selinux_file_mprotect+0x610/0x610 [ 1681.780548] ? find_held_lock+0x2c/0x110 [ 1681.781199] ? __kernfs_new_node+0x2ad/0x860 [ 1681.781841] ? rwlock_bug.part.0+0x90/0x90 [ 1681.782426] security_kernfs_init_security+0x4e/0xb0 [ 1681.783108] __kernfs_new_node+0x531/0x860 [ 1681.783676] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1681.784326] ? cpumask_next+0x1f/0x30 [ 1681.784840] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1681.785459] ? pcpu_alloc+0x12a/0x1240 [ 1681.785987] kernfs_new_node+0x18d/0x250 [ 1681.787289] kernfs_create_dir_ns+0x49/0x160 [ 1681.787956] cgroup_mkdir+0x318/0xf50 [ 1681.788540] ? cgroup_destroy_locked+0x710/0x710 [ 1681.789234] kernfs_iop_mkdir+0x14d/0x1e0 [ 1681.789861] vfs_mkdir+0x493/0x750 [ 1681.790402] do_mkdirat+0x150/0x2b0 [ 1681.790948] ? user_path_create+0xf0/0xf0 [ 1681.791560] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1681.792451] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.793275] do_syscall_64+0x33/0x40 [ 1681.793795] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1681.794620] RIP: 0033:0x7f3666038b19 [ 1681.795237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.801427] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1681.803101] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1681.809110] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1681.810208] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.811422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.812613] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:31:03 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 23) 23:31:03 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff1200000000000000000000000000010200907800000000600009e60000000000000000000000000000ffffac1e0001fe8000000000000000000000000000bb"], 0x0) syz_emit_ethernet(0xf, &(0x7f0000000080)=ANY=[@ANYBLOB="00000802c2ff3d63f2ccde0000000000000000"], &(0x7f0000000180)={0x1, 0x4, [0x108, 0xb7e, 0xd85, 0xf2f]}) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) r0 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9ff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff01, 0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xd2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() setpgid(0x0, r1) perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0x8, 0x7f, 0x1, 0x7a, 0x0, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x7ffd, 0x2, @perf_bp={&(0x7f00000001c0), 0x2}, 0xc300, 0x4, 0x1ff, 0x4, 0xfffffffffffffff9, 0x4, 0x7fff, 0x0, 0xffff0001, 0x0, 0x2f}, r1, 0x4, r0, 0x2) ptrace(0x8, r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000100)={@local, @random="a28c3ffb4f19", @val={@val={0x9100, 0x6, 0x0, 0x4}, {0x8100, 0x0, 0x1, 0x4}}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @multicast, @multicast2, @random="218cad541720", @local}}}}, &(0x7f0000000140)={0x1, 0x1, [0xb65, 0x6cb, 0xe93, 0x2f8]}) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x412100, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000237}, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$usbmon(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x50111, 0xffffffffffffffff, 0x3) ptrace$getenv(0x4201, r1, 0xba, &(0x7f0000000200)) mmap$usbmon(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xe, 0x80010, 0xffffffffffffffff, 0x5) perf_event_open(&(0x7f0000000280)={0x2, 0x80, 0x1, 0x5, 0xff, 0x81, 0x0, 0x2b, 0x81840, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x5, 0xeb}, 0x144, 0xffffffffffff5366, 0x7ff, 0x7, 0x8, 0x81, 0x9, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xc, r3, 0x2) [ 1681.847774] 9pnet: Could not find request transport: rdma 23:31:03 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) [ 1681.871823] 9pnet: Could not find request transport: rdma 23:31:03 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1681.957320] FAULT_INJECTION: forcing a failure. [ 1681.957320] name failslab, interval 1, probability 0, space 0, times 0 [ 1681.960639] CPU: 0 PID: 9543 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1681.961746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1681.963109] Call Trace: [ 1681.963539] dump_stack+0x107/0x167 [ 1681.964204] should_fail.cold+0x5/0xa [ 1681.964805] ? create_object.isra.0+0x3a/0xa20 [ 1681.965571] should_failslab+0x5/0x20 [ 1681.966228] kmem_cache_alloc+0x5b/0x310 [ 1681.966875] ? mark_held_locks+0x9e/0xe0 [ 1681.967580] create_object.isra.0+0x3a/0xa20 [ 1681.968364] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1681.969218] kmem_cache_alloc_bulk+0x168/0x320 [ 1681.969999] io_submit_sqes+0x6fe6/0x8610 [ 1681.970683] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.971527] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1681.972378] ? find_held_lock+0x2c/0x110 [ 1681.973083] ? io_submit_sqes+0x8610/0x8610 [ 1681.973770] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1681.974585] ? wait_for_completion_io+0x270/0x270 [ 1681.975408] ? rcu_read_lock_any_held+0x75/0xa0 [ 1681.976206] ? vfs_write+0x354/0xb10 [ 1681.976779] ? fput_many+0x2f/0x1a0 [ 1681.977395] ? ksys_write+0x1a9/0x260 [ 1681.978048] ? __ia32_sys_read+0xb0/0xb0 [ 1681.978629] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1681.979392] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1681.980182] do_syscall_64+0x33/0x40 [ 1681.980681] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1681.981420] RIP: 0033:0x7f33fff70b19 [ 1681.981963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1681.984550] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1681.985621] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1681.986633] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1681.987649] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.989643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1681.990767] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:31:20 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 23:31:20 executing program 4: pread64(0xffffffffffffffff, &(0x7f00000010c0)=""/4088, 0xff8, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000100), 0x2000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x28, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x14, 0x11, 0x0, 0x1, [@generic="809801a7b0c7dba09475f251c743092f"]}]}, 0x28}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="000000577849fbeb822b07c200000000002e2f66696c71300027c2746eaf355834f3e23fbe88a5ed7296a87b6598028cfa2352a9a4dc75f11dde8fa03f1a1bf3b699e8ad9ea82ba35e23bc75171cc6d7b0f379742717a5bc1559b5115178bf8e00dcb2c064345fc8526b6555e3ff992367a024211f4c0838e4b206"]) 23:31:20 executing program 1: openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, 0x0) sched_getattr(0x0, &(0x7f0000000040)={0x38}, 0xfffffffffffffdd0, 0x0) ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "e35e91852b1941028300000000000000002000"}) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) fcntl$setlease(r0, 0x400, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000080)={0x1, 0x8, 0x9}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = dup(r3) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f0000000080)={@local, 0x78, r6}) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r6}) sendfile(r1, r0, 0x0, 0x4000007ffffffc) 23:31:20 executing program 0: ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300)) pipe(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0xd}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f00000003c0)) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r3 = syz_io_uring_setup(0x3e01, &(0x7f0000000280)={0x0, 0x18d7, 0x4, 0x1, 0x375, 0x0, r2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000340)) fcntl$setlease(r3, 0x400, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4) sendmmsg(r2, &(0x7f0000003bc0), 0x0, 0x20040080) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) fstatfs(r1, &(0x7f0000002e00)=""/4102) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000140)={{{@in=@broadcast, @in=@multicast2}}, {{@in6=@mcast2}, 0x0, @in6=@private0}}, &(0x7f0000000380)=0xe8) creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000000c0)={0x5, 0x7ff, 0x1000}) 23:31:20 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 23:31:20 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 24) 23:31:20 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) 23:31:20 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYBLOB="02000000000000002e2f66696c653000"]) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r4}}, 0x8) dup3(r0, 0xffffffffffffffff, 0x0) r5 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r5, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r7 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = openat(r7, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r6, r8, 0x0, 0x100000001) r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r9, 0x0, 0x80000001) [ 1698.321328] FAULT_INJECTION: forcing a failure. [ 1698.321328] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.323020] CPU: 0 PID: 9550 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1698.323874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.324924] Call Trace: [ 1698.325263] dump_stack+0x107/0x167 [ 1698.325721] should_fail.cold+0x5/0xa [ 1698.326215] should_failslab+0x5/0x20 [ 1698.326696] __kmalloc_track_caller+0x79/0x370 [ 1698.327276] ? sidtab_sid2str_get+0x17e/0x720 [ 1698.327849] kmemdup+0x23/0x50 [ 1698.328257] sidtab_sid2str_get+0x17e/0x720 [ 1698.328828] sidtab_entry_to_string+0x33/0x110 [ 1698.329407] security_sid_to_context_core+0x33c/0x5d0 [ 1698.330065] selinux_kernfs_init_security+0x239/0x4c0 [ 1698.330325] FAULT_INJECTION: forcing a failure. [ 1698.330325] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.330719] ? selinux_file_mprotect+0x610/0x610 [ 1698.332803] ? find_held_lock+0x2c/0x110 [ 1698.333324] ? __kernfs_new_node+0x2ad/0x860 [ 1698.333882] ? rwlock_bug.part.0+0x90/0x90 [ 1698.334419] security_kernfs_init_security+0x4e/0xb0 [ 1698.335061] __kernfs_new_node+0x531/0x860 [ 1698.335604] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1698.336204] ? cpumask_next+0x1f/0x30 [ 1698.336698] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1698.337295] ? pcpu_alloc+0x12a/0x1240 [ 1698.337793] kernfs_new_node+0x18d/0x250 [ 1698.338311] kernfs_create_dir_ns+0x49/0x160 [ 1698.338871] cgroup_mkdir+0x318/0xf50 [ 1698.339357] ? cgroup_destroy_locked+0x710/0x710 [ 1698.339955] kernfs_iop_mkdir+0x14d/0x1e0 [ 1698.340481] vfs_mkdir+0x493/0x750 [ 1698.340952] do_mkdirat+0x150/0x2b0 [ 1698.341414] ? user_path_create+0xf0/0xf0 [ 1698.341941] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.342601] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.343261] do_syscall_64+0x33/0x40 [ 1698.343730] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.344374] RIP: 0033:0x7f3666038b19 [ 1698.344863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.347173] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1698.348131] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1698.349044] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1698.349940] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.350838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.351733] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1698.352703] CPU: 1 PID: 9559 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1698.353654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.354731] Call Trace: [ 1698.355143] dump_stack+0x107/0x167 [ 1698.355598] should_fail.cold+0x5/0xa [ 1698.356132] ? io_setup_async_msg+0xda/0x2d0 [ 1698.356707] should_failslab+0x5/0x20 [ 1698.357257] __kmalloc+0x72/0x390 [ 1698.357703] io_setup_async_msg+0xda/0x2d0 [ 1698.358287] io_recvmsg+0xc26/0xd70 [ 1698.358745] ? io_sendmsg+0x830/0x830 [ 1698.359120] FAULT_INJECTION: forcing a failure. [ 1698.359120] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.359278] ? mark_lock+0xf5/0x2df0 [ 1698.359295] ? mark_lock+0xf5/0x2df0 [ 1698.361656] ? __lockdep_reset_lock+0x180/0x180 [ 1698.362293] ? lock_acquire+0x197/0x470 [ 1698.362848] io_issue_sqe+0x3bd6/0x77b0 [ 1698.363354] ? lock_chain_count+0x20/0x20 [ 1698.363939] ? perf_trace_lock+0xac/0x490 [ 1698.364455] ? io_connect+0x610/0x610 [ 1698.365011] ? __lockdep_reset_lock+0x180/0x180 [ 1698.365599] ? lock_acquire+0x197/0x470 [ 1698.366148] ? find_held_lock+0x2c/0x110 [ 1698.366661] __io_queue_sqe+0x90/0x9d0 [ 1698.367261] ? rwlock_bug.part.0+0x90/0x90 [ 1698.367861] ? io_issue_sqe+0x77b0/0x77b0 [ 1698.368378] ? do_raw_spin_unlock+0x4f/0x220 [ 1698.369009] ? _raw_spin_unlock+0x1a/0x30 [ 1698.369527] ? io_drain_req+0x603/0xb20 [ 1698.370082] io_submit_sqes+0x44aa/0x8610 [ 1698.370618] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.371288] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.371962] ? find_held_lock+0x2c/0x110 [ 1698.372476] ? io_submit_sqes+0x8610/0x8610 [ 1698.373104] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.373705] ? wait_for_completion_io+0x270/0x270 [ 1698.374423] ? rcu_read_lock_any_held+0x75/0xa0 [ 1698.375654] ? vfs_write+0x354/0xb10 [ 1698.376174] ? fput_many+0x2f/0x1a0 [ 1698.376628] ? ksys_write+0x1a9/0x260 [ 1698.377182] ? __ia32_sys_read+0xb0/0xb0 [ 1698.377690] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.378417] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.379112] do_syscall_64+0x33/0x40 [ 1698.379576] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.380259] RIP: 0033:0x7fa048f33b19 [ 1698.380756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.383197] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1698.384190] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1698.385148] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1698.386109] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.387042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.387974] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1698.388985] CPU: 0 PID: 9563 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1698.389852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.390887] Call Trace: [ 1698.391222] dump_stack+0x107/0x167 [ 1698.391646] sysfs: cannot create duplicate filename '/class/ieee80211/€˜§°ÇÛ ”uòQÇC !' [ 1698.391681] should_fail.cold+0x5/0xa [ 1698.391697] ? create_object.isra.0+0x3a/0xa20 [ 1698.391712] should_failslab+0x5/0x20 [ 1698.394610] kmem_cache_alloc+0x5b/0x310 [ 1698.395116] ? mark_held_locks+0x9e/0xe0 [ 1698.395624] create_object.isra.0+0x3a/0xa20 [ 1698.396168] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.396811] kmem_cache_alloc_bulk+0x168/0x320 [ 1698.397385] io_submit_sqes+0x6fe6/0x8610 [ 1698.397922] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.398543] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.399147] ? find_held_lock+0x2c/0x110 [ 1698.399656] ? io_submit_sqes+0x8610/0x8610 [ 1698.400205] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.400828] ? wait_for_completion_io+0x270/0x270 [ 1698.401435] ? rcu_read_lock_any_held+0x75/0xa0 [ 1698.402015] ? vfs_write+0x354/0xb10 [ 1698.402480] ? fput_many+0x2f/0x1a0 [ 1698.402936] ? ksys_write+0x1a9/0x260 [ 1698.403416] ? __ia32_sys_read+0xb0/0xb0 [ 1698.403927] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.404579] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.405236] do_syscall_64+0x33/0x40 [ 1698.405700] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.406339] RIP: 0033:0x7f33fff70b19 [ 1698.406802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.409107] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1698.410056] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1698.410949] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1698.411836] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.412737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.413630] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1698.414547] CPU: 1 PID: 9557 Comm: syz-executor.4 Not tainted 5.10.228 #1 [ 1698.415486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.416594] Call Trace: [ 1698.417044] dump_stack+0x107/0x167 [ 1698.417505] sysfs_warn_dup.cold+0x1c/0x29 [ 1698.418084] sysfs_do_create_link_sd+0x122/0x140 [ 1698.418672] sysfs_create_link+0x5f/0xc0 [ 1698.419233] device_add+0x703/0x1c50 [ 1698.419706] ? devlink_add_symlinks+0x970/0x970 [ 1698.420346] ? ieee80211_set_bitrate_flags+0x202/0x620 [ 1698.421493] wiphy_register+0x1da6/0x2850 [ 1698.422591] ? wiphy_unregister+0xb90/0xb90 [ 1698.423706] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 1698.425253] ieee80211_register_hw+0x23c5/0x38b0 [ 1698.426468] ? ieee80211_ifa6_changed+0x4d0/0x4d0 [ 1698.427664] ? net_generic+0xdb/0x2b0 [ 1698.428629] ? lockdep_init_map_type+0x2c7/0x780 [ 1698.430145] ? memset+0x20/0x50 [ 1698.431023] ? __hrtimer_init+0x12c/0x270 [ 1698.432097] mac80211_hwsim_new_radio+0x1ce0/0x4250 [ 1698.433535] ? hwsim_send_nullfunc_ps+0x80/0x80 [ 1698.434698] ? hwsim_new_radio_nl+0x967/0x1080 [ 1698.435917] ? memcpy+0x39/0x60 [ 1698.436796] hwsim_new_radio_nl+0x991/0x1080 [ 1698.437941] ? mac80211_hwsim_new_radio+0x4250/0x4250 [ 1698.439305] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 1698.441140] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 1698.442747] genl_family_rcv_msg_doit+0x22d/0x330 [ 1698.444018] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1698.445936] ? cap_capable+0x1cd/0x230 [ 1698.446948] ? ns_capable+0xe2/0x110 [ 1698.447911] genl_rcv_msg+0x33c/0x5a0 [ 1698.449011] ? genl_get_cmd+0x480/0x480 [ 1698.450011] ? mac80211_hwsim_new_radio+0x4250/0x4250 [ 1698.451303] ? lock_release+0x680/0x680 [ 1698.452299] ? __lockdep_reset_lock+0x180/0x180 [ 1698.453139] netlink_rcv_skb+0x14b/0x430 [ 1698.453648] ? genl_get_cmd+0x480/0x480 [ 1698.454199] ? netlink_ack+0xab0/0xab0 [ 1698.454693] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1698.455317] ? is_vmalloc_addr+0x7b/0xb0 [ 1698.455874] genl_rcv+0x24/0x40 [ 1698.456287] netlink_unicast+0x549/0x7f0 [ 1698.456886] ? netlink_attachskb+0x870/0x870 [ 1698.457443] netlink_sendmsg+0x90f/0xdf0 [ 1698.458030] ? netlink_unicast+0x7f0/0x7f0 [ 1698.458564] ? netlink_unicast+0x7f0/0x7f0 [ 1698.459149] __sock_sendmsg+0x154/0x190 [ 1698.459644] ____sys_sendmsg+0x70d/0x870 [ 1698.460202] ? sock_write_iter+0x3d0/0x3d0 [ 1698.460803] ? do_recvmmsg+0x6d0/0x6d0 [ 1698.461308] ? __lockdep_reset_lock+0x180/0x180 [ 1698.461938] ___sys_sendmsg+0xf3/0x170 [ 1698.462429] ? sendmsg_copy_msghdr+0x160/0x160 [ 1698.463080] ? __fget_files+0x2cf/0x520 [ 1698.463581] ? lock_downgrade+0x6d0/0x6d0 [ 1698.464152] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1698.464903] ? trace_hardirqs_on+0x5b/0x180 [ 1698.465441] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1698.466172] ? __fget_files+0x2f8/0x520 [ 1698.466681] ? __fget_light+0xea/0x290 [ 1698.467248] __sys_sendmsg+0xe5/0x1b0 [ 1698.467722] ? __sys_sendmsg_sock+0x40/0x40 [ 1698.468314] ? io_schedule_timeout+0x140/0x140 [ 1698.468979] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.469641] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.470338] do_syscall_64+0x33/0x40 [ 1698.470851] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.471486] RIP: 0033:0x7f278a9afb19 [ 1698.472358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.475037] RSP: 002b:00007f2787f25188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1698.476392] RAX: ffffffffffffffda RBX: 00007f278aac2f60 RCX: 00007f278a9afb19 [ 1698.477564] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 1698.479414] RBP: 00007f278aa09f6d R08: 0000000000000000 R09: 0000000000000000 [ 1698.480463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1698.481556] R13: 00007ffddc10504f R14: 00007f2787f25300 R15: 0000000000022000 23:31:20 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 25) [ 1698.515320] FAT-fs (loop6): Unrecognized mount option "./file1" or missing value 23:31:20 executing program 1: openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, 0x0) sched_getattr(0x0, &(0x7f0000000040)={0x38}, 0xfffffffffffffdd0, 0x0) ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "e35e91852b1941028300000000000000002000"}) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000004c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) fcntl$setlease(r0, 0x400, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000080)={0x1, 0x8, 0x9}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = dup(r3) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f0000000080)={@local, 0x78, r6}) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r6}) sendfile(r1, r0, 0x0, 0x4000007ffffffc) [ 1698.567637] FAULT_INJECTION: forcing a failure. [ 1698.567637] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.569170] CPU: 0 PID: 9569 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1698.570018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.571043] Call Trace: [ 1698.571379] dump_stack+0x107/0x167 [ 1698.571840] should_fail.cold+0x5/0xa [ 1698.572320] ? create_object.isra.0+0x3a/0xa20 [ 1698.572913] should_failslab+0x5/0x20 [ 1698.573390] kmem_cache_alloc+0x5b/0x310 [ 1698.573897] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.574501] create_object.isra.0+0x3a/0xa20 [ 1698.575048] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.575684] __kmalloc+0x16e/0x390 [ 1698.576140] selinux_kernfs_init_security+0x137/0x4c0 [ 1698.576809] ? selinux_file_mprotect+0x610/0x610 [ 1698.577404] ? find_held_lock+0x2c/0x110 [ 1698.577922] ? __kernfs_new_node+0x2ad/0x860 [ 1698.578474] ? lock_downgrade+0x6d0/0x6d0 [ 1698.578997] ? rwlock_bug.part.0+0x90/0x90 [ 1698.579532] security_kernfs_init_security+0x4e/0xb0 [ 1698.580172] __kernfs_new_node+0x531/0x860 [ 1698.580717] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1698.581321] ? cpumask_next+0x1f/0x30 [ 1698.581798] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1698.582389] ? pcpu_alloc+0x12a/0x1240 [ 1698.582884] kernfs_new_node+0x18d/0x250 [ 1698.583400] kernfs_create_dir_ns+0x49/0x160 [ 1698.583958] cgroup_mkdir+0x318/0xf50 [ 1698.584443] ? cgroup_destroy_locked+0x710/0x710 [ 1698.585057] kernfs_iop_mkdir+0x14d/0x1e0 [ 1698.585581] vfs_mkdir+0x493/0x750 [ 1698.586031] do_mkdirat+0x150/0x2b0 [ 1698.586490] ? user_path_create+0xf0/0xf0 [ 1698.587013] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.587675] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.588324] do_syscall_64+0x33/0x40 [ 1698.588806] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.589451] RIP: 0033:0x7f3666038b19 [ 1698.589919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.592232] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1698.593219] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1698.594119] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1698.595013] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.595910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.596821] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1698.637282] FAULT_INJECTION: forcing a failure. [ 1698.637282] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.639080] CPU: 0 PID: 9574 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1698.639931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.640974] Call Trace: [ 1698.641307] dump_stack+0x107/0x167 [ 1698.641761] should_fail.cold+0x5/0xa [ 1698.642238] ? create_object.isra.0+0x3a/0xa20 [ 1698.642808] should_failslab+0x5/0x20 [ 1698.643283] kmem_cache_alloc+0x5b/0x310 [ 1698.643787] ? mark_held_locks+0x9e/0xe0 [ 1698.644295] create_object.isra.0+0x3a/0xa20 [ 1698.644859] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.645498] kmem_cache_alloc_bulk+0x168/0x320 [ 1698.646076] io_submit_sqes+0x6fe6/0x8610 [ 1698.646618] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.647242] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.647855] ? find_held_lock+0x2c/0x110 [ 1698.648368] ? io_submit_sqes+0x8610/0x8610 [ 1698.648941] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.649552] ? wait_for_completion_io+0x270/0x270 [ 1698.650158] ? rcu_read_lock_any_held+0x75/0xa0 [ 1698.650745] ? vfs_write+0x354/0xb10 [ 1698.651213] ? fput_many+0x2f/0x1a0 [ 1698.651673] ? ksys_write+0x1a9/0x260 [ 1698.652156] ? __ia32_sys_read+0xb0/0xb0 [ 1698.652678] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.653337] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.653991] do_syscall_64+0x33/0x40 [ 1698.654458] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.655099] RIP: 0033:0x7f33fff70b19 [ 1698.655566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.657883] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1698.658837] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1698.659737] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1698.660633] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.661543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.662435] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 23:31:20 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) 23:31:20 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x1) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000b40)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000b80)={@mcast1, 0x0}, &(0x7f0000000bc0)=0x14) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000c80)={'syztnl0\x00', &(0x7f0000000c00)={'sit0\x00', r2, 0x2f, 0x1f, 0x6, 0xb0, 0x3f, @local, @private1={0xfc, 0x1, '\x00', 0x1}, 0x700, 0x1, 0x101, 0x80}}) r3 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0) sendmsg$inet6(r0, &(0x7f0000000500)={&(0x7f00000000c0)={0xa, 0x4e22, 0xff, @remote, 0x8}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000100)="0b1ed11c1f2b976332e64df11bb52ee1e369acb07de15eb153dbbd03c77e3da7693ec6f14f01ef6f9274758462a3e4d83afebc5f0bbbb7865cd40abe5479c51711a95a53ac0cf4bbbebcd3beab19e9f28bbe6df1c0c922dad6bf05febd25b75e5d82bf88501ffbddb5660acf024b9d0c713b7047b5", 0x75}, {&(0x7f0000000180)="edd9fb6970c09157dced7ea048691ff82913b3b42647900b937acd58b1b7cf298dd8982dc55d8771979429c1ee5d63c9087036ad0cd1b53894c4e6cffb9b945c94d9f2c21aa6497d96a586f8ede292f35f3ad31a767c57edbb57fd40e5a77e88c1e0ab4f5a3c4701aa4b0d1249464372db9e64e0d260d6d248007cf511f9bf62a5100834f96f3657bfc7acc0d3405d35c73b82d9eda7f0e4ba82d920168b4cebf1d5410ad58117e65a35eeffb5b575", 0xaf}, {&(0x7f0000000240)="a22590e6a1cac60b2c74d877fc57a4922ec0f70de0ac37d1a7c221700043fa03f16bc3c78fa42d86c3493cda85a61bddade2523aacfcac584194aeb52d75c5ccf0d57cc056fb7010e74e40173350c53299cb18a925d39c28a87d225ef121b0ab67c2ddc356502758feb1224e6702d8cfd6793503badfb7dddbaadc626d2211c58542e3dbcb84998c8a552d75", 0x8c}, {&(0x7f0000000300)="5cf87286cc645331e8203eced74df2e719aae8260d3d826c7909b5be69f1893b7eb97e9a961730daf386bf61d048b8583b195252a0f8f41c76d7edbf41bd8707d90c4debea0ec334067d586b76f06150d017a41efbe82266819b6700b0e6b6bbe5486fbbe9a87bed862cee859808f220b80280dcf578e134b7dc04c6982041dae7751b304ea7ef5833b643b2359725be8d490002a2e6a3e9d0f1cbe94f7b9117b8fd9453d33c9bc2fea3e275d33eb78d69cfc998801c90655808bf750d67815082cfb853b968bf3a3602364f2f86c5c53ab7fb6ffc825fd15988b439d9e54df6bb69bb3ca3db68fa82acabbd170926bfac8d81931ef5469e24ce9c74fe", 0xfd}, {&(0x7f0000000580)="16c343679a3a29075815db7429528f37072bfbbe23d9d58fa22fd6a460873bcbe2821ba9b7651a6feb1a511fdd621a9dee32e0c52aa1aaaaa84c387630fad590f168dfafda1290884538c54b220ac5f73d87181ea023a3881bd678f3ffd2853b4392324b67797fc7ec7a894a93a345f08effbfec13d763d3ebc612960321cad2cc075cbc23f6232d41c9264a0a0afbe03ec8487c0721efefd529c73c72983c36c7c1426f38f9a66b9691c50c478543cd9a91ea3b43b8f71e9b1fba6ec2bf2f8dcf73a44aaf6777c65458bd74ebdf150df3a8609ef4842eca66abdaae4c872b58f3fb", 0xe2}, {&(0x7f0000000400)="a9ba31791caa24391ddf50e7262d83cb4708efbdcce88543bd25046c8edfbc401ba19edfb87d51a174020fd2eb3f04be96aa3aeea655f2a77917c1d0d343a5e3f676fe37205235958238e632a560df", 0x4f}, {&(0x7f0000000680)="736e9c3da086df3aea736868e3800959888652289ae4530b9a16334bba7b5fab1d139b653b25f30721f0af0de582f4558ba959a45041f1ba9fe52bb84089e9e6f9d1a238f23c1cdfc4aa0c99550343b25659aa27e2dfbc7a05ec1e5afdb518139a042f8867089111d5ec8cb3338bcb55f66c2e943e2dd3e90c4e6bdf3e575a602706fe9276f2fd4128150a4dd4", 0x8d}, {&(0x7f0000000740)="7d4a89a55276b4e0e7904f509ac3919b2ea2581f56952dbafc830ed8ae45e4dc6281aa5e10457146b8a1f3fd51eff3928b234506f9a0cb35984d7b7a01c067090792a042bcc3fa4b8fd3352660d8d080faa79f2e8bb922c584df8a3ef96c7dd0e13c24f684796d3e5279cc423f2843c7cf86ec592c1ae378f350eee103ba6902101f195a54aaac9fe677f5fb87d9c6a87d5722c727d82735215e599be6f5a5660432ee0f8f", 0xa5}, {&(0x7f0000000480)="0e4deb6d31be5883f7bb7ffe05d87cbd9c2200d570a5a359d11323c1155557b9cdf78ad2c4f6aeed5aa2", 0x2a}], 0x9, &(0x7f00000008c0)=[@hopopts={{0x90, 0x29, 0x36, {0x3a, 0xf, '\x00', [@calipso={0x7, 0x30, {0x1, 0xa, 0x5, 0x0, [0xfffffffffffffffb, 0xffffffff00000001, 0xffffffff, 0x7, 0x0]}}, @calipso={0x7, 0x38, {0x3, 0xc, 0xee, 0x400, [0x4, 0x80000001, 0x401, 0x90, 0x1a, 0x57a]}}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}}], 0x90}, 0x24008001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_SYNC(0xffffffffffffffff, 0x9408, 0x0) read(r3, &(0x7f0000000a80)=""/134, 0x86) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x4300, 0x4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x11, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1, 0x0, 0x0, 0x3}, 0x200000}], 0x7ffff000, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r3, 0xc0c89425, &(0x7f0000000980)={"9a48378d17d2420ca4c5324e28d591e8", 0x0, 0x0, {0x8, 0x9}, {0x94b5, 0x1}, 0x9, [0x5, 0x7fffffff, 0x5, 0x2, 0x9, 0x7, 0x9, 0x0, 0x49e, 0xfc8, 0x4, 0x101, 0x7, 0x5, 0xffffffff, 0x40]}) 23:31:20 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 26) 23:31:20 executing program 4: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="ff030000000000002e2f663000"]) sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r0, 0x10, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x49, 0x5b, "bd8e36aa9f87cb4fac76d33916d371195c344328365a2f44c0adac0e2f17bbc14387fdce9b6c9698882bc73411403620d42200d91cfdd8cc9cd17c7b72f7ac6df6f749cd65"}]}, 0x68}, 0x1, 0x0, 0x0, 0x4040801}, 0x4004005) r2 = socket$nl_generic(0x10, 0x3, 0x10) creat(&(0x7f0000000540)='./file0\x00', 0x40) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0122ee6b96d0e26141008800000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000802110000010000"], 0x28}}, 0x0) sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x22028}, 0xc, &(0x7f00000004c0)={&(0x7f0000000200)={0x1cc, r0, 0x800, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x80000001, 0x5e}}}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_FRAME_MATCH={0xf8, 0x5b, "e71c2454e15a06c83fe47e39db80a406695f14aacfe26eea347e0fb56e6e1761f7dfe28db2c43e41a3c42eec2bdc712416463579fc50bfeed57305ad3d1804624d5dd70781f5d488809445957d904adaa3095716435785a40fbbabc9c38a6b34deb6cfcccf6fcde17a20bf61a87c62dbff0b1005c7eaf5c1db3ddc57ee4246391bf71aac77aeac29d5e4005732ba09b435c23e9e5488a569dd0b5d539d6c5e14433c619ad6d828ed8f807fe7795de49789acef95ffeabf82e76d09101b5e39669fc4134988a8d1725ee3288b34ea89e362089f08d2980ce904034f3979fa6cbe1f0a168a05ad2214bce4bfe4ce350cc1714a6136"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x100}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xf100}, @NL80211_ATTR_FRAME_MATCH={0x7b, 0x5b, "8c04fbb3f4217421bbf67e67b453bce31c5bafc319d6078a1ff766b9c8bf6727c1a6fca4f0a932244d2193c25afb34db8b663d875cd5863ff700df5708c178551d8ca9c78e4d5729947b8041ef9ca015d828fade6d7c997d847092e6248a106a5ee532a556249eb0c414fef726ee3af011aaaa97d11796"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x800}, @NL80211_ATTR_FRAME_TYPE={0x6}, @NL80211_ATTR_FRAME_TYPE={0x6}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x5}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x50004}, 0x0) r3 = fcntl$dupfd(0xffffffffffffffff, 0x406, r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)={0x24, r5, 0x109, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_BEACON(r3, &(0x7f0000001280)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001240)={&(0x7f0000000900)={0x928, r5, 0x2, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE_ASSOC_RESP={0x2ec, 0x80, [@measure_req={0x26, 0x79, {0x0, 0x40, 0xcb, "03ba51f01232df295571a105b862125a32e4eb9de4bcccc5b94b98e7d062060eaef3283421cf68f0d2b86457264e547cbfb80c73ab108447daebeaa98529776947cfbca61d45dc6f2f7c1360efff49acb6abecd148321322cacd0e2b4484da21556d8a182e51e371dc6133ce63049572f911bfc8e124"}}, @tim={0x5, 0xa6, {0xff, 0xa7, 0x4, "6bce6fb58629962dd033033e7446f46ea34525cde08503421a3b63d10e2f634bda313f5b6030b715929e79db3e19721b2de96552cc041acc4f0315fb882ef45e4d00217803ece366bf5391f85e543e24578e8b91314c3b8caa37cf75b87147ea611031d0672afe6691dd2b47f8251d79a04c5934c129ad46df52638283b325fd75bde001bf3dc1dc28a7798e821259fbabe152269c8422701fd138b6ccafea27fb0be7"}}, @channel_switch={0x25, 0x3, {0x1, 0x74, 0x4}}, @random_vendor={0xdd, 0xb3, "74567e2f8f90e3e7df1c7be587028a0e36bd28dab97e213c9725679ea003e2a1af65ea695e8de782267cee3b810b87fd2e350735fc077a47d41799c1e1abf194d1b3f80f6a74e0ef45bbaa36b3a2fe181cf56c526b0805d91d53cc01375db3fa89d88fe36ca15e7962b399187b89ad56d084db8dfe0ac6bddb47edea90f196205b6e8b464a7588aaa4ef57a4681b6578e822cf8a264fa3523f20bdc0a258bdf0ccd539068dbff48524a43dc87f3d26fedebb97"}, @link_id={0x65, 0x12, {@initial, @device_a, @broadcast}}, @supported_rates={0x1, 0x2, [{0x6c}, {0x36, 0x1}]}, @erp={0x2a, 0x1, {0x1, 0x0, 0x1}}, @peer_mgmt={0x75, 0x18, {0x0, 0x80, @val=0x5, @val=0x23, @val="9122e68404c630e806f3f5f3e7553f89"}}, @fast_bss_trans={0x37, 0xb1, {0x0, 0x4, "4350a465bf8070b0633648798ec888ae", "a777ae382b2001b35d14869a03cf252a52a1cebe64be9d871a36f15669290565", "386fc00f3628b04dde27a41feebbbbda2f642f602b0c45e7d99b8a9747783555", [{0x3, 0x19, "d71580c3294670dede9c55aa03c45a9c09dfe17ba21f0f1550"}, {0x4, 0x1b, "4c4c4afd31d20da0f4f15a69f5a249b51aabef2d762882541e9d08"}, {0x3, 0x8, "c22a40f9f6fabf16"}, {0x2, 0x1b, "92fb6dee641cc9be97f6f5e3a7b70c9d72563a55d32139fb22baac"}]}}, @tim={0x5, 0x21, {0x3f, 0x72, 0x3, "cf747db571e33d06dbe6d7618a11826a570e144eec1b1060f58be3d450a7"}}]}, @NL80211_ATTR_PROBE_RESP={0x2fc, 0x91, "578abdf62d9164f6853a6bf13027c98fab007259197e469e377f85a56b3c85f2d93dc8cac94c6b6e806db3aa1f5dcbfb97e28abc7f25e9c0bf9c07cc0eb63403d69ad75515ec32ea3a42030fb35508b9840f5abdcf54bfe322b8cf91df0865fd03e9a635ab5fe92353d939cc9099115a2950b9b8d0f7fce0bb35432929a1e24ced7a39f783fea02fea2a956144c572fa7b6609e6ad268a2a230b2dad8075dfa37b679b8ee164ec43b793ae1c86f50586d4d5407ef9e3d0c2d54db8e92ddc71f598080b2162ff115b5b8fd9dc2899a5dda81342f7bbc51369180d7f0b5536f4741e89ed5f8dd15703eb3569a1be7b474ab7195ea6ac3b98f3d26576ece8bf5ff899acbef199a1867191f5aa3771a147f2af04ab552a52e62b6214900f796b37d48c18c401a4d588b91b5cbc33e524ae7b0e53126e5bec32ef73469d9bb11253bee2ed21135c0ea47770131f450f5f5a99c2570a87b84c34ab7902cbb14ac1eeaf30324886ddd0071df8a853d3600532b89fd1a80bf349e604594430a3f595fe09a729882979e02d259008146acd49909d07c8a99e26e329ac75d10331ebdb0cea2fd096bca2aea79493ca82d78596f6a2cdc2d87a6c7dba96477ced4a2565d68128f4e455cfe80933520767ef5699daa672e555551e93d21ffb508133451d3bee93c2bf312432ee95be36aa88489a39fa5d1352d7c223311a2d2c2e609c7e9241434928b185d8f08a3d2f4b08e856adc414636a55e78e852e289e931d8eabf71b13e9ffce10d67a27d634633944fa049b1daedd151b81c2df67252c30b09a9591b8152ff945bc774471dd9eacafffff6fce42e2adf6315f4bb26746f4e8d534b2237f4d38181d42b9e6e5f4fbd9145099b0a28b6204236e3e9c7d4ebe0fe5f80cf5679b72575eb867710dee4f00c19096ec31e6074f62a1edc198d42220024c6638de1dbe8a59ce63ef78e1b786f39490f98a8d65106291c94c635b62e0ea94f98c73f784d956a00d6f80487de437bf00d1e2adb54dccc8c5699531909038e5c820acddd853bec3bd4a91b1c5f9b718b6559ca86c58ae5c11"}, @NL80211_ATTR_PROBE_RESP={0x306, 0x91, "b561f9a2333bae67e8addb48b555a104671683c72295559bc6d8f51879e4594b46cd1f84cd55f9eae0be017abcb634899f2e55e0bb93234093345640b870396e23250a0e6ae77384ad15d1c7eaacf7e44daa17bbdb34deb049a9e7ca876b0ff8991b8d347b4f7da2f0415d9eb89630c7e3b7cfd5778aff49a4ce76f46d6710e9ddb274a430378ddc899a59b033e3bd61076008d6f75f8a4e2bae0ea8a061547f73830e454216f3da1201e1dee4827b9c0ebd4366d60abe054766ba2a2c7974a3c4c342116a35187f8972a036bb6812a233cb357eebcdc05afa52a0233e13e34066295a0b26967bf159cd7d00feda20d6ed90ca4a04bb7d6a388f4ec29da105a14887eb594b1b0042f0dc24c369c2f4ca0b783a740eb1f645ae649b266e1b2c222d5bfbd9970b9f89eecd3fe56f12bf00be2c2275a3612819e5313f35bfd9f1231d61ed8704ee81b9fecadede8853aa33cc3677e2d08e188db1d9443164693e382896d3c940b42469ed78f5f0b2dd19d30cfc86e21b0ad4accb8ed57a2d638d4bdbcdb79de64e05261fd931b039676bac068c8f8abfb1f96c44afc78960ce784f1a1c8f011cb3d7cebf084cbb58a060c34eb666bb3c74753f8d7948d6c6b9b62ec08e0b7b7ff44d78eb2c5bb60441c90e54674ea4168ea4561c06c15e45a1601f989b67a8d54a8528cc0741ef24ffa4792d980f625b893769b3f1a29f210126860ecbae88d55d89e15ab17006499135969bd215516aadacc98f533786a35356ee577e70be4d655104b52fad190aa5da2cf40f08b02764d364f384fed075a7f788216a09fac96124e56377e2052e77f2a878b90a5ae0b34a925be9ae09ddb0915f95c6d8ab1d7ff5013b8d22f987066ea64fab5ef65e9650eb41e3906ed50c2860a12c81543815f4b56acd09913061ed2d7a31ad7230098e985a7619ea2072d68ed2119afa713335a6811577b13558b3c6fa31d76a35fa642078a7d3d4266898fadfdbeae20ab9176681ea18006cf6809ae58f6483057e3df2466221c91e142aa7c0c90c7fdca36b2df175b6f4410302677fa1725e085f98b0d6dbb0e150787f17fc3b"}, @NL80211_ATTR_IE_ASSOC_RESP={0x1c, 0x80, [@mesh_id={0x72, 0x6}, @cf={0x4, 0x6, {0x3, 0x8, 0xd351, 0x1f0}}, @mesh_chsw={0x76, 0x6, {0x3, 0x8, 0x3b, 0x4}}]}]}, 0x928}, 0x1, 0x0, 0x0, 0x44}, 0x72452e84617afc86) 23:31:20 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 23:31:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) syz_io_uring_setup(0x454d, &(0x7f0000000000)={0x0, 0xcc5a, 0xa, 0x0, 0x135}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r3 = socket(0x0, 0x80000, 0x3f) r4 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000440)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) getsockopt$inet_int(r0, 0x0, 0x31, &(0x7f00000002c0), &(0x7f0000000300)=0x4) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x8, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x10000) syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_SEND={0x1a, 0x1, 0x0, r3, 0x0, &(0x7f0000000140)="6372c8dea837682c3292a26644a85aa3b05a141acdf46e7c5a503dbb40a61b12e6fc946baf44ae67ba5557bdcd8a64243fa86d865a9946ec54c27f88c23067271e94f9442710dcebd9d99f82b64980666afe438b6d38ec2e938ace20a8387f18eaafc3bd7d3be2a05407819a155006081a41e18735cefbb58d2b1a06fdadc18d216a1b14c5a3e28d4f74637030a0071a77736ccea4f4d9f84bcca48a8f197315d648b43c8f99695546aa539dee171c0bdd37d705ab2885c46bcecb2178b8c31daedcf05dc7ae2dddb35ce3", 0xcb, 0x10000000, 0x0, {0x0, r7}}, 0x6) 23:31:20 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) [ 1698.803103] netlink: 'syz-executor.4': attribute type 11 has an invalid length. 23:31:20 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) [ 1698.822597] FAULT_INJECTION: forcing a failure. [ 1698.822597] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.824115] CPU: 0 PID: 9581 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1698.825001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.826050] Call Trace: [ 1698.826392] dump_stack+0x107/0x167 [ 1698.826854] should_fail.cold+0x5/0xa [ 1698.827340] ? create_object.isra.0+0x3a/0xa20 [ 1698.827925] should_failslab+0x5/0x20 [ 1698.827958] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 1698.828405] kmem_cache_alloc+0x5b/0x310 [ 1698.828428] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.830557] create_object.isra.0+0x3a/0xa20 [ 1698.831107] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.831749] __kmalloc+0x16e/0x390 [ 1698.832212] selinux_kernfs_init_security+0x137/0x4c0 [ 1698.833147] ? selinux_file_mprotect+0x610/0x610 [ 1698.834316] ? find_held_lock+0x2c/0x110 [ 1698.835316] ? __kernfs_new_node+0x2ad/0x860 [ 1698.836391] ? lock_downgrade+0x6d0/0x6d0 [ 1698.837584] ? rwlock_bug.part.0+0x90/0x90 [ 1698.838601] security_kernfs_init_security+0x4e/0xb0 [ 1698.839815] __kernfs_new_node+0x531/0x860 [ 1698.840880] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1698.842049] ? cpumask_next+0x1f/0x30 [ 1698.842976] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1698.844118] ? pcpu_alloc+0x12a/0x1240 [ 1698.845159] kernfs_new_node+0x18d/0x250 [ 1698.846131] kernfs_create_dir_ns+0x49/0x160 [ 1698.847182] cgroup_mkdir+0x318/0xf50 [ 1698.848095] ? cgroup_destroy_locked+0x710/0x710 [ 1698.848991] kernfs_iop_mkdir+0x14d/0x1e0 [ 1698.849516] vfs_mkdir+0x493/0x750 [ 1698.849968] do_mkdirat+0x150/0x2b0 [ 1698.850431] ? user_path_create+0xf0/0xf0 [ 1698.850956] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.851613] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.852268] do_syscall_64+0x33/0x40 [ 1698.852792] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.853441] RIP: 0033:0x7f3666038b19 [ 1698.853909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.856219] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1698.857878] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1698.859714] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1698.861636] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.863430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.864939] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:31:20 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1698.877545] FAULT_INJECTION: forcing a failure. [ 1698.877545] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.879328] CPU: 1 PID: 9591 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1698.880226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.881516] Call Trace: [ 1698.881878] dump_stack+0x107/0x167 [ 1698.882368] should_fail.cold+0x5/0xa [ 1698.882883] ? create_object.isra.0+0x3a/0xa20 [ 1698.883498] should_failslab+0x5/0x20 [ 1698.884010] kmem_cache_alloc+0x5b/0x310 [ 1698.884593] ? mark_held_locks+0x9e/0xe0 [ 1698.885174] create_object.isra.0+0x3a/0xa20 [ 1698.885727] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 23:31:20 executing program 4: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xa}, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) clone3(&(0x7f0000000280)={0x1040100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x29}}}}, [@NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x40, 0x4}, {0x1f, 0x1}, {0x81, 0x1}, {0x5}, {0x0, 0x3}, {0xed, 0x2}, {0x9, 0x5}, {0x0, 0x2}, {0xff, 0x5}], "35a2aab1aceeced7"}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000061) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00') write$cgroup_int(r3, &(0x7f0000000040), 0x12) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) getpeername(0xffffffffffffffff, &(0x7f00000005c0)=@xdp, &(0x7f0000000640)=0x80) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r4 = accept4(r3, &(0x7f00000000c0)=@caif=@util, &(0x7f0000000140)=0x80, 0x80000) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000180)={0x0, 'lo\x00', {0x3}, 0x101}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00000000000000002e2f66696c6530005c14c566d6b39014b4299c014a85f602fd203eb880c8ff80950de78cc3a124b5602edae6aa02c86b22840a8f68b8b261b1c38cb26a623954a23dcaa5a3c54af36b888a00fb181e5a6352996d98810000000000000006ecde65e3f456644564fa425c679c2d4ad10ba45dcc77135a3089c130334f54cb30d5"]) close_range(r5, r0, 0x0) [ 1698.886374] kmem_cache_alloc_bulk+0x168/0x320 [ 1698.891013] FAULT_INJECTION: forcing a failure. [ 1698.891013] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.897178] io_submit_sqes+0x6fe6/0x8610 [ 1698.897224] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.899761] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.900375] ? find_held_lock+0x2c/0x110 [ 1698.900968] ? io_submit_sqes+0x8610/0x8610 [ 1698.901524] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.902131] ? wait_for_completion_io+0x270/0x270 [ 1698.902736] ? rcu_read_lock_any_held+0x75/0xa0 [ 1698.903321] ? vfs_write+0x354/0xb10 [ 1698.903787] ? fput_many+0x2f/0x1a0 [ 1698.904245] ? ksys_write+0x1a9/0x260 [ 1698.904778] ? __ia32_sys_read+0xb0/0xb0 [ 1698.905300] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.905957] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.906604] do_syscall_64+0x33/0x40 [ 1698.907074] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.907716] RIP: 0033:0x7f33fff70b19 [ 1698.908188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.910616] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1698.911572] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1698.912472] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1698.913399] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.914290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.915178] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1698.916093] CPU: 0 PID: 9596 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1698.916988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.918026] Call Trace: [ 1698.918361] dump_stack+0x107/0x167 [ 1698.918820] should_fail.cold+0x5/0xa [ 1698.919300] ? create_object.isra.0+0x3a/0xa20 [ 1698.919876] should_failslab+0x5/0x20 [ 1698.920359] kmem_cache_alloc+0x5b/0x310 [ 1698.920881] ? find_held_lock+0x2c/0x110 [ 1698.921391] create_object.isra.0+0x3a/0xa20 [ 1698.921940] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.922576] __kmalloc_node+0x1ae/0x420 [ 1698.923079] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1698.923714] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 1698.924347] kmem_cache_alloc_bulk+0x182/0x320 [ 1698.924940] io_submit_sqes+0x6fe6/0x8610 [ 1698.925481] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.926102] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1698.926712] ? find_held_lock+0x2c/0x110 [ 1698.927225] ? io_submit_sqes+0x8610/0x8610 [ 1698.927774] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.928382] ? wait_for_completion_io+0x270/0x270 [ 1698.929003] ? rcu_read_lock_any_held+0x75/0xa0 [ 1698.929586] ? vfs_write+0x354/0xb10 [ 1698.930054] ? fput_many+0x2f/0x1a0 [ 1698.930557] ? ksys_write+0x1a9/0x260 [ 1698.931038] ? __ia32_sys_read+0xb0/0xb0 [ 1698.931550] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.932202] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.932869] do_syscall_64+0x33/0x40 [ 1698.933337] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.933975] RIP: 0033:0x7fa048f33b19 [ 1698.934439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.936764] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1698.937718] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1698.938604] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1698.939534] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1698.940428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.941330] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 23:31:21 executing program 4: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xa}, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) clone3(&(0x7f0000000280)={0x1040100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x29}}}}, [@NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x40, 0x4}, {0x1f, 0x1}, {0x81, 0x1}, {0x5}, {0x0, 0x3}, {0xed, 0x2}, {0x9, 0x5}, {0x0, 0x2}, {0xff, 0x5}], "35a2aab1aceeced7"}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000061) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00') write$cgroup_int(r3, &(0x7f0000000040), 0x12) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) getpeername(0xffffffffffffffff, &(0x7f00000005c0)=@xdp, &(0x7f0000000640)=0x80) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r4 = accept4(r3, &(0x7f00000000c0)=@caif=@util, &(0x7f0000000140)=0x80, 0x80000) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000180)={0x0, 'lo\x00', {0x3}, 0x101}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00000000000000002e2f66696c6530005c14c566d6b39014b4299c014a85f602fd203eb880c8ff80950de78cc3a124b5602edae6aa02c86b22840a8f68b8b261b1c38cb26a623954a23dcaa5a3c54af36b888a00fb181e5a6352996d98810000000000000006ecde65e3f456644564fa425c679c2d4ad10ba45dcc77135a3089c130334f54cb30d5"]) close_range(r5, r0, 0x0) 23:31:21 executing program 1: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xa}, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) clone3(&(0x7f0000000280)={0x1040100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x29}}}}, [@NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x40, 0x4}, {0x1f, 0x1}, {0x81, 0x1}, {0x5}, {0x0, 0x3}, {0xed, 0x2}, {0x9, 0x5}, {0x0, 0x2}, {0xff, 0x5}], "35a2aab1aceeced7"}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000061) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00') write$cgroup_int(r3, &(0x7f0000000040), 0x12) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) getpeername(0xffffffffffffffff, &(0x7f00000005c0)=@xdp, &(0x7f0000000640)=0x80) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r4 = accept4(r3, &(0x7f00000000c0)=@caif=@util, &(0x7f0000000140)=0x80, 0x80000) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000180)={0x0, 'lo\x00', {0x3}, 0x101}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00000000000000002e2f66696c6530005c14c566d6b39014b4299c014a85f602fd203eb880c8ff80950de78cc3a124b5602edae6aa02c86b22840a8f68b8b261b1c38cb26a623954a23dcaa5a3c54af36b888a00fb181e5a6352996d98810000000000000006ecde65e3f456644564fa425c679c2d4ad10ba45dcc77135a3089c130334f54cb30d5"]) close_range(r5, r0, 0x0) 23:31:21 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 27) [ 1699.178122] FAULT_INJECTION: forcing a failure. [ 1699.178122] name failslab, interval 1, probability 0, space 0, times 0 [ 1699.179816] CPU: 1 PID: 9710 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1699.180727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1699.181790] Call Trace: [ 1699.182151] dump_stack+0x107/0x167 [ 1699.182640] should_fail.cold+0x5/0xa [ 1699.183179] ? create_object.isra.0+0x3a/0xa20 [ 1699.183783] should_failslab+0x5/0x20 [ 1699.184265] kmem_cache_alloc+0x5b/0x310 [ 1699.184802] create_object.isra.0+0x3a/0xa20 [ 1699.185352] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1699.185994] __kmalloc_track_caller+0x177/0x370 [ 1699.186574] ? security_context_to_sid_core+0xb4/0x890 [ 1699.187234] kmemdup_nul+0x2d/0xa0 [ 1699.187678] security_context_to_sid_core+0xb4/0x890 [ 1699.188322] ? security_compute_sid.part.0+0x16e0/0x16e0 [ 1699.189010] ? do_raw_spin_lock+0x121/0x260 [ 1699.189547] ? rwlock_bug.part.0+0x90/0x90 [ 1699.190077] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1699.190678] ? do_raw_spin_unlock+0x4f/0x220 [ 1699.191226] ? _raw_spin_unlock+0x1a/0x30 [ 1699.191748] security_context_to_sid+0x35/0x50 [ 1699.192322] selinux_kernfs_init_security+0x19d/0x4c0 [ 1699.193026] ? selinux_file_mprotect+0x610/0x610 [ 1699.193622] ? find_held_lock+0x2c/0x110 [ 1699.194167] ? __kernfs_new_node+0x2ad/0x860 [ 1699.194715] ? lock_downgrade+0x6d0/0x6d0 [ 1699.195239] ? rwlock_bug.part.0+0x90/0x90 [ 1699.195771] security_kernfs_init_security+0x4e/0xb0 [ 1699.196407] __kernfs_new_node+0x531/0x860 [ 1699.196959] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1699.197554] ? cpumask_next+0x1f/0x30 [ 1699.198031] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1699.198617] ? pcpu_alloc+0x12a/0x1240 [ 1699.199110] kernfs_new_node+0x18d/0x250 [ 1699.199621] kernfs_create_dir_ns+0x49/0x160 [ 1699.200182] cgroup_mkdir+0x318/0xf50 [ 1699.200673] ? cgroup_destroy_locked+0x710/0x710 [ 1699.201271] kernfs_iop_mkdir+0x14d/0x1e0 [ 1699.201793] vfs_mkdir+0x493/0x750 [ 1699.202241] do_mkdirat+0x150/0x2b0 [ 1699.202699] ? user_path_create+0xf0/0xf0 [ 1699.203222] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1699.203878] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1699.204525] do_syscall_64+0x33/0x40 [ 1699.204999] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1699.205644] RIP: 0033:0x7f3666038b19 [ 1699.206110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1699.208402] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1699.209370] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1699.210260] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1699.211150] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1699.212040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1699.212961] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 23:31:37 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x80200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 23:31:37 executing program 6: syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)=ANY=[@ANYBLOB="7f0000000100000018000000", @ANYBLOB="02000000000000002e2f66696c653000"]) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x1d, &(0x7f0000000140)={0x0, 0x31a0, 0x8, 0x0, 0x3e1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000200)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x4}}, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000006c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/6, 0x6}, {&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000380)=""/5, 0x5}, {&(0x7f00000003c0)=""/78, 0x4e}, {&(0x7f0000000440)=""/172, 0xac}], 0x6, &(0x7f0000000580)=""/213, 0xd5}, 0x0, 0x10040, 0x0, {0x3, r4}}, 0x8) dup3(r0, 0xffffffffffffffff, 0x0) r5 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') pidfd_getfd(0xffffffffffffffff, r5, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x2b) r7 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = openat(r7, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x149) sendfile(r6, r8, 0x0, 0x100000001) r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r9, 0x0, 0x80000001) 23:31:37 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x24, 0x2e, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @nested={0xfd49, 0x0, 0x0, 0x1, [@generic="999e00009c"]}]}, 0x24}}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) write$binfmt_elf64(r2, &(0x7f0000000480)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x6, 0x0, 0xf7, 0x0, 0x2, 0x6, 0x101, 0x395, 0x40, 0x153, 0x1, 0x8, 0x38, 0x2, 0x6, 0x6}, [{0x6474e551, 0x8, 0x101, 0x6, 0x8, 0x704d, 0xffff, 0x1ff}], "80bc41efa7201a2d73710cc2c699956a9f3fa2c5c300f933743920d46369999f704a12c3258a649063766da8371ee6f01b23e49e387d1097946d18fa4cd990d348b9af8861e4da89e5ed83", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8c3) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={0x164, 0x19, 0x2, 0x70bd2d, 0x25dfdbfb, {0x13}, [@nested={0x14e, 0x81, 0x0, 0x1, [@typed={0x17, 0x1c, 0x0, 0x0, @binary="cdfe57e2ef44b5b37b72d75cfa178673a71727"}, @generic="58ecf095d578c34638608b1015f88d12aaadfe5fbc6ef8402b8ff4884e219b71dcb48f50606c2b7a15b681dc94d47fe8664a8d20151005e7ec8e2cb516947f23b123a471817e09719bbfa35b6661487f369fe6256ca7989ed9c17b2c5d03a111", @generic="9edca955407c9757546190d354029cd1d9b5ba0a70f7ad21b7af759db4c44894c47b58625ace33711063c004f47aae5f8c67d01c89722888180444421726a79dd25dfd8b0efe90e2a841bdbaf862630ecbe9a234ad8c7e67cdf0799cd38801046dba1cf54157d89c4c6440ba38032a88646e1ff8c05ceb29a25fccb7e613f12efb4012ba790d66a1824591c3ee", @generic="ca149e6e6a6001455f661c6cf7d2a06fbb0cffb5fa062caa83ad447b25d4fbee6c423644d2e6b08908e15ddb045e43d114c57dc32832e6cbf99aca4b5745c31ef3521168ba"]}]}, 0x164}, 0x1, 0x0, 0x0, 0x24000801}, 0x20000000) 23:31:37 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_io_uring_setup(0x6c6b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) pipe(&(0x7f00000014c0)) syz_io_uring_setup(0x4, &(0x7f0000000180), &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 23:31:37 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_io_uring_setup(0x4ee5, &(0x7f0000000080)={0x0, 0x806cad, 0x0, 0x0, 0x260}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x2160}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) 23:31:37 executing program 4: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xa}, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) clone3(&(0x7f0000000280)={0x1040100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x29}}}}, [@NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x40, 0x4}, {0x1f, 0x1}, {0x81, 0x1}, {0x5}, {0x0, 0x3}, {0xed, 0x2}, {0x9, 0x5}, {0x0, 0x2}, {0xff, 0x5}], "35a2aab1aceeced7"}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000061) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00') write$cgroup_int(r3, &(0x7f0000000040), 0x12) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) getpeername(0xffffffffffffffff, &(0x7f00000005c0)=@xdp, &(0x7f0000000640)=0x80) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r4 = accept4(r3, &(0x7f00000000c0)=@caif=@util, &(0x7f0000000140)=0x80, 0x80000) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000180)={0x0, 'lo\x00', {0x3}, 0x101}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00000000000000002e2f66696c6530005c14c566d6b39014b4299c014a85f602fd203eb880c8ff80950de78cc3a124b5602edae6aa02c86b22840a8f68b8b261b1c38cb26a623954a23dcaa5a3c54af36b888a00fb181e5a6352996d98810000000000000006ecde65e3f456644564fa425c679c2d4ad10ba45dcc77135a3089c130334f54cb30d5"]) close_range(r5, r0, 0x0) 23:31:37 executing program 1: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xa}, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r2, r1, 0x0, 0x9bbb) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) clone3(&(0x7f0000000280)={0x1040100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x48, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x29}}}}, [@NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x40, 0x4}, {0x1f, 0x1}, {0x81, 0x1}, {0x5}, {0x0, 0x3}, {0xed, 0x2}, {0x9, 0x5}, {0x0, 0x2}, {0xff, 0x5}], "35a2aab1aceeced7"}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000061) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00') write$cgroup_int(r3, &(0x7f0000000040), 0x12) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) getpeername(0xffffffffffffffff, &(0x7f00000005c0)=@xdp, &(0x7f0000000640)=0x80) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r4 = accept4(r3, &(0x7f00000000c0)=@caif=@util, &(0x7f0000000140)=0x80, 0x80000) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000180)={0x0, 'lo\x00', {0x3}, 0x101}) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00000000000000002e2f66696c6530005c14c566d6b39014b4299c014a85f602fd203eb880c8ff80950de78cc3a124b5602edae6aa02c86b22840a8f68b8b261b1c38cb26a623954a23dcaa5a3c54af36b888a00fb181e5a6352996d98810000000000000006ecde65e3f456644564fa425c679c2d4ad10ba45dcc77135a3089c130334f54cb30d5"]) close_range(r5, r0, 0x0) 23:31:37 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x0) r2 = syz_io_uring_setup(0x52dd, &(0x7f00000001c0)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r2, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e20, 0x8, @local, 0x6}}, 0x0, 0x0, 0xb, 0x0, "f25d5fa63a0871db3e1ea082e5cad74b11fcca80a108e79d4c51260a7cbb0e7945adcb64be3b154152c5fda4b4ce20171b436e9d578a66bced58d3a2c901e9fc36793f7ebc155e53eb1efea25a010536"}, 0xd8) io_uring_enter(r5, 0x523a, 0x91c0, 0x1, &(0x7f0000000080)={[0x7]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r6, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 28) [ 1715.023253] FAULT_INJECTION: forcing a failure. [ 1715.023253] name failslab, interval 1, probability 0, space 0, times 0 [ 1715.024868] CPU: 1 PID: 9726 Comm: syz-executor.7 Not tainted 5.10.228 #1 [ 1715.025735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1715.026758] Call Trace: [ 1715.027091] dump_stack+0x107/0x167 [ 1715.027545] should_fail.cold+0x5/0xa [ 1715.028020] ? io_setup_async_msg+0xda/0x2d0 [ 1715.028568] should_failslab+0x5/0x20 [ 1715.029041] __kmalloc+0x72/0x390 [ 1715.029493] io_setup_async_msg+0xda/0x2d0 [ 1715.030021] io_recvmsg+0xc26/0xd70 [ 1715.030478] ? io_sendmsg+0x830/0x830 [ 1715.030964] ? mark_lock+0xf5/0x2df0 [ 1715.031429] ? mark_lock+0xf5/0x2df0 [ 1715.031906] ? __lockdep_reset_lock+0x180/0x180 [ 1715.032490] ? lock_acquire+0x197/0x470 [ 1715.032997] io_issue_sqe+0x3bd6/0x77b0 [ 1715.033511] ? lock_chain_count+0x20/0x20 [ 1715.034029] ? perf_trace_lock+0xac/0x490 [ 1715.034547] ? io_connect+0x610/0x610 [ 1715.035022] ? __lockdep_reset_lock+0x180/0x180 [ 1715.035607] ? lock_acquire+0x197/0x470 [ 1715.036101] ? find_held_lock+0x2c/0x110 [ 1715.036613] __io_queue_sqe+0x90/0x9d0 [ 1715.037100] ? rwlock_bug.part.0+0x90/0x90 [ 1715.037640] ? io_issue_sqe+0x77b0/0x77b0 [ 1715.038157] ? do_raw_spin_unlock+0x4f/0x220 [ 1715.038704] ? _raw_spin_unlock+0x1a/0x30 [ 1715.039221] ? io_drain_req+0x603/0xb20 [ 1715.039720] io_submit_sqes+0x44aa/0x8610 [ 1715.040258] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1715.040876] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1715.041493] ? find_held_lock+0x2c/0x110 [ 1715.042005] ? io_submit_sqes+0x8610/0x8610 [ 1715.042548] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1715.043152] ? wait_for_completion_io+0x270/0x270 [ 1715.043755] ? rcu_read_lock_any_held+0x75/0xa0 [ 1715.044337] ? vfs_write+0x354/0xb10 [ 1715.044800] ? fput_many+0x2f/0x1a0 [ 1715.045261] ? ksys_write+0x1a9/0x260 [ 1715.045741] ? __ia32_sys_read+0xb0/0xb0 [ 1715.046250] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.046904] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1715.047549] do_syscall_64+0x33/0x40 [ 1715.048016] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1715.048652] RIP: 0033:0x7fa048f33b19 [ 1715.049118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1715.051416] RSP: 002b:00007fa0464a9188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1715.052367] RAX: ffffffffffffffda RBX: 00007fa049046f60 RCX: 00007fa048f33b19 [ 1715.053266] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1715.054158] RBP: 00007fa0464a91d0 R08: 0000000000000000 R09: 0000000000000000 [ 1715.055055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1715.055942] R13: 00007ffde9f8fe1f R14: 00007fa0464a9300 R15: 0000000000022000 [ 1715.089666] FAULT_INJECTION: forcing a failure. [ 1715.089666] name failslab, interval 1, probability 0, space 0, times 0 [ 1715.091309] CPU: 0 PID: 9732 Comm: syz-executor.5 Not tainted 5.10.228 #1 [ 1715.092201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1715.093271] Call Trace: [ 1715.093624] dump_stack+0x107/0x167 [ 1715.094101] should_fail.cold+0x5/0xa [ 1715.094591] should_failslab+0x5/0x20 [ 1715.095080] __kmalloc_track_caller+0x79/0x370 [ 1715.095659] ? simple_xattr_set+0x93/0x610 [ 1715.096199] kstrdup+0x36/0x70 [ 1715.096605] simple_xattr_set+0x93/0x610 [ 1715.097131] kernfs_xattr_set+0x50/0x80 [ 1715.097658] selinux_kernfs_init_security+0x26d/0x4c0 [ 1715.098313] ? selinux_file_mprotect+0x610/0x610 [ 1715.098916] ? find_held_lock+0x2c/0x110 [ 1715.099432] ? __kernfs_new_node+0x2ad/0x860 [ 1715.099988] ? rwlock_bug.part.0+0x90/0x90 [ 1715.100523] security_kernfs_init_security+0x4e/0xb0 [ 1715.101028] FAULT_INJECTION: forcing a failure. [ 1715.101028] name failslab, interval 1, probability 0, space 0, times 0 [ 1715.101164] __kernfs_new_node+0x531/0x860 [ 1715.101183] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1715.101202] ? cpumask_next+0x1f/0x30 [ 1715.104181] ? kmemleak_alloc_percpu+0xaf/0x100 [ 1715.104766] ? pcpu_alloc+0x12a/0x1240 [ 1715.105268] kernfs_new_node+0x18d/0x250 [ 1715.105788] kernfs_create_dir_ns+0x49/0x160 [ 1715.106345] cgroup_mkdir+0x318/0xf50 [ 1715.106826] ? cgroup_destroy_locked+0x710/0x710 [ 1715.107421] kernfs_iop_mkdir+0x14d/0x1e0 [ 1715.107942] vfs_mkdir+0x493/0x750 [ 1715.108390] do_mkdirat+0x150/0x2b0 [ 1715.108846] ? user_path_create+0xf0/0xf0 [ 1715.109384] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.110040] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1715.110683] do_syscall_64+0x33/0x40 [ 1715.111149] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1715.111789] RIP: 0033:0x7f3666038b19 [ 1715.112257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1715.114570] RSP: 002b:00007f36635ae188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1715.115528] RAX: ffffffffffffffda RBX: 00007f366614bf60 RCX: 00007f3666038b19 [ 1715.116417] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005 [ 1715.117320] RBP: 00007f36635ae1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1715.118219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1715.119109] R13: 00007ffe517729bf R14: 00007f36635ae300 R15: 0000000000022000 [ 1715.120026] CPU: 1 PID: 9735 Comm: syz-executor.2 Not tainted 5.10.228 #1 [ 1715.120897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1715.121954] Call Trace: [ 1715.122295] dump_stack+0x107/0x167 [ 1715.122752] should_fail.cold+0x5/0xa [ 1715.123236] ? create_object.isra.0+0x3a/0xa20 [ 1715.123809] should_failslab+0x5/0x20 [ 1715.124292] kmem_cache_alloc+0x5b/0x310 [ 1715.124800] ? mark_held_locks+0x9e/0xe0 [ 1715.125332] create_object.isra.0+0x3a/0xa20 [ 1715.125882] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1715.126530] kmem_cache_alloc_bulk+0x168/0x320 [ 1715.127111] io_submit_sqes+0x6fe6/0x8610 [ 1715.127653] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 1715.128276] __do_sys_io_uring_enter+0x6b2/0x1890 [ 1715.128884] ? find_held_lock+0x2c/0x110 [ 1715.129422] ? io_submit_sqes+0x8610/0x8610 [ 1715.129973] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1715.130578] ? wait_for_completion_io+0x270/0x270 [ 1715.131186] ? rcu_read_lock_any_held+0x75/0xa0 [ 1715.131768] ? vfs_write+0x354/0xb10 [ 1715.132235] ? fput_many+0x2f/0x1a0 [ 1715.132690] ? ksys_write+0x1a9/0x260 [ 1715.133171] ? __ia32_sys_read+0xb0/0xb0 [ 1715.133699] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1715.134357] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1715.135004] do_syscall_64+0x33/0x40 [ 1715.135467] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1715.136109] RIP: 0033:0x7f33fff70b19 [ 1715.136573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1715.138879] RSP: 002b:00007f33fd4e6188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1715.139832] RAX: ffffffffffffffda RBX: 00007f3400083f60 RCX: 00007f33fff70b19 [ 1715.140724] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1715.141630] RBP: 00007f33fd4e61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1715.142525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1715.143417] R13: 00007ffdce05164f R14: 00007f33fd4e6300 R15: 0000000000022000 [ 1729.309835] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88801b6be8f0 (size 144): comm "syz-executor.5", pid 9732, jiffies 4296382080 (age 21.961s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 d9 aa 2a 67 00 00 00 00 ..........*g.... fb b6 c5 08 00 00 00 00 d9 aa 2a 67 00 00 00 00 ..........*g.... backtrace: [<00000000a0e3e67c>] __kernfs_iattrs+0xbc/0x470 [<00000000e0689d40>] kernfs_xattr_set+0x2b/0x80 [<00000000e6ba2825>] selinux_kernfs_init_security+0x26d/0x4c0 [<00000000fcf6e0df>] security_kernfs_init_security+0x4e/0xb0 [<00000000c29a7122>] __kernfs_new_node+0x531/0x860 [<00000000dbce7cc4>] kernfs_new_node+0x18d/0x250 [<00000000ce469b58>] kernfs_create_dir_ns+0x49/0x160 [<00000000982409ab>] cgroup_mkdir+0x318/0xf50 [<0000000060757d22>] kernfs_iop_mkdir+0x14d/0x1e0 [<00000000bfb829b3>] vfs_mkdir+0x493/0x750 [<000000009c1b585a>] do_mkdirat+0x150/0x2b0 [<00000000a64d34c1>] do_syscall_64+0x33/0x40 [<00000000cd646cae>] entry_SYSCALL_64_after_hwframe+0x67/0xd1 BUG: leak checking failed VM DIAGNOSIS: 23:31:58 Registers: info registers vcpu 0 RAX=ffffffff83e7b910 RBX=0000000000000000 RCX=ffffffff83e634ec RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e7bf18 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85677708 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7b91e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fffa9d791d0 CR3=000000001e296000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000007000000040000000300000002 XMM02=00000000000000000000000000000000 XMM03=0000000c0000000c0000000800000000 XMM04=73746e696820636578650a036873616d XMM05=786508086c61746f7420636578650a01 XMM06=7a7566206365786509006e6567206365 XMM07=74616469646e616320636578650e017a XMM08=650a00737472617473657220726f7475 XMM09=20636578650a036873616d7320636578 XMM10=61746f7420636578650a0173746e6968 XMM11=65786509006e6567206365786508086c XMM12=6e616320636578650e017a7a75662063 XMM13=69727420636578650b00657461646964 XMM14=696d696e696d20636578650d02656761 XMM15=0000736465657320636578650a01657a info registers vcpu 1 RAX=ffffffff83e7b910 RBX=0000000000000001 RCX=ffffffff83e634ec RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e7bf18 RBP=ffffed100112f000 RSP=ffff888008987e70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85677708 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7b91e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0aacabb020 CR3=000000000ea9e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e XMM02=2934343120657a697328203066386562 XMM03=3920646970202c22352e726f74756365 XMM04=2e2e2e2e2e2e2e2e2020303020303020 XMM05=64203030203030203030203030203030 XMM06=73657479622032332074737269662820 XMM07=2e313220656761282030383032383336 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000